Skip to main content
SpringerLink
Log in

Geo-Social-RBAC: A Location-Based Socially Aware Access Control Framework

  • Conference paper
Network and System Security (NSS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8792))

Included in the following conference series:

Abstract

The ubiquity of low-cost GPS-enabled mobile devices and the proliferation of online social networks have enabled the collection of rich geo-social information that includes the whereabouts of the users and their social connections. This information can be used to provide a rich set of access control policies that ensure that resources are utilized securely. Existing literature focuses on providing access control systems that control the access solely based on either the location of the users or their social connections. In this paper, we argue that a number of real-world applications demand an access control model that effectively captures both the geographic as well as the social dimensions of the users in a given location. We propose, Geo-social-RBAC, a new role based access control model that allows the inclusion of geo-social constraints as part of the access control policy. Our model, besides capturing the locations of a user requesting access and her social connections, includes geo-social cardinality constraints that dictate how many people related by a particular social relation need to be present in the required locations at the time of an access. The model also allows specification of geo-social and location trace constraints that may be used to dictate if an access needs to be granted or denied.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Opengis simple features specification for sql, tech. report ogc 99-049. Technical report, OpenGIS Consortium (1999)

    Google Scholar 

  2. Baracaldo, N., Joshi, J.: An adaptive risk management and access control framework to mitigate insider threats. Computers & Security 39, 237–254 (2013)

    Article  Google Scholar 

  3. Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: Geo-rbac: a spatially aware rbac. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies, pp. 29–37. ACM (2005)

    Google Scholar 

  4. Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.: A semantic web based framework for social network access control. In: Proc. of the 14th SACMAT, pp. 177–186. ACM (2009)

    Google Scholar 

  5. Chandran, S.M., Joshi, J.B.D.: LoT-RBAC: A location and time-based RBAC model. In: Ngu, A.H.H., Kitsuregawa, M., Neuhold, E.J., Chung, J.-Y., Sheng, Q.Z. (eds.) WISE 2005. LNCS, vol. 3806, pp. 361–375. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  6. Covington, M.J., Long, W., Srinivasan, S., Dev, A.K., Ahamad, M., Abowd, G.D.: Securing context-aware applications using environment roles. In: Proc. of the 6th SACMAT, pp. 10–20. ACM (2001)

    Google Scholar 

  7. Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed nist standard for role-based access control. ACM Trans. Inf. Syst. Secur. 4, 224–274 (2001)

    Article  Google Scholar 

  8. Fong, P.W.: Relationship-based access control: protection model and policy language. In: Proc. of the First ACM Conference on Data and Application Security and Privacy, pp. 191–202. ACM (2011)

    Google Scholar 

  9. Gupta, A., Kirkpatrick, M.S., Bertino, E.: A formal proximity model for rbac systems. Computers & Security (2013)

    Google Scholar 

  10. Kirkpatrick, M.S., Damiani, M.L., Bertino, E.: Prox-rbac: a proximity-based spatially aware rbac. In: Proc. of the 19th ACM SIGSPATIAL Int. Conf. on Advances in Geographic Information Systems (2011)

    Google Scholar 

  11. Ray, I., Kumar, M., Yu, L.: LRBAC: A location-aware role-based access control model. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, pp. 147–161. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  12. Osborn, Q.M.S., Sandhu, R.: Configuring role-based access control to enforce mandatory and discretionary access control policies. In: ACM Transaction on Information and System Security (2000)

    Google Scholar 

  13. Sandhu, R.: Role activation hierarchies. In: Proceedings of 3rd ACM Workshop on Role-Based Access Control (1998)

    Google Scholar 

  14. Tarameshloo, E., Fong, P.: Access control models for geo-social computing systems. In: SACMAT (2014)

    Google Scholar 

  15. Thomas, R.K.: Team-based access control (tmac): a primitive for applying role-based access controls in collaborative environments. In: Proc. of the 2nd ACM Workshop on Role-Based Access Control (1997)

    Google Scholar 

  16. Toahchoodee, M., Ray, I., McConnell, R.M.: Using graph theory to represent a spatio-temporal role-based access control model. Int. Journal of Next-Generation Computing (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Sciences, University of Pittsburgh, USA

    Nathalie Baracaldo, Balaji Palanisamy & James Joshi

Authors
  1. Nathalie Baracaldo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Balaji Palanisamy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. James Joshi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computing, Hong Kong Polytechnic University, Hung Hom, Kowloon, Hong Kong

    Man Ho Au

  2. Department of Computer Science and Communication, University of Insubria, Via Mazzini, 5, 21100, Varese, Italy

    Barbara Carminati

  3. Ming Hsieh Department of Electrical Engineering, University of Southern California, 3740 McClintock Avenue, EEB 100, 90089-2560, Los Angeles, CA, USA

    C.-C. Jay Kuo

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Baracaldo, N., Palanisamy, B., Joshi, J. (2014). Geo-Social-RBAC: A Location-Based Socially Aware Access Control Framework. In: Au, M.H., Carminati, B., Kuo, CC.J. (eds) Network and System Security. NSS 2015. Lecture Notes in Computer Science, vol 8792. Springer, Cham. https://doi.org/10.1007/978-3-319-11698-3_39

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-11698-3_39

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-11697-6

  • Online ISBN: 978-3-319-11698-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation