Abstract
GENI’s goal of wide-scale collaboration on infrastructure owned by independent and diverse stakeholders stresses current access control systems to the breaking point. Challenges not well addressed by current systems include, at minimum, support for distributed identity and policy management, correctness and auditability, and approachability. The Attribute Based Access Control (ABAC) system [1, 2] is an attribute-based authorization system that combines attributes using a simple reasoning system to provide authorization that (1) expresses delegation and other authorization models efficiently and scalably; (2) provides auditing information that includes both the decision and reasoning; and (3) supports multiple authentication frameworks as entry points into the attribute space. The GENI project has taken this powerful theoretical system and matured it into a form ready for practical use.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
