Filters








3,334 Hits in 6.7 sec

On spatio-temporal constraints and inheritance in role-based access control

Liang Chen, Jason Crampton
2008 Proceedings of the 2008 ACM symposium on Information, computer and communications security - ASIACCS '08  
between spatio-temporal constraints and inheritance in RBAC does not yet exist.  ...  Although temporal, spatial and spatio-temporal role-based access control (RBAC) models have been developed, a family of simple, expressive and flexible models that convincingly addresses the interaction  ...  No existing model has clear semantics for inheritance in the role hierarchy in the presence of spatio-temporal constraints.  ... 
doi:10.1145/1368310.1368341 dblp:conf/ccs/ChenC08 fatcat:4h6phoatqfdflbe6m3bwepmfpy

Ensuring spatio-temporal access control for real-world applications

Manachai Toahchoodee, Indrakshi Ray, Kyriakos Anastasakis, Geri Georg, Behzad Bordbar
2009 Proceedings of the 14th ACM symposium on Access control models and technologies - SACMAT '09  
Traditional access control models, such as Role-Based Access Control (RBAC), do not take into account contextual information, such as location and time, for making access decisions.  ...  This requires us to represent the application and its access control requirements in a formal specification language.  ...  Saul Lorenzo in the Department of Microbiology, Immunology and Pathology at Colorado State University for their help in formulating the access control requirements for the Dengue Decision Support system  ... 
doi:10.1145/1542207.1542212 dblp:conf/sacmat/ToahchoodeeRAGB09 fatcat:7wnweba2tjggpgvpxtxnxutdum

On the formalization and analysis of a spatio-temporal role-based access control model

Manachai Toahchoodee, Indrakshi Ray, Vijay Atluri
2011 Journal of Computer Security  
Consequently, we propose a new spatio-temporal role-based access control model that supports delegation for use in such applications.  ...  We describe how each entity in the role-based access control model is affected by time and location and propose constraints to express this.  ...  Acknowledgement This work was supported in part by AFOSR under contract number FA9550-07-1-0042.  ... 
doi:10.3233/jcs-2010-0418 fatcat:jacb4zeiyneivejtaddbgwpbpi

Specification and analysis of access control policies for mobile applications

Ramadan Abdunabi, Indrakshi Ray, Robert France
2013 Proceedings of the 18th ACM symposium on Access control models and technologies - SACMAT '13  
Towards this end, we propose a new spatio-temporal role-based access control model. It improves upon existing models by providing features that are useful for mobile applications.  ...  We discuss how such an application using our spatio-temporal access control model can be verified using the UPPAAL model checker.  ...  CONCLUSION AND FUTURE WORK We proposed a spatio-temporal access control model based on RBAC for mobile applications.  ... 
doi:10.1145/2462410.2463206 dblp:conf/sacmat/AbdunabiRF13 fatcat:ta3dueblingltml4m2e4qwfaia

Specification, Validation, and Enforcement of a Generalized Spatio-Temporal Role-Based Access Control Model

Ramadan Abdunabi, Mustafa Al-Lail, Indrakshi Ray, Robert B. France
2013 IEEE Systems Journal  
Consequently, researchers have extended the traditional access control models, such as role-based access control, to provide spatio-temporal access control.  ...  We propose an architecture for enforcing our model and provide a protocol that demonstrates how access control can be granted and revoked in our approach.  ...  Consequently, researchers have extended the traditional access control models, such as role-based access control, to provide spatio-temporal access control.  ... 
doi:10.1109/jsyst.2013.2242751 fatcat:swmrxr66snhr7avkhrsoi63eiq

On the Formal Analysis of a Spatio-temporal Role-Based Access Control Model [chapter]

Manachai Toahchoodee, Indrakshi Ray
2008 Lecture Notes in Computer Science  
Consequently, researchers have proposed various spatio-temporal access control models that are useful in pervasive computing applications.  ...  For critical applications, a model for spatio-temporal-based access control is needed that increases the security of the application and ensures that the location information cannot be exploited to cause  ...  In this paper, we illustrate how to specify and analyze properties of a spatio-temporal role-based access control model.  ... 
doi:10.1007/978-3-540-70567-3_2 fatcat:xnbvvzrknvd5no3p2qm35ihlwy

A Spatio-temporal Role-Based Access Control Model [chapter]

Indrakshi Ray, Manachai Toahchoodee
2007 Lecture Notes in Computer Science  
In this paper, we propose a spatio-temporal access control model, based on the Role-Based Access Control (RBAC) model, that is suitable for pervasive computing applications.  ...  For critical applications, a formal model for spatio-temporal-based access control is needed that increases the security of the application and ensures that the location information cannot be exploited  ...  Acknowledgement This work was supported in part by AFOSR under contract number FA9550-07-1-0042.  ... 
doi:10.1007/978-3-540-73538-0_16 fatcat:rafgja2rdzbyhmecmba3a62pdq

Verification of Spatio-Temporal Role Based Access Control using Timed Automata

Emsaieb Geepalla, Behzad Bordbar, Kozo Okano
2012 2012 IEEE 3rd International Conference on Networked Embedded Systems for Every Application (NESEA)  
The verification of Spatio-Temporal Role Based Access Control policies (STRBAC) during the early development life cycle improves the security of the software.  ...  It helps to identify inconsistencies in the Access Control policies before proceeding to other phases where the cost of fixing defects is augmented.  ...  Spatio Temporal Role Based Access Control Several Spatio-Temporal Access Control model have been presented recently to cater for the needs on many mobile application [2] , [7] , [8] , [9] .  ... 
doi:10.1109/nesea.2012.6474023 dblp:conf/nesea/GeepallaBO12 fatcat:vp6neeuogzclxp6qdhuj6fvfu4

