Collaborative Attribute Retrieval in Environment with Faulty Attribute Managers

Attributes describing the features of subjects, objects and of the environment are used in access and usage control models to determine the right of a subject to use an object in a given environment. Hence, it is crucial for the effective enforcement of access and usage policies that authorization systems are able to promptly retrieve the values of the required attributes from the Attribute Providers. However, sometimes attribute providers could not respond when queried by Authorization systems, because they could be temporary down or unreachable. This could affect the decision processes, causing some requests to be unduly denied or some ongoing accesses to be unduly interrupted. This paper proposes a strategy that can be adopted by an Authorization system to estimate the value of the attributes it requires when the corresponding attribute providers are not responding. This strategy leverages on the collaboration of the other Authorization systems which exploit the same attribute providers, and which could have cached a value for the required attributes. We validate the presented approach through a set of simulative experiments which consider the presence of malicious authorization systems in the cooperative environment.