ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Towards movement-aware access control
Full text PdfPdf (822 KB)
Source
Geographic Information Systems archive
Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS table of contents
Irvine, California
SESSION: Access control model for GIS and pervasive environments table of contents
Pages 39-45  
Year of Publication: 2008
ISBN:978-1-60558-324-2
Authors
Maria Luisa Damiani  University of Milan(I)
Claudio Silvestri  University of Milan(I)
Sponsors
SIGSPATIAL : ACM Special Interest Group on Spatial Information
CERIAS : The Center for Education and Research in Information Assurance and Security
OCR : IBM Open Collaboartive Research Initiative
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 20,   Downloads (12 Months): 116,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1503402.1503410
What is a DOI?

ABSTRACT

The objective of spatially-aware access control models is to regulate the access to protected objects based on position information. In that last years, increasing attention has been paid to spatially-aware access control models for mobile and pervasive applications. Following the experience of design of the GEO-RBAC model, in this paper we want to look at those models with a critical eye and point out open conceptual and architectural challenges. In this paper, we first discuss architectural issues related to the development of a multi-domain access control system based on GEO-RBAC. Then we present the guidelines of a novel and space-centric modeling framework which aims at overcoming the conceptual limitations of the present model and similar solutions.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
S. Aich, S. Sural, and A. K. Majumdar. STARBAC: Spatio temporal Role Based Access Control. In OTM Conferences, 2007.
 
2
Jalal Al-Muhtadi , Raquel Hill , Roy Campbell , M. Dennis Mickunas, Context and Location-Aware Encryption for Pervasive Computing Environments, Proceedings of the 4th annual IEEE international conference on Pervasive Computing and Communications Workshops, p.283, March 13-17, 2006  [doi>10.1109/PERCOMW.2006.33]
3
Mikhail J. Atallah , Marina Blanton , Keith B. Frikken, Efficient techniques for realizing geo-spatial access control, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore  [doi>10.1145/1229285.1229301]
 
4
T. Berfall. Mobility versus security-getting the balance right. http://www.bcs.org/server.php?show=ConWebDoc.3057, 2006. Last visit: Sept. 2007.
 
5
E. Bertino, S. Calo, H. Chen, N. Li, T. Li, J. Lobo, I. Molloy, and Q. Wang. Some Usability Considerations in Access Control Systems. In Proc. Symposium On Usable Privacy and Security (SOUPS), 2008.
 
6
Rafae Bhatti , Maria Luisa Damiani , David W. Bettis , Elisa Bertino, Policy Mapper: Administering Location-Based Access-Control Policies, IEEE Internet Computing, v.12 n.2, p.38-45, March 2008  [doi>10.1109/MIC.2008.40]
7
Rafae Bhatti , Arif Ghafoor , Elisa Bertino , James B. D. Joshi, X-GTRBAC: an XML-based policy specification framework and architecture for enterprise-wide access control, ACM Transactions on Information and System Security (TISSEC), v.8 n.2, p.187-227, May 2005  [doi>10.1145/1065545.1065547]
8
Rafae Bhatti , Basit Shafiq , Elisa Bertino , Arif Ghafoor , James B. D. Joshi, X-gtrbac admin: A decentralized administration model for enterprise-wide access control, ACM Transactions on Information and System Security (TISSEC), v.8 n.4, p.388-423, November 2005  [doi>10.1145/1108906.1108909]
 
9
U. C. Bureau. http://www.census.gov/geo/www/tiger/.
 
10
Y. Cho and L. Bao. Secure access control for location-based applications in wlan systems. In Mobile Adhoc and Sensor Systems (MASS), 2006 IEEE International Conference on, pages 852--857, 2006.
 
11
M. Damiani and E. Bertino. Access Control Systems for Geo-spatial Data and Applications. In E. Ferrari, A. Belussi, B. Catania, and E. Clementini, editors, Spatial Data on the Web: Modeling and Management. Springer, 2007.
 
