KIT | KIT-Bibliothek | Impressum | Datenschutz

On Mutual Authorizations: Semantics, Integration Issues, and Performance

Suntaxi, Gabriela; El Ghazi, Aboubakr Achraf; Böhm, Klemens

Abstract:

reciprocity is a powerful determinant of human behavior. None of the existing access control models however captures this reciprocity phenomenon. In this paper, we introduce a new kind of grant, which we call mutual, to express authorizations that actually do this, i.e., users grant access to their resources only to users who allow them access to theirs. We define the syntax and semantics of mutual authorizations and show how this new grant can be included in the Role-Based Access Control model, i.e., extend RBAC with it. We use location-based services as an example to deploy mutual authorizations, and we propose two approaches to integrate them into these services. Next, we prove the soundness and analyze the complexity of both approaches. We also study how the ratio of mutual to allow and to deny authorizations affects the number of persons whose position a given person may read. These ratios may help in predicting whether users are willing to use mutual authorizations instead of deny or allow. Experiments confirm our complexity analysis and shed light on the performance of our approaches.


Volltext §
DOI: 10.5445/IR/1000093936
Veröffentlicht am 24.04.2019
Cover der Publikation
Zugehörige Institution(en) am KIT Institut für Programmstrukturen und Datenorganisation (IPD)
Publikationstyp Forschungsbericht/Preprint
Publikationsjahr 2019
Sprache Englisch
Identifikator ISSN: 2190-4782
KITopen-ID: 1000093936
Verlag Karlsruher Institut für Technologie (KIT)
Umfang 21 S.
Serie Karlsruhe Reports in Informatics ; 2019,6
Schlagwörter access control models, reciprocity, mutual authorizations
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page