Graph Model Implementation of Attribute-Based Access Control Policies

Abstract

Attribute-based access control (ABAC) promises a powerful way of formalizing access policies in support of a wide range of access management scenarios. Efficient implementation of ABAC in its general form is still a challenge, especially when addressing the complexity of privacy regulations and access management required to support the explosive growth of social and IoT networks. In this paper, we introduce a graph model implementation for expressing and evaluating access policies and illustrate a sample use-case implementation over Neo4 Graph Database. Graph databases excel at querying connected data and hence can evaluate complex policies efficiently via graph traversal algorithms.