Advertisement

Abstract

Role Based Access Control (RBAC) has emerged as an important access control paradigm in computer security. However, the access decisions that can be taken in a system implementing RBAC do not include many relevant factors like user location, system location, system time, etc. We propose a spatiotemporal RBAC Model (STARBAC) which reasons in spatial and temporal domain in tandem. STARBAC control command enables or disables role based on spatiotemporal conditions. The new model is able to specify a number of different types of important access requirements not expressible in existing variations of RBAC model like GEO-RBAC and TRBAC. The specification language we present here is powerful enough to allow logical connectives like AND (∧) and OR (∨) over spatiotemporal conditions.

Keywords

Access control STARBAC spatiotemporal reference role command spatiotemporal satisfiability 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Rolebased Access Control Models. IEEE Computer 29(2), 38–47 (1996)Google Scholar
  2. 2.
    Giuri, L.: Role -Based Access Control: A Natural Approach. In: RBAC. Proceedings of ACM Workshop on Role Based Access Control, pp. 33–37 (December 1996)Google Scholar
  3. 3.
    Covington, M.J., Moyer, M.J., Ahamad, M.: Generalized Role-based Access Control for Securing Future Applications. In: NISSC. Proceedings of National Information Systems Security Conference (October 2000)Google Scholar
  4. 4.
    Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-based Access Control. ACM Transactions on Information and System Security (TISSEC) 4(3), 224–274 (2001)CrossRefGoogle Scholar
  5. 5.
    Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: A Temporal Role-Based Access Control Model. ACM Transactions on Information and System Security (TISSEC) 4(3), 191–223 (2001)CrossRefGoogle Scholar
  6. 6.
    Giuri, L., Iglio, P.: Role Templates for Content-based Access Control. In: RBAC. Proceedings of ACM Workshop on Role Based Access Control, pp. 153–159 (November 1997)Google Scholar
  7. 7.
    Gal, A., Atluri, V.: An Authorization Model for Temporal Data. In: CCS. Proceedings of ACM Conference on Computer and Communication Security, pp. 144–153 (2000)Google Scholar
  8. 8.
    Atluri, V., Chun, S.A.: A Geotemporal Role-based Authorisation System. International Journal of Information and Computer Security 1(1-2), 143–168 (2007)CrossRefGoogle Scholar
  9. 9.
    Bertino, E., Bettini, C., Ferrari, E., Samarati, P.: An Access Control Model Supporting Periodicity Constraints and Temporal Reasoning. ACM Transactions on Database Systems 23(3), 231–285 (1998)CrossRefGoogle Scholar
  10. 10.
    Covington, M., Long, W., Srinivasan, S., Dey, A.K., Ahamad, M., Abowd, G.D.: Securing Context-aware Applications using Environment Roles. In: SACMAT. Proceedings of ACM Symposium on Access Control Models and Technologies, pp. 10–20 (2001)Google Scholar
  11. 11.
    Zhang, G., Parashar, M.: Context-Aware Dynamic Access Control for Pervasive Applications. In: CNDS. Proceedings of Communication Networks and Distributed Systems Modeling and Simulation Conference (2004)Google Scholar
  12. 12.
    Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A.: Generalized Temporal Role based Access Control Model (GTRBAC)- Specification and modeling. IEEE Transactions on Knowledge and Data Engineering 17(1), 4–23 (2005)CrossRefGoogle Scholar
  13. 13.
    Hansen, F., Oleshchuk, V.: Spatial Role-Based Access Control Model for Wireless Networks. In: Proceedings of IEEE Vehicular Technology Conference, pp. 2093–2097 (2003)Google Scholar
  14. 14.
    Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: GEO-RBAC: A Spatially Aware RBAC. In: SACMAT. Proceedings of ACM Symposium on Access Control Models and Technologies, pp. 29–37 (2005)Google Scholar
  15. 15.
    Ray, I., Kumar, M., Yu, L.: LRBAC: A Location-Aware Role-Based Access Control Model. In: ICISS. Proceedings of International Conference on Information Systems Security, pp. 147–161 (2006)Google Scholar
  16. 16.
    Niezette, M., Stevenne, J.: An Efficient Symbolic Representation of Periodic Time. In: Proceedings of International Conference on Information and Knowledge Management (1992)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Subhendu Aich
    • 1
  • Shamik Sural
    • 1
  • A. K. Majumdar
    • 2
  1. 1.School of Information Technology 
  2. 2.Department of Computer Science & Engineering, Indian Institute of Technology, KharagpurIndia

Personalised recommendations