A Context-Aware Access Control Framework for Software Services

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8377)


In the present age, context-awareness is an important aspect of the dynamic environments and the different types of dynamic context information bring new challenges to access control systems. Therefore, the need for the new access control frameworks to link their decision making abilities with the context-awareness capabilities have become increasingly significant. The main goal of this research is to develop a new access control framework that is capable of providing secure access to information resources or software services in a context-aware manner. Towards this goal, we propose a new semantic policy framework that extends the basic role-based access control (RBAC) approach with both dynamic associations of user-role and role-service capabilities. We also introduce a context model in modelling the basic and high-level context information relevant to access control. In addition, a situation can be determined on the fly so as to combine the relevant states of the entities and the purpose or user’s intention in accessing the services. For this purpose, we can propose a situation model in modelling the purpose-oriented situations. Finally we need a policy model that will let the users to access resources or services when certain dynamically changing conditions (using context and situation information) are satisfied.


Context-awareness context context-aware access control situation situation-aware access control access control policy 


  1. 1.
    Bettini, C., Brdiczka, O., Henricksen, K., Indulska, J., Nicklas, D., Ranganathan, A., Riboni, D.: A survey of context modelling and reasoning techniques. Pervasive and Mobile Computing 6, 161–180 (2010)CrossRefGoogle Scholar
  2. 2.
    Byun, J.W., Li, N.: Purpose based access control for privacy protection in relational database systems. The VLDB Journal 17(4), 603–619 (2008)CrossRefGoogle Scholar
  3. 3.
    Chandran, S.M., Joshi, J.B.D.: LoT-RBAC: A location and time-based rbac model. In: Ngu, A.H.H., Kitsuregawa, M., Neuhold, E.J., Chung, J.-Y., Sheng, Q.Z. (eds.) WISE 2005. LNCS, vol. 3806, pp. 361–375. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Dimitropoulos, L.L.: Privacy and security solutions for interoperable health information exchange: nationwide summary. AHRQ Publication (2007)Google Scholar
  5. 5.
    He, Z., Wu, L., Li, H., Lai, H., Hong, Z.: Semantics-based access control approach for web service. JCP 6, 1152–1161 (2011)Google Scholar
  6. 6.
    Huang, J., Nicol, D.M., Bobba, R., Huh, J.H.: A framework integrating attribute-based policies into role-based access control. In: SACMAT, pp. 187–196 (2012)Google Scholar
  7. 7.
    Kayes, A.S.M., Han, J., Colman, A.: ICAF: A context-aware framework for access control. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 442–449. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  8. 8.
    Kayes, A.S.M., Han, J., Colman, A.: An ontology-based approach to context-aware access control for software services. In: Lin, X., Manolopoulos, Y., Srivastava, D., Huang, G. (eds.) WISE 2013, Part I. LNCS, vol. 8180, pp. 410–420. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  9. 9.
    Kayes, A.S.M., Han, J., Colman, A.: A semantic policy framework for context-aware access control applications. In: TrustCom, pp. 753–762 (2013)Google Scholar
  10. 10.
    Lee, A.J., Winslett, M., Basney, J., Welch, V.: The traust authorization service. ACM Trans. Inf. Syst. Secur. 11(1), 2:1–2:33 (2008)Google Scholar
  11. 11.
    O’Connor, A.C., Loomis, R.J.: 2010 economic analysis of role-based access control. NIST report (2010)Google Scholar
  12. 12.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29, 38–47 (1996)CrossRefGoogle Scholar
  13. 13.
    Squicciarini, A., Paci, F., Sundareswaran, S.: Prima: an effective privacy protection mechanism for social networks. In: ASIACCS, pp. 320–323 (2010)Google Scholar
  14. 14.
    Wang, L., Wijesekera, D., Jajodia, S.: A logic-based framework for attribute based access control. In: FMSE, pp. 45–55 (2004)Google Scholar
  15. 15.
    Weiser, M.: Some computer science issues in ubiquitous computing. Commun. ACM 36(7), 75–84 (1993)CrossRefGoogle Scholar
  16. 16.
    Yau, S.S., Huang, D.: Development of situation-aware applications in services and cloud computing environments. IJSI 7(1), 21–39 (2013)Google Scholar
  17. 17.
    Yau, S.S., Liu, J.: A situation-aware access control based privacy-preserving service matchmaking approach for service-oriented architecture. In: ICWS, pp. 1056–1063 (2007)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.Faculty of Science, Engineering and TechnologySwinburne University of TechnologyAustralia

Personalised recommendations