Scheduled System Maintenance:
Some services will be unavailable Sunday, March 29th through Monday, March 30th. We apologize for the inconvenience.
By Topic

Challenges of “operationalizing” dynamic system access control: Transitioning from ABAC to RAdAC

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

The purchase and pricing options are temporarily unavailable. Please try again later.
2 Author(s)
Farroha, B. ; Dept. of Defense, Fort Meade, MD, USA ; Farroha, D.

While the DoD has a strong identity and credential management foundation, much work remains to achieve the DoD access control vision of providing dynamic access control with appropriate granularity. Ongoing access control investments are transitioning from administrators manually provisioning of user accounts to Attribute-Based Access Control (ABAC) capabilities. While this offers significant operational benefits over manual provisioning, ABAC capabilities must evolve. A limiting factor of the ABAC method is its reliance on the availability of authoritative attributes, and the need for access control policies that focus on specific access requests and still result in desired enterprise-wide operations. In today's DoD mission and business environments, there is a compelling need to provide authorized users, both anticipated and unanticipated, access to sensitive and classified enterprise information and the resources they need, when and where they need it, while preventing disclosure or exploitation by malicious insiders and other adversaries access to the same information. To meet this challenge, a DoD-wide Dynamic Access Management capability is needed by combining ABAC with risk management to achieve Risk Adaptive Access Control (RAdAC).

Published in:

Systems Conference (SysCon), 2012 IEEE International

Date of Conference:

19-22 March 2012