From ABAC to ZBAC: The Evolution of Access Control Models

Abstract

Several attempts at using the Services Oriented Architecture (SOA) have failed to achieve their goals of scalability, security, and manageability. These systems, which base access decisions on the authentication of the requester, have been found to be inflexible, do not scale well, and are difficult to use and upgrade. In this paper we describe how access control models have evolved to solve manageability problems as the systems we used have scaled up in size and as they have become more distributed. We then introduce an approach to access control that solves the problems we see today and show that this approach is a natural extension of previous methods.


AUTHORS

Virus Safe Computing Group, HP Labs

Alan Karp is a principal scientist in the Virus Safe Computing Group at HP Labs. Formerly he was senior technical contributor and chief scientist at HP's E-speak Operation. A member of the Institute of Electrical and Electronics Engineers and the Association for Computing Machinery, Dr. Karp has served on the editorial boards of numerous scientific journals.

NuParadigm Companies

Harry Haury, CEO of NuParadigm Companies, has worked for over a decade in conjunction with DARPA, NSA, Navy, DISA, OSD, OSD-NII, Mitre, Sandia National Laboratories, DHS, Hewlett Packard, Booze Allen Hamilton, General Dynamics, QINETIQ, Northrop Grumman, and SpaWar Systems Centers. He is a voting member of OASIS, member of the PKI, Key Management, XACML and other TCs. Harry is a top 5, finalist in the 2009 Paper Contest sponsored by NRL on cyber-security.

SPAWAR Headquarters,U.S. Navy

Mike Davis is a Chief Systems Engineer at SPAWAR Headquarters (U.S. Navy), where he recently completed a tour as the senior information assurance technical warrant. He currently serves as the San Diego ISSA vice president, technical advisor for "The Security Networks," and local INCOSE chapter technology vice president. Mike has over 20 years experience in IT/Security technical and operational leadership positions.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.871.3949
  • jiw@gbpts.com