Access Control in a Port – A GeoRBAC Approach
Access Control mechanisms are nowadays mandatory to guarantee a minimum level of security in physical or logical environments. Different attributes can be used to grant access to users. In critical infrastructures individual position of users and devices is a clear alternative or complement. GeoRBAC is an extension of the Role Based Access Control (RBAC) mechanism that considers the position as another condition when performing access control decisions. In this paper we propose a real implementation and deployment of a GeoRBAC system integrated in the ICT infrastructure of a port, using OGC Sensor Web Enablement (SWE) set of standards to allow geolocation information interoperability.
KeywordsAccess control mechanisms Location-based services Security Transport and logistics
The work in this paper has been partially funded by CELTIC ACIO: Access Control In Organizations, co-funded by the Ministry of Industry (AEESD - TSI-100201-2013-50); and H2020 DORA: Door to Door Information for Airports and Airlines (H2020-MG 635885).
- 1.Sensor Observation Service (SOS), Open Geospatial Consortium (OGC). http://www.opengeospatial.org/standards/sos. Accessed May 2013
- 2.Giménez, P., Molina, B., Palau, C.E., Esteve, M.: Sensor web simulation and testing for the IoT. In: IEEE International Conference on Systems, Man, and Cybernetics (IEEE SMC 2013), Manchester, October 2013Google Scholar
- 3.Ferraiolo, D.F., Kuhn, D.R.: Role-based access controls. In: 15th National Computer Security Conference, pp. 554–563 (1992)Google Scholar
- 4.Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: GeoRBAC: a spatially aware RBAC. ACM Trans. Inf. Syst. Secur. 10(1) (2007). Article 2Google Scholar
- 5.Kirkpatrick, M.S., Damiani, M.L., Bertino, E.: Prox-RBAC: a proximity-based spatially aware RBAC. In: Proceedings of the 19th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems, GIS 2011, pp. 339–348. ACM, New York (2011)Google Scholar