A3BAC: Attribute-Based Access Control Model with Anonymous Access

Researchers believe that anonymous access can protect private information even if it does not store in authorization organization. The current solution supports anonymous access by using a certificate instead of a subject identity or Attribute-Based Encryption. In a solution using a certificate, access may be linked to the certificate, which poses a risk of re-identification. The encryption of objects based on attributes limits the types of objects. The ABAC with anonymous access proposed in this paper called A3BAC inherits the features of the ABAC model, such as fine-grained authorization, policy flexibility, and unlimited object types. By combining HABS, it strengthens the identity-less of ABAC, so that the access does not involve a unique identification, reducing the risk of subject identity re-identification. It is a secure anonymous access framework.