A new approach to ranking attributes in attribute based access control using decision fusion

Abstract

Nowadays access control has an important role in management of access to system resources. Almost all of the current attribute based access control (ABAC) models do not meet all the operational needs in access decision while it absolutely will be an important role in the future access control models. We believe that meeting the operational need in missions is necessary in ranking the attributes which are existed in the access control policies. In this paper we propose a new approach that helps to enhance ABAC. It creates the quantitative capability which we named it quantitative ABAC and is based on decision fusion. We determine the attributes which have the most important role in the enterprises access management. Then, the experts consider and prioritize the attributes to determine which of attributes are more important than others. In the other word, we provide the weights as the importance of access control attributes based on decision-makers’ viewpoints by utilizing ordered weighted averaging for the proposed prioritization. As the result of this research, it is possible that if there are some corrected values with high ranking among N parameters in attributes, the permission may be granted. The case study considerations show that decision fusion can be useful in solving some challenges of risk adaptable access control models. This enables policy-makers to manage and control the system resources more accurately and flexibility in integrated and complex systems. The results of this study could be useful in integrated environments such as c4i systems.