Abstract
In a mobile environment, user’s physical location plays an important role in determining access to resources. However, because current moving object databases do not keep the exact location of the moving objects, but rather maintain their approximate location for reasons of minimizing the updates, the access request evaluation cannot always guarantee the intended access control policy requirements. This may be risky to the system’s security, especially for the highly sensitive resources. In this paper, we introduce an authorization model that takes the uncertainty of location measures into consideration for specifying and evaluating access control policies. An access request is granted only if the confidence level of the location predicate exceeds the predefined uncertainty threshold level specified in the policy. However, this access request evaluation is computationally expensive as it requires to evaluate a location predicate condition and may also require evaluating the entire moving object database. For reducing the cost of evaluation, in this paper, we compute lower and upper bounds (R min and R max ) on the region that minimize the region to be evaluated thereby allowing unneeded moving objects to be discarded from evaluation. We show how R min and R max can be computed and maintained, and provide algorithms to process access requests.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Active badge next generation applications, http://www.cs.agh.edu.pl/ABng/applications.html
Ardagna, C.A., Cremonini, M., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: Location Privacy Protection Through Obfuscation-based Techniques. In: IFIP TC11/WG 11.3 21st Annual Conference on Data and Applications Security (2007)
Ardagna, C.A., Cremonini, M., Damiani, E., di Vimercati, S.D.C., Samarati, P.: Supporting location-based conditions in access control policies. In: Proceedings of the 2006 ACM Symposium on Information, computer and communications security, pp. 212–222. ACM, New York (2006)
Atluri, V., Chun, S.A.: An Authorization Model for Geospatial Data. IEEE Transactions on Dependable and Secure Computing, 238–254 (2004)
Atluri, V., Chun, S.A.: A geotemporal role-based authorisation system. International Journal of Information and Computer Security 1(1), 143–168 (2007)
Atluri, V., Guo, Q.: Unified Index for Mobile Object Data and Authorizations. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 80–97. Springer, Heidelberg (2005)
Atluri, V., Shin, H.: Efficient Security Policy Enforcement in a Location Based Service Environment. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 61–76. Springer, Heidelberg (2007)
Atluri, V., Shin, H., Vaidya, J.: Efficient security policy enforcement for the mobile environment. Journal of Computer Security 16(4), 439–475 (2008)
Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: GEO-RBAC: a spatially aware RBAC. In: Proceedings of the tenth ACM symposium on Access control models and technologies, pp. 29–37. ACM, New York (2005)
Cheng, R., Kalashnikov, D.V., Prabhakar, S.: Evaluating probabilistic queries over imprecise data. In: Proceedings of the 2003 ACM SIGMOD international conference on Management of data, pp. 551–562. ACM, New York (2003)
Cheng, R., Xia, Y., Prabhakar, S., Shah, R., Vitter, J.S.: Efficient indexing methods for probabilistic threshold queries over uncertain data. In: Proceedings of the Thirtieth international conference on Very large data bases, vol. 30, pp. 876–887. VLDB Endowment (2004)
Hengartner, U., Steenkiste, P.: Access control to people location information. ACM Transactions on Information and System Security (TISSEC) 8(4), 424–456 (2005)
Horsmanheimo, S., Jormakka, H., Lähteenmäki, J.: Location-Aided Planning in Mobile Network Trial Results. Wireless Personal Communications 30(2), 207–216 (2004)
Kagal, L., Finin, T., Joshi, A.: Trust-Based Security in Pervasive Computing Environments (2001)
Liu, H., Darabi, H., Banerjee, P., Liu, J.: Survey of wireless indoor positioning techniques and systems. IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews 37(6), 1067–1080 (2007)
Pei, J., Hua, M., Tao, Y., Lin, X.: Query answering techniques on uncertain and probabilistic data: tutorial summary. In: Proceedings of the 2008 ACM SIGMOD international conference on Management of data, pp. 1357–1364. ACM, New York (2008)
Pfoser, D., Jensen, C.S.: Capturing the Uncertainty of Moving-Object Representations. In: Güting, R.H., Papadias, D., Lochovsky, F.H. (eds.) SSD 1999. LNCS, vol. 1651, pp. 111–131. Springer, Heidelberg (1999)
Ray, I., Toahchoodee, M.: A Spatio-temporal Role-Based Access Control Model. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 211–226. Springer, Heidelberg (2007)
Sistla, P.A., Wolfson, O., Chamberlain, S., Dao, S.: Querying the uncertain position of moving objects. In: Etzion, O., Jajodia, S., Sripada, S. (eds.) Dagstuhl Seminar 1997. LNCS, vol. 1399, p. 310. Springer, Heidelberg (1998)
Tao, Y., Cheng, R., Xiao, X., Ngai, W.K., Kao, B., Prabhakar, S.: Indexing multi-dimensional uncertain data with arbitrary probability density functions. In: Proceedings of the 31st international conference on Very large data bases, pp. 922–933. VLDB Endowment (2005)
Trajcevski, G., Wolfson, O., Zhang, F., Chamberlain, S.: The Geometry of Uncertainty in Moving Objects Databases. In: Jensen, C.S., Jeffery, K., Pokorný, J., Šaltenis, S., Bertino, E., Böhm, K., Jarke, M. (eds.) EDBT 2002. LNCS, vol. 2287, pp. 233–250. Springer, Heidelberg (2002)
Widom, J.: Trio: A system for integrated management of data, accuracy, and lineage. In: CIDR (2005)
Wolfson, O., Yin, H.: Accuracy and Resource Consumption in Tracking and Location Prediction. In: Hadzilacos, T., Manolopoulos, Y., Roddick, J., Theodoridis, Y. (eds.) SSTD 2003. LNCS, vol. 2750, pp. 325–343. Springer, Heidelberg (2003)
Youssef, M., Agrawala, A.: Handling samples correlation in the horus system. In: INFOCOM 2004. Twenty-third AnnualJoint Conference of the IEEE Computer and Communications Societies, vol. 2 (2004)
Youssef, M., Atluri, V., Adam, N.R.: Preserving mobile customer privacy: an access control system for moving objects and customer profiles. In: Proceedings of the 6th international conference on Mobile data management, pp. 67–76. ACM, New York (2005)
Youssef, M.A., Agrawala, A., Shankar, A.U.: WLAN location determination via clustering and probability distributions. In: IEEE PerCom. 2003, pp. 23–26 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Shin, H., Atluri, V. (2009). Spatiotemporal Access Control Enforcement under Uncertain Location Estimates. In: Gudes, E., Vaidya, J. (eds) Data and Applications Security XXIII. DBSec 2009. Lecture Notes in Computer Science, vol 5645. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03007-9_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-03007-9_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03006-2
Online ISBN: 978-3-642-03007-9
eBook Packages: Computer ScienceComputer Science (R0)