Dynamic Transitions of States for Context-Sensitive Access Control Decision

  • A. S. M. Kayes
  • Wenny Rahayu
  • Tharam Dillon
  • Syed Mahbub
  • Eric Pardede
  • Elizabeth Chang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11233)


Due to the proliferation of data and services in everyday life, we face challenges to ascertain all the necessary contexts and associated contextual conditions and enable applications to utilize relevant information about the contexts. The ability to control context-sensitive access to data resources has become ever more important as the form of the data varies and evolves rapidly, particularly with the development of smart Internet of Things (IoTs). This frequently results in dynamically evolving contexts. An effective way of addressing these issues is to model the dynamically changing nature of the contextual conditions and the transitions between these different dynamically evolving contexts. These contexts can be considered as different states and the transitions represented as state transitions. In this paper, we present a new framework for context-sensitive access control, to represent the dynamic changes to the contexts in real time. We introduce a state transition mechanism to model context changes that lead the transitions from initial states to target states. The mechanism is used to decide whether an access control decision is granted or denied according to the associated contextual conditions and controls data access accordingly. We introduce a Petri net model to specify the control flows for the transitions of states according to the contextual changes. A software prototype has been implemented employing our Petri net model for detection of such changes and making access control decisions accordingly. The advantages of our context-sensitive access control framework along with a Petri net model have been evaluated through two sets of experiments, especially by looking for re-evaluation of access control decisions when context changes. The experimental results show that having a state transition mechanism alongside the context-sensitive access control increases the efficiency of decision making capabilities compared to earlier approaches.


Context-sensitive access control Dynamic changes to the contextual conditions States Transitions of states Petri net model 


  1. 1.
    Weiser, M.: Some computer science issues in ubiquitous computing. Commun. ACM 36(7), 75–84 (1993)CrossRefGoogle Scholar
  2. 2.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE. Computer 29, 38–47 (1996)CrossRefGoogle Scholar
  3. 3.
    Wang, H., Cao, J., Zhang, Y.: A flexible payment scheme and its role-based access control. IEEE TKDE 17(3), 425–436 (2005)Google Scholar
  4. 4.
    Servos, D., Osborn, S.L.: Current research and open problems in attribute-based access control. ACM Comput. Surv. 49(4), 65:1–65:45 (2017)CrossRefGoogle Scholar
  5. 5.
    Joshi, J.B., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE TKDE 17(1), 4–23 (2005)Google Scholar
  6. 6.
    Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: GEO-RBAC: a spatially aware RBAC. ACM TISSEC 10(1), 2 (2007)CrossRefGoogle Scholar
  7. 7.
    Kayes, A.S.M., Han, J., Colman, A.: OntCAAC: an ontology-based approach to context-aware access control for software services. Comput. J. 58(11), 3000–3034 (2015)CrossRefGoogle Scholar
  8. 8.
    Hosseinzadeh, S., Virtanen, S., Rodríguez, N.D., Lilius, J.: A semantic security framework and context-aware role-based access control ontology for smart spaces. In: SBD@SIGMOD, pp. 1–6 (2016)Google Scholar
  9. 9.
    Kayes, A., Rahayu, W., Dillon, T., Chang, E., Han, J.: Context-aware access control with imprecise context characterization through a combined fuzzy logic and ontology-based approach. In: CoopIS 2017, vol. 10573. LNCS, pp. 132–153. Springer, Cham (2017). Scholar
  10. 10.
    Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The ponder policy specification language. In: Sloman, M., Lupu, E.C., Lobo, J. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–38. Springer, Heidelberg (2001). Scholar
  11. 11.
    Kulkarni, D., Tripathi, A.: Context-aware role-based access control in pervasive computing systems. In: SACMAT, pp. 113–122 (2008)Google Scholar
  12. 12.
    Schefer-Wenzl, S., Strembeck, M.: Modelling context-aware rbac models for mobile business processes. IJWMC 6(5), 448–462 (2013)CrossRefGoogle Scholar
  13. 13.
    Sloman, M.: Policy driven management for distributed systems. Journal of network and Systems Management 2(4), 333–360 (1994)CrossRefGoogle Scholar
  14. 14.
    Chang, E., Gautama, E., Dillon, T.S.: Extended activity diagrams for adaptive workflow modelling. In: IEEE ISORC-2001, pp. 413–419 (2001)Google Scholar
  15. 15.
    Dey, A.K.: Understanding and using context. Pers. Ubiquitous Comput. 5(1), 4–7 (2001)CrossRefGoogle Scholar
  16. 16.
    CPNTools: A tool for editing, simulating, and analyzing colored petri nets (2018).
  17. 17.
    Android-Studio-IDE: Android studio for building apps (2018).
  18. 18.
    SQLite: It is a self-contained and mostly used SQL database engine in the world (2018).
  19. 19.
    PNML: The petri net markup language (PNML) is a proposal of an XML-based interchange format for petri nets (2018).
  20. 20.
    Rissanen, E.: XACML v3.0 core and hierarchical role based access control (RBAC) profile version 1.0. In: OASIS Standard (2014).
  21. 21.
    Colombo, P., Ferrari, E.: Towards virtual private NoSQL datastores. In: ICDE, pp. 193–204. IEEE (2016)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • A. S. M. Kayes
    • 1
  • Wenny Rahayu
    • 1
  • Tharam Dillon
    • 1
  • Syed Mahbub
    • 1
  • Eric Pardede
    • 1
  • Elizabeth Chang
    • 2
  1. 1.La Trobe UniversityMelbourneAustralia
  2. 2.University of New South WalesCanberraAustralia

Personalised recommendations