Skip to main content

Table 1 List of attributes needed to build ABAC authorization rules to enforce policies presented in the running example (see “Running example” subsection)

From: Automated extraction of attributes from natural language attribute-based access control (ABAC) Policies

Short name Namespace Category Data type Values
Subject_type Subject Subject_cat String Nurse, lab technician, employee, patient
Object_type Object Object_cat String Lab procedure, compensation, health record
Action_type Action Action_cat String View, change, request
Rank Subject.employee Subject_cat String Senior, junior
Working_hours Subject.employee. health_professional Subject_cat String First-shift, second-shift, on-call
Status Subject.patient Subject_cat String Registered
Status Object.lab_procedure Object_cat String Approved, pending, rejected
Type Object.lab_procedure Object_cat String Follow-up
Status record Object_cat String Full
Period Object.compensation Object_cat String Long-term
  1. The qualified name format, i.e., A.B, used in the namespace column denotes the hierarchical path leading the group that contains the respective attribute