Geo-Social-RBAC: A Location-Based Socially Aware Access Control Framework
The ubiquity of low-cost GPS-enabled mobile devices and the proliferation of online social networks have enabled the collection of rich geo-social information that includes the whereabouts of the users and their social connections. This information can be used to provide a rich set of access control policies that ensure that resources are utilized securely. Existing literature focuses on providing access control systems that control the access solely based on either the location of the users or their social connections. In this paper, we argue that a number of real-world applications demand an access control model that effectively captures both the geographic as well as the social dimensions of the users in a given location. We propose, Geo-social-RBAC, a new role based access control model that allows the inclusion of geo-social constraints as part of the access control policy. Our model, besides capturing the locations of a user requesting access and her social connections, includes geo-social cardinality constraints that dictate how many people related by a particular social relation need to be present in the required locations at the time of an access. The model also allows specification of geo-social and location trace constraints that may be used to dictate if an access needs to be granted or denied.
KeywordsAccess Control Social Relation Online Social Network Access Control Policy Access Control Model
Unable to display preview. Download preview PDF.
- 1.Opengis simple features specification for sql, tech. report ogc 99-049. Technical report, OpenGIS Consortium (1999)Google Scholar
- 3.Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: Geo-rbac: a spatially aware rbac. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies, pp. 29–37. ACM (2005)Google Scholar
- 4.Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.: A semantic web based framework for social network access control. In: Proc. of the 14th SACMAT, pp. 177–186. ACM (2009)Google Scholar
- 6.Covington, M.J., Long, W., Srinivasan, S., Dev, A.K., Ahamad, M., Abowd, G.D.: Securing context-aware applications using environment roles. In: Proc. of the 6th SACMAT, pp. 10–20. ACM (2001)Google Scholar
- 8.Fong, P.W.: Relationship-based access control: protection model and policy language. In: Proc. of the First ACM Conference on Data and Application Security and Privacy, pp. 191–202. ACM (2011)Google Scholar
- 9.Gupta, A., Kirkpatrick, M.S., Bertino, E.: A formal proximity model for rbac systems. Computers & Security (2013)Google Scholar
- 10.Kirkpatrick, M.S., Damiani, M.L., Bertino, E.: Prox-rbac: a proximity-based spatially aware rbac. In: Proc. of the 19th ACM SIGSPATIAL Int. Conf. on Advances in Geographic Information Systems (2011)Google Scholar
- 12.Osborn, Q.M.S., Sandhu, R.: Configuring role-based access control to enforce mandatory and discretionary access control policies. In: ACM Transaction on Information and System Security (2000)Google Scholar
- 13.Sandhu, R.: Role activation hierarchies. In: Proceedings of 3rd ACM Workshop on Role-Based Access Control (1998)Google Scholar
- 14.Tarameshloo, E., Fong, P.: Access control models for geo-social computing systems. In: SACMAT (2014)Google Scholar
- 15.Thomas, R.K.: Team-based access control (tmac): a primitive for applying role-based access controls in collaborative environments. In: Proc. of the 2nd ACM Workshop on Role-Based Access Control (1997)Google Scholar
- 16.Toahchoodee, M., Ray, I., McConnell, R.M.: Using graph theory to represent a spatio-temporal role-based access control model. Int. Journal of Next-Generation Computing (2010)Google Scholar