Efficient access enforcement in distributed role-based access control (RBAC) deployments
MV Tripunitara, B Carbunar - Proceedings of the 14th ACM symposium …, 2009 - dl.acm.org
Proceedings of the 14th ACM symposium on Access control models and technologies, 2009•dl.acm.org
We address the distributed setting for enforcement of a centralized Role-Based Access
Control (RBAC) protection state. We present a new approach for time-and space-efficient
access enforcement. Underlying our approach is a data structure that we call a cascade
Bloom filter. We describe our approach, provide details about the cascade Bloom filter, its
associated algorithms, soundness and completeness properties for those algorithms, and
provide an empirical validation for distributed access enforcement of RBAC. We …
Control (RBAC) protection state. We present a new approach for time-and space-efficient
access enforcement. Underlying our approach is a data structure that we call a cascade
Bloom filter. We describe our approach, provide details about the cascade Bloom filter, its
associated algorithms, soundness and completeness properties for those algorithms, and
provide an empirical validation for distributed access enforcement of RBAC. We …
We address the distributed setting for enforcement of a centralized Role-Based Access Control (RBAC) protection state. We present a new approach for time- and space-efficient access enforcement. Underlying our approach is a data structure that we call a cascade Bloom filter. We describe our approach, provide details about the cascade Bloom filter, its associated algorithms, soundness and completeness properties for those algorithms, and provide an empirical validation for distributed access enforcement of RBAC. We demonstrate that even in low-capability devices such as WiFi network access points, we can perform thousands of access checks in a second.