Attribute-based access control for the transmission of representative states
The ABAC4REST project deals with the efficient design of attribute-based access control for RESTful services.
Attribute-based access control enables the design of flexible and multi-variant access policies, which is why it is a promising candidate to become the dominant access control model of the future. The current state of the art is mainly based on generic mechanisms that implement the attribute-based model and use compositional evaluation mechanisms.
In the ABAC4REST project, the suitability of index-based evaluation mechanisms compared to compositional mechanisms is being investigated in particular. Index-based evaluation mechanisms can be used in environments that use unique keys within an interaction. Interaction with RESTful services, for example, is based on the use of unique addresses (URIs), among other things. These keys can be used to map index-based procedures that enable more efficient evaluation. This is particularly interesting for large amounts of data. In addition to investigating index-based evaluation mechanisms, the aim of the project is to develop a suitable language and an associated interpreter.
