La Trobe

Securing cross-domain data access with decentralized attribute-based access control

journal contribution
posted on 2025-04-02, 05:03 authored by Ahmad Salehi ShahrakiAhmad Salehi Shahraki, Carsten Rudolph, Hooman AlavizadehHooman Alavizadeh, A S M KayesA S M Kayes, Wenny RahayuWenny Rahayu, Zahir Tari

In attribute-based access control (ABAC), access to resources depends on the specific attributes of the entity requesting access. Existing ABAC models primarily depend on local attribute authorities to define and confirm attributes, which makes it challenging to support access decisions cross-domains without introducing centralization. Centralized solutions often conflict with individual domains’ security, privacy, and control requirements and, if compromised for any reason, can impact access to large datasets across participating domains. This paper introduces a novel access control model for cross-domain environments that significantly reduces central control. Our decentralized ABAC (D-ABAC) model uses group signature techniques to exchange attribute information securely and privately within cross-domains. Each domain maintains its own policies and attribute authorities, reducing the need for global trust or centralization to mutual trust between attribute authorities. We further design and implement a proof-of-concept system to demonstrate the practical feasibility of our proposed system for the collaborative and secure sharing of healthcare data in cross-domain environments. The proposed system model enhances security, scalability, and privacy in cross-domain settings, making it suitable for sensitive environments such as healthcare.

History

Publication Date

2025-06-01

Journal

Ad Hoc Networks

Volume

173

Article Number

103807

Pagination

15p.

Publisher

Elsevier

ISSN

1570-8705

Rights Statement

© 2025 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/).

Usage metrics

    Journal Articles

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC