Abstract
Recent advances to mobile communication, Global Positioning System (GPS) and Radio Frequency Identification (RFID) technologies have propelled the growth of a number of mobile services. These require maintaining mobile object’s location information and efficiently serving access requests on the past, present and future status of the moving objects. Moreover, these services raise a number of security and privacy challenges. To address this, security policies are specified to ensure controlled access to the mobile user’s location and movement trajectories, their profile information, and stationary resources based on the mobile user’s spatiotemporal information. Considering the basic authorization specification 〈subject, object, privilege 〉, in a mobile environment, a moving object can be a subject, an object, or both. Serving an access request requires to search for the desired moving objects that satisfy the query, as well as enforce the security policies.
Often, enforcing security incurs overhead, and as a result may degrade the performance of a system. To alleviate this problem, recently Atluri and Guo have proposed an unified index structure, STPR-tree, to organize both the moving objects and authorizations specified over them. However, the STPR-tree is not capable supporting security policies based on tracking of mobile users. In this paper, we present an index structure, called SPPF-tree, which maintains past, present and future positions of the moving objects along with authorizations by employing partial persistent storage. We demonstrate how the SPPF-tree can be constructed and maintained, and provide algorithms to process two types of access requests, including moving object requests by stationary subjects such as locate and track, and stationary object requests by moving subjects.
Keywords
- Leaf Node
- Mobile User
- Index Structure
- Security Policy
- Access Control Policy
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This work is supported in part by the National Science Foundation under grant IIS-0242415.
Chapter PDF
References
Wolfson, O., Xu, B., Chamberlain, S., Jiang, L.: Moving objects databases: Issues and solutions. In: Rafanelli, M., Jarke, M. (eds.) 10th International Conference on Scientic and Statistical Database Management, Proceedings, Capri, Italy, July 1-3, 1998, pp. 111–122. IEEE Computer Society (1998)
Moreira, J., Ribeiro, C., Abdessalem, T.: Query operations for moving objects database systems. In: Proceedings of the Eighth ACM International Symposium on Advances in Geographic Information Systems, pp. 108–114. ACM Press, New York (2000)
Atluri, V., Guo, Q.: Unified index for mobile object data and authorizations. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 80–97. Springer, Heidelberg (2005)
Pelanis, M., Saltenis, S., Jensen, C.S.: Indexing the past, present and anticipated future positions of moving objects. A TIMECENTER Technical Report TR-78 (2004)
Atluri, V., Chun, S.A.: An authorization model for geospatial data. IEEE Trans. Dependable Sec. Comput. 1(4), 238–254 (2004)
Saltenis, S., Jensen, C.S., Leutenegger, S.T., Lopez, M.A.: Indexing the positions of continuously moving objects. In: SIGMOD Conference, pp. 331–342 (2000)
Patel, J.M., Chen, Y., Chakka, V.P.: Stripes: an efficient index for predicted trajectories. In: Proceedings of the 2004 ACM SIGMOD International conference on Management of data, New York, NY, USA, pp. 635–646. ACM Press (2004)
Lin, D., Jensen, C.S., Ooi, B.C., Saltenis, S.: Efficient indexing of the historical, present, and future positions of moving objects. In: Mobile Data Management, pp. 59–66 (2005)
Jensen, C.S., Lin, D., Ooi, B.C.: Query and Update Efficient B+-Tree Based Indexing of Moving Objects. In: VLDB, pp. 768–779 (2004)
Atluri, V., Adam, N.R., Youssef, M.: Towards a unied index scheme for mobile data and customer proles in a location-based service environment. In: Workshop on Next Generation Geospatial Information (NG2I 2003) (2003)
Beresford, A., Stajano, F.: Mix zones: User privacy in location-aware services. In: PerCom Workshops, pp. 127–131 (2004)
Scott, D., Beresford, A.R., Mycroft, A.: Spatial security policies for mobile agents in a sentient computing environment. In: Pezzé, M. (ed.) FASE 2003. LNCS, vol. 2621, pp. 102–117. Springer, Heidelberg (2003)
Aalto, L., Gthlin, N., Korhonen, J., Ojala, T.: Bluetooth and wap push based location-aware mobile advertising system. In: MobiSYS 2004: Proceedings of the 2nd International Conference on Mobile Systems, Applications, and Services, New York, NY, USA, pp. 49–58 (2004)
Youssef, M., Adam, N.R., Atluri, V. (eds.): Preserving Mobile Customer Privacy: An Access Control System for Moving Objects and Customer Information. In: 6th International Conference on Mobile Data Management. LNCS, Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 IFIP International Federation for Information Processing
About this paper
Cite this paper
Atluri, V., Shin, H. (2006). Efficient Enforcement of Security Policies Based on Tracking of Mobile Users. In: Damiani, E., Liu, P. (eds) Data and Applications Security XX. DBSec 2006. Lecture Notes in Computer Science, vol 4127. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11805588_17
Download citation
DOI: https://doi.org/10.1007/11805588_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36796-3
Online ISBN: 978-3-540-36799-4
eBook Packages: Computer ScienceComputer Science (R0)