XML-based policy specification framework for spatiotemporal access control

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

XML-based policy specification framework for spatiotemporal access control

Full text

Pdf (338 KB)

Source

International Conference on Security of Information and Networks archive
Proceedings of the 2nd international conference on Security of information and networks table of contents

North Cyprus, Turkey

SESSION: SI.3 SI: security and integrity management and models table of contents

Pages 98-103

Year of Publication: 2009

ISBN:978-1-60558-412-6

Authors

Samrat Mondal	Indian Institute of Technology, Kharagpur, Kharagpur, India
Shamik Sural	Indian Institute of Technology, Kharagpur, Kharagpur, India

Sponsor

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 13, Downloads (12 Months): 13, Citation Count: 0

Additional Information:

abstract references index terms

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1626195.1626220 What is a DOI?

ABSTRACT

Role based access control (RBAC) is an established paradigm in current enterprise resource protection environment. However, with the proliferation of mobile computing, it is being frequently observed that the RBAC access decision is directly influenced by the spatiotemporal context of both the subjects and the objects in the system. Currently, there exists few models which can handle spatiotemporal security policy on top of the classical RBAC. In this paper, an XML based policy specification framework is proposed for a spatiotemporal RBAC model. The framework is built on top of a spatiotemporal RBAC model known as ESTARBAC. It incorporates different constraints such as role hierarchy, separation of duty and cardinality, along with other constraints dependent on spatiotemporal conditions. The underlying model supports spatiotemporal role and permission extents. Use of such extents allows to specify a wide variety of spatiotemporal access control policies. The framework facilitates the administration task of a large organization by providing a convenient and efficient way of managing access control policies.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	XML. http://www.w3c.org/XML.
	2	XML coverpages: SAML 1.0 specification. http://xml.coverpages.org/ni2003-05-27-b.html, 2003.
	3	XML coverpages: XACML 1.0 specification. http://xml.coverpages.org/ni2003-02-11-a.html, 2003.
	4	Aich, S. Development of spatiotemporal role based access control models. MS Thesis, IIT Kharagpur, India, 2009.
	5	Aich, S., Mondal, S., Sural, S., and Majumdar, A.K. Role based access control with spatiotemporal context for mobile applications. Springer Transactions on Computational Science 4 (2009), 177--199.
	6	Aich, S., Sural, S., and Majumdar, A.K. STARBAC: Spatiotemporal role based access control. In Information Security Conference, LNCS, Springer-Verlag (November 2007), pp. 1567--1582.
	7	Atluri, V., and Chun, S.A. An authorization model for geospatial data. IEEE Transactions on Dependable and Secure Computing 1, 4 (2004), 238--254.
	8	Atluri, V., and Chun, S.A. A geotemporal role based authorization system. International Journal of Information and Computer Security 1, 1-2 (2007), 143--168.
	9	Bertino, E., Bettini, C., Ferrari, E., and Samarati, P. An access control model supporting periodicity constraints and temporal reasoning. ACM Transactions on Database Systems 23, 3 (September 1998), 231--285.
	10	Bertino, E., Bonatti, P., and Ferrari, E. TRBAC: A temporal role based access control model. ACM Transactions on Information and System Security 4, 3 (August 2001), 191--233.
	11	Bhatti, R., Ghafoor, A., and Bertino, E. X-GTRBAC: An XML based policy specification framework and architecture for enterprise wide access control. ACM Transactions on Information and Systems Security 8, 2 (May 2005), 187--227.
	12	Bhatti, R., Joshi, J.B.D., Bertino, E., and Ghafoor, A. X-GTRBAC Admin: A decentralized administration model for enterprise wide access control. ACM Transactions on Information and System Security 8, 4 (November 2005), 388--423.
	13	Covington, M.V., Long, W., Srinivasan, S., Dey, A.K., Ahamad, M., and Abowd, G. D. Securing context-aware applications using environment roles. In ACM Symposium on Access Control Models and Technologies (2001), pp. 10--20.
	14	Damiani, M.L., Bertino, E., Catania, B., and Perlasca, P. GEO-RBAC, A spatially aware RBAC. ACM Transactions on Information and Systems Security 10, 1 (February 2007).
	15	Ferraiolo, D.F., Sandhu, R., Gavrila, S., Khun, D.R., and Chandramouli, R. Proposed NIST standard for role based access control. ACM Transactions on Information and System Security 4, 3 (August 2001), 224--274.
	16	Joshi, J., Bertino, E., Latif, U., and Ghafoor, A. A generalized temporal role-based access control model. IEEE Transactions on Knowledge and Data Engineering 17, 1 (January 2005), 4--23.
	17	Ray, I., and Toahchoodee, M. A spatio temporal role based access control model. In 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security (Jul 2007), pp. 211--226.
	18	Samuel, A., Ghafoor, A., and Bertino, E. A framework for specification and verification of generalized spatio-temporal role based access control model. In CERIAS Tech Report 2007-08, Purdue University, West Lafayette (2007).
	19	Sandhu, R., Coyne, E., Feinstein, H., and Youman, C. Role based access control models. IEEE Computer 29, 2 (February 1996), 38--47.
	20	Vuong, N.N., Smith, G.S., and Deng, Y. Managing security policies in a distributed environment using eXtensible markup language (XML). In Symposium on Applied Computing (March 2001), pp. 405--411.