ETSI - TS 103 532
CYBER; Attribute Based Encryption for Attribute Based Access Control
Organization: | ETSI |
Publication Date: | 1 May 2021 |
Status: | active |
Page Count: | 97 |
scope:
The present document specifies trust models, functions and protocols using attribute based encryption as a foundation of an attribute based access control scheme. It covers both the Ciphertext-Policy (CP-ABE) and Key-Policy (KP-ABE) variants of Attribute-Based Encryption.
The specifications address the following aspects:
• Identification of an ABE scheme covering both the Ciphertext-Policy and Key-Policy variants.
• Definition of interactions between the data sources, the service providers and the authority releasing attributes and key material.
• Mechanisms for keys, policies, and attributes distribution.
• Mechanisms for secret key expiration and revocation.
• Definition of semantics for a basic set of attributes to ensure interoperability.
• Mapping to a standard Public Key Infrastructure X.509.
• Mapping to a standard assertion protocol (SAML).
• Definition of a policy schema for data access control.
• Identification of limitations compared to traditional ABAC features.
• Translation rules to XACML.
• Definition of new protocol bindings when existing bindings do not cover the deployment scenario (e.g. a CoAP binding for the IoT case).