X-STROWL: A generalized extension of XACML for context-aware spatio-temporal RBAC model with OWL

Que Nguyet Tran Thi, Tran Khanh Dang
2012 Seventh International Conference on Digital Information Management (ICDIM 2012)  
In this paper, we propose an extension of XACML called the X-STROWL model for a generalized contextaware role-based access control (RBAC) model with the support of spatio-temporal restrictions and in conformity  ...  The model also integrates the OWL ontology for semantic reasoning on hierarchical roles to simplify the specification of access control policies and increase the intelligence of the authorization decision  ...  However, the access restrictions in X-STROWL model can be designated based on spatio-temporal relations between attributes of roles, subjects, actions and resources and contextual information such as request  ... 
doi:10.1109/icdim.2012.6360113 dblp:conf/icdim/ThiD12 fatcat:hlqo7zknqra7hpr76kbhqkftn4

Using Alloy to analyse a spatio-temporal access control model supporting delegation

M. Toahchoodee, I. Ray
2009 IET Information Security  
Towards this end, researchers have proposed spatio-temporal role based access control models.  ...  This paper illustrates how the spatio-temporal role-based access control model supporting delegation can be specified and analyzed using Alloy.  ...  [6] proposed trust based access control models, based on extending RBAC, for applications where users are not known in advance.  ... 
doi:10.1049/iet-ifs.2008.0074 fatcat:bo2davx4tbbjpafkh3k7taqyge

Preserving mobile customer privacy

Mahmoud Youssef, Vijayalakshmi Atluri, Nabil R. Adam
2005 Proceedings of the 6th international conference on Mobile data management - MEM '05  
In this paper, we present a solution that includes an access control model for moving objects and customer profiles. We also present a mechanism that enforces the spatio-temporal policies.  ...  The mechanism consists of three components: a text encoder, a spatio-temporal module that computes interactions between moving objects and spatio-temporal constraints, and a new data structure referred  ...  In advanced models, an access rule can also have temporal, spatial, and spatio-temporal constraints.  ... 
doi:10.1145/1071246.1071257 dblp:conf/mdm/YoussefAA05 fatcat:xtlz24q2rjcchfh6cmjavx4xqi

Coordinated access control with temporal and spatial constraints on mobile execution in coalition environments

Song Fu, Cheng-Zhong Xu
2007 Future generations computer systems  
We extend the role-based access control model to specify and enforce our spatio-temporal constraints.  ...  However, there is a lack of formal treatment of the impact of mobility on the shared resource access control.  ...  A extended role-based access control model has been realized in Naplet and it provides the specification and enforcement mechanisms for spatio-temporal constraints.  ... 
doi:10.1016/j.future.2006.12.002 fatcat:lig5pld2vjeq3jgftpcajzjpmu

Ensuring access control in cloud provisioned healthcare systems

Hema Andal Jayaprakash Narayanan, Mehmet Hadi Gunes
2011 2011 IEEE Consumer Communications and Networking Conference (CCNC)  
In this paper, we analyze the requirements of access control for healthcare multitenant cloud systems and propose to adapt Task-Role Based Access Control with constraints such as least privilege, separation  ...  of duty, delegation of tasks, and spatial and temporal access.  ...  Delegation happens in supervision, workflow and approval classes. Spatio-Temporal Constraints: User's location and time is taken into consideration for granting access to a task.  ... 
doi:10.1109/ccnc.2011.5766466 dblp:conf/ccnc/NarayananG11 fatcat:dfnnf2w3cvcjtdwtcguy6ifzge

Spatio-temporal Schema Integration with Validation: A Practical Approach [chapter]

A. Sotnykova, N. Cullot, C. Vangenot
2005 Lecture Notes in Computer Science  
In this paper, we focus on how to employ a reasoning engine to validate spatio-temporal schemas and describe where the reasoning engine is plugged into our integration methodology.  ...  By doing so, we take advantage of the expressive power of the common data model in the source schema description and inter-schema mapping definition.  ...  The ALCRP(D) DL proposed in [6] , extends ALC(D) to build complex roles based on a role-forming predicate operator [7] .  ... 
doi:10.1007/11575863_125 fatcat:wwundowwsjfppdy6x3y3dxl4py

Database Web Application for Administering Spatio-Temporal Access Control Policies

Miguelangel Trevino, Mustafa Al Lail
2021 Zenodo  
The General Spatio-temporal Role-Based Access Control model (GSTRBAC) is a model that incorporates time and location constraints as additional factors to grant access to resources.  ...  However, the RBAC model lacks features that allow applications to determine access based on time and location, spatio-temporal information.  ...  The Role-based access control model (RBAC) is the standard access control model used by multiple organizations [1] . This model, however, is incapable of expressing time and location constraints.  ... 
doi:10.5281/zenodo.5112610 fatcat:z3v5jtuk4ve5fpxleioqj543uu
« Previous Showing results 1 — 15 out of 3,334 results