12
Maria Luisa Damiani , Elisa Bertino , Claudio Silvestri, Approach to Supporting Continuity of Usage in Location-Based Access Control, Proceedings of the 2008 12th IEEE International Workshop on Future Trends of Distributed Computing Systems, p.199-205, October 21-23, 2008  [doi>10.1109/FTDCS.2008.17]
13
Maria Luisa Damiani , Elisa Bertino , Barbara Catania , Paolo Perlasca, GEO-RBAC: A spatially aware RBAC, ACM Transactions on Information and System Security (TISSEC), v.10 n.1, p.2-es, February 2007  [doi>10.1145/1210263.1210265]
 
14
Maria Luisa Damiani , Elisa Bertino , Claudio Silvestri, Spatial Domains for the Administration of Location-based Access Control Policies, Journal of Network and Systems Management, v.16 n.3, p.277-302, September 2008  [doi>10.1007/s10922-008-9106-0]
 
15
Nicodemos Damianou , Naranker Dulay , Emil Lupu , Morris Sloman, The Ponder Policy Specification Language, Proceedings of the International Workshop on Policies for Distributed Systems and Networks, p.18-38, January 29-31, 2001
 
16
D. E. Denning and F. MacDoran. Location-Based Authentication: Grounding Cyberspace for Better Security. Computer Fraud and Security, Elsevier Science Ltd., February 1996.
17
T. Finin , A. Joshi , L. Kagal , J. Niu , R. Sandhu , W. Winsborough , B. Thuraisingham, ROWLBAC: representing role based access control in OWL, Proceedings of the 13th ACM symposium on Access control models and technologies, June 11-13, 2008, Estes Park, CO, USA  [doi>10.1145/1377836.1377849]
 
18
M. Ge and S. L. Osborn. A Design for Parameterized Roles. In F. C. and S. P., editors, Research Directions in Data and Applications Security XVIII, IFIP TC11/WG 11.3 Eighteenth Annual Conference on Data and Applications Security, 2004.
19
Luigi Giuri , Pietro Iglio, Role templates for content-based access control, Proceedings of the second ACM workshop on Role-based access control, p.153-159, November 06-07, 1997, Fairfax, Virginia, United States  [doi>10.1145/266741.266773]
 
20
Jeffrey Hightower , Gaetano Borriello, Location Systems for Ubiquitous Computing, Computer, v.34 n.8, p.57-66, August 2001  [doi>10.1109/2.940014]
 
21
M. Hilty, A. Pretschner, D. A. Basin, C. Schaefer, and T. Walter. A policy language for distributed usage control. In ESORICS, pages 531--546, 2007.
 
22
Joengmin Hwang , Tian He , Yongdae Kim, Secure localization with phantom node detection, Ad Hoc Networks, v.6 n.7, p.1031-1050, September, 2008  [doi>10.1016/j.adhoc.2007.10.005]
 
23
James B. D. Joshi , Elisa Bertino , Usman Latif , Arif Ghafoor, A Generalized Temporal Role-Based Access Control Model, IEEE Transactions on Knowledge and Data Engineering, v.17 n.1, p.4-23, January 2005  [doi>10.1109/TKDE.2005.1]
24
Devdatta Kulkarni , Anand Tripathi, Context-aware role-based access control in pervasive computing systems, Proceedings of the 13th ACM symposium on Access control models and technologies, June 11-13, 2008, Estes Park, CO, USA  [doi>10.1145/1377836.1377854]
 
25
M. Kumar and R. Newman. STRBAC - An approach towards spatio-temporal role-based access control. In Communication, Network, and Information Security, pages 150--155, 2006.
 
26
Adam Muhlbauer , Reihaneh Safavi-Naini , Farzad Salim , Nicholas Paul Sheppard , Martin Surminen, Location constraints in digital rights management, Computer Communications, v.31 n.6, p.1173-1180, April, 2008  [doi>10.1016/j.comcom.2008.01.008]
 
27
OASIS. eXtensible Access Control Markup Language (XACML). www.oasis-open.org/committees/xacml/.
28
Naveen Sastry , Umesh Shankar , David Wagner, Secure verification of location claims, Proceedings of the 2nd ACM workshop on Wireless security, September 19-19, 2003, San Diego, CA, USA  [doi>10.1145/941311.941313]
29
Zhengdao Xu , Arno Jacobsen, Adaptive location constraint processing, Proceedings of the 2007 ACM SIGMOD international conference on Management of data, June 11-14, 2007, Beijing, China  [doi>10.1145/1247480.1247545]
30
Xinwen Zhang , Francesco Parisi-Presicce , Ravi Sandhu , Jaehong Park, Formal model and policy specification of usage control, ACM Transactions on Information and System Security (TISSEC), v.8 n.4, p.351-387, November 2005  [doi>10.1145/1108906.1108908]

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.8 Database applications
          Subjects: Spatial databases and GIS

Additional Classification:
  K. Computing Milieux
  K.4 COMPUTERS AND SOCIETY
      K.4.1 Public Policy Issues
          Subjects: Privacy
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)


General Terms:
Legal Aspects, Management, Security, Theory


Keywords:
GIS, geospatial data, privacy, security

Collaborative Colleagues:
Maria Luisa Damiani: colleagues
Claudio Silvestri: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player