Abstract
A powerful and flexible authorization model should be able to cope with various security requirements. We show in this paper that we can use the Or-BAC model [1] to express security policies for spatial applications. We first add to Or-BAC the spatial predicates defined in the OpenGIS Geometry Model [2]. We then show how to model various types of spatial contexts. We finally use these spatial contexts to write security policies for spatial applications.
Keywords
This work was conducted as part of the ANR funded project under reference ANR-SESUR-2007-FLUOR.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
El-Kalam, A., El-Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miège, A., Saurel, C., Trouessin, G.: Organization Based Access Control. In: 4th IEEE International Workshop on Policies for Distributed Systems and Networks (Policy 2003). IEEE, Como (2003)
Herring, J.R.: OpenGIS(R) Implementation Specification for Geographic information - Simple feature access - Part 1: Common architecture. Open Geospatial Consortium Inc. OGC(R) 06-103r3 (2006)
Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. IEEE Computer 29, 38–47 (1996)
Moyer, M., Ahamad, M.: Generalized Role-Based Access Control. In: Proceedings of the 21st International Conference on Distributed Computing Systems. IEEE Computer Society, Los Alamitos (2001)
Park, S.-H., Han, Y.-J., Chung, T.-M.: Context-Role Based Access Control for Context-Aware Application. In: Gerndt, M., Kranzlmüller, D. (eds.) HPCC 2006. LNCS, vol. 4208, pp. 572–580. Springer, Heidelberg (2006)
Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: A temporal role-based access control model. ACM Transactions on Information and System Security (TISSEC 2001) 4, 191–233 (2001)
Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Transactions on Knowledge and Data Engineering 17, 4–23 (2005)
Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: GEO-RBAC: A spatially Aware RBAC. In: ACM Symposium on Access Control Models and Technologies (SACMAT 2005), Stockholm, Sweeden, pp. 29–37 (2005)
Atluri, V., Chun, S.A.: A geotemporal role-based authorization system. International Journal of Information and Computer Security 1, 143–168 (2007)
Cuppens, F., Miège, A.: Modeling Contexts in the Or-BAC Model. In: 19th Annual Computer Security Applications Conference (ACSAC 2003), Las Vegas, NV, USA (2003)
Cuppens, F., Cuppens-Boulahia, N.: Modeling Contextual security policies. International Journal of Information Security (IJIS 2008) 7, 285–305 (2008)
OGC: Open Geospatial Consortium Inc. - About Us (2008)
Cuppens, F., Cuppens-Boulahia, N., Miège, A.: Inheritance hierarchies in the Or-BAC model and application in a network environment. In: Second Foundation of Computer Security WorkShop (FCS 2004), Turku, Finland (2004)
Cuppens, F., Cuppens-Boulahia, N., Ghorbel, M.B.: High Level Conflict Management Strategies in Advanced Access Control Models. Electronic Notes in Theoretical Computer Science (ENTCS) 186, 3–26 (2007)
Janée, G., Frew, J., Hill, L.L.: Issues in Geo-referenced Digital Libraries. D-Lib Magazine 10 (2004)
Rigaux, P., Scholl, M., Voisard, A.: Spatial Databases with application to GIS. Elsevier, Amsterdam (2002)
Damiani, M.L., Silvestri, C.: Towards movement-aware access control. In: ACM SIGSPATIAL GIS 2008 International Workshop on Security and Privacy in GIS and LBS (SPRINGL2008), pp. 39–45. Association for Computing Machinery, Irvine (2008)
Bertino, E., Damiani, M.L., Momini, D.: An access control system for a Web map management service. In: Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for e-Commerce and e-Government Applications (RIDE 2004), pp. 33–39 (2004)
Belussi, A., Bertino, E., Catania, B., Damiani, M.L., Nucita, A.: An Authorization model for geographical maps. In: Proceedings of the 12th annual ACM International Workshop on Geographic Information Systems (RIDE 2004), Washington DC, USA, pp. 82–91 (2004)
Hansen, F., Oleshchuk, V.: SRBAC: A spatial Role-Based Access Control Model for Mobile Systems. In: 7th Nordic workshop on secure IT systems (NORDSEC 2003), Gjvik, Norway, pp. 129–141 (2003)
Matheus, A., Herrmann, J.: Geospatial eXtensible Access Control Markup Language (GeoXACML). Open Geospatial Consortium Inc. OGC(R) 07-026r2 (2008)
Gabillon, A., Capolsini, P.: DRM policies for Web Map Service. In: ACM SIGSPATIAL GIS 2008 International Workshop on Security and Privacy in GIS and LBS (SPRINGL 2008), pp. 20–29. Association for Computing Machinery, Irvine (2008)
Chandran, S.M., Joshi, J.B.D.: LoT-RBAC: A location and time-based RBAC model. In: Ngu, A.H.H., Kitsuregawa, M., Neuhold, E.J., Chung, J.-Y., Sheng, Q.Z. (eds.) WISE 2005. LNCS, vol. 3806, pp. 361–375. Springer, Heidelberg (2005)
Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: GEO-RBAC: A spatially Aware RBAC. ACM Transactions on Information Systems and Security, 1–34 (2006)
Chun, S.A., Atluri, V.: Protecting privacy from continuous high-resolution satellite surveillance. In: Proceedings of the 14th IFIP 11.3 Annual Working Conference on Database Security, Schoorl, The Netherlands, pp. 233–244 (2000)
Atluri, V., Mazzoleni, P.: A uniform indexing scheme for geo-spatial data and authorizations. In: Proceedings of the 16th IFIP WG 11.3 Conference on Data and Application Security (2002)
Atluri, V., Chun, S.A.: An authorization Model for Geospatial Data. IEEE Transactions on Dependable and Secure Computing 1, 238–254 (2004)
Autrel, F., Cuppens, F., Cuppens-Boulahia, N., Coma, C.: MotOrBAC 2: a security policy tool. In: 3rd Conference on Security in Network Architectures and Information Systems (SAR-SSI 2008), Loctudy, France, pp. 273–288 (2008)
Carroll, J.J., Dickinson, I., Dollin, C., Reynolds, D., Seaborne, A., Wilkinson, K.: Jena: Implementing the semantic web recommendations. In: Proceedings of the 13th international World Wide Web conference on Alternate track papers & posters, New York, USA, pp. 74–83 (2004)
Hergé: Destination Moon (The adventures of Tintin). Casterman (1953)
Spaccapietra, S., Parent, C., Damiani, M.L., Macedo, J.A.d., Porto, F., Vangenot, C.: A Conceptual View on Trajectories. Data and Knowledge Engineering 65, 124–146 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gabillon, A., Capolsini, P. (2010). Dynamic Security Rules for Geo Data. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., Roudier, Y. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2009 2009. Lecture Notes in Computer Science, vol 5939. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11207-2_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-11207-2_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11206-5
Online ISBN: 978-3-642-11207-2
eBook Packages: Computer ScienceComputer Science (R0)