Return to search

A Statistically Rigorous Evaluation of the Cascade Bloom Filter for Distributed Access Enforcement in Role-Based Access Control (RBAC) Systems

We consider the distributed access enforcement problem for Role-Based
Access Control (RBAC) systems. Such enforcement has become important
with RBAC’s increasing adoption, and the proliferation of data that
needs to be protected. Our particular interest is in the evaluation of a
new data structure that has recently been proposed for enforcement: the
Cascade Bloom Filter. The Cascade Bloom Filter is an extension of the
Bloom filter, and provides for time- and space-efficient encodings of
sets. We compare the Cascade Bloom Filter to the Bloom Filter, and
another approach called Authorization Recycling that has been proposed
for distributed access enforcement in RBAC. One of the challenges we
address is the lack of a benchmark: we propose and justify a benchmark
for the assessment. Also, we adopt a statistically rigorous approach for
empirical assessment from recent work. We present our results for time-
and space-efficiency based on our benchmark. We demonstrate that, of the
three data structures that we consider, the Cascade Bloom Filter scales the
best with the number of RBAC sessions from the standpoints of time- and
space-efficiency.

Identiferoai:union.ndltd.org:LACETR/oai:collectionscanada.gc.ca:OWTU.10012/5747
Date January 2010
CreatorsZitouni, Toufik
Source SetsLibrary and Archives Canada ETDs Repository / Centre d'archives des thèses électroniques de Bibliothèque et Archives Canada
LanguageEnglish
Detected LanguageEnglish
TypeThesis or Dissertation

Page generated in 0.002 seconds