Graph Model Implementation of Attribute-Based Access Control Policies
This addresses access management problems in domains with complex policies, such as social and IoT networks, but appears incremental as it applies existing graph database techniques to ABAC.
The paper tackles the challenge of efficiently implementing general attribute-based access control (ABAC) policies, especially for complex scenarios like privacy regulations and social/IoT networks, by introducing a graph model implementation that uses graph traversal algorithms in Neo4j for evaluation.
Attribute-based access control (ABAC) promises a powerful way of formalizing access policies in support of a wide range of access management scenarios. Efficient implementation of ABAC in its general form is still a challenge, especially when addressing the complexity of privacy regulations and access management required to support the explosive growth of social and IoT networks. In this paper, we introduce a graph model implementation for expressing and evaluating access policies and illustrate a sample use-case implementation over Neo4 Graph Database. Graph databases excel at querying connected data and hence can evaluate complex policies efficiently via graph traversal algorithms.