Skip to main content

A Context-Aware Access Control Framework for Software Services

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNPSE,volume 8377)

Abstract

In the present age, context-awareness is an important aspect of the dynamic environments and the different types of dynamic context information bring new challenges to access control systems. Therefore, the need for the new access control frameworks to link their decision making abilities with the context-awareness capabilities have become increasingly significant. The main goal of this research is to develop a new access control framework that is capable of providing secure access to information resources or software services in a context-aware manner. Towards this goal, we propose a new semantic policy framework that extends the basic role-based access control (RBAC) approach with both dynamic associations of user-role and role-service capabilities. We also introduce a context model in modelling the basic and high-level context information relevant to access control. In addition, a situation can be determined on the fly so as to combine the relevant states of the entities and the purpose or user’s intention in accessing the services. For this purpose, we can propose a situation model in modelling the purpose-oriented situations. Finally we need a policy model that will let the users to access resources or services when certain dynamically changing conditions (using context and situation information) are satisfied.

Keywords

  • Context-awareness
  • context
  • context-aware access control
  • situation
  • situation-aware access control
  • access control policy

References

  1. Bettini, C., Brdiczka, O., Henricksen, K., Indulska, J., Nicklas, D., Ranganathan, A., Riboni, D.: A survey of context modelling and reasoning techniques. Pervasive and Mobile Computing 6, 161–180 (2010)

    CrossRef  Google Scholar 

  2. Byun, J.W., Li, N.: Purpose based access control for privacy protection in relational database systems. The VLDB Journal 17(4), 603–619 (2008)

    CrossRef  Google Scholar 

  3. Chandran, S.M., Joshi, J.B.D.: LoT-RBAC: A location and time-based rbac model. In: Ngu, A.H.H., Kitsuregawa, M., Neuhold, E.J., Chung, J.-Y., Sheng, Q.Z. (eds.) WISE 2005. LNCS, vol. 3806, pp. 361–375. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  4. Dimitropoulos, L.L.: Privacy and security solutions for interoperable health information exchange: nationwide summary. AHRQ Publication (2007)

    Google Scholar 

  5. He, Z., Wu, L., Li, H., Lai, H., Hong, Z.: Semantics-based access control approach for web service. JCP 6, 1152–1161 (2011)

    Google Scholar 

  6. Huang, J., Nicol, D.M., Bobba, R., Huh, J.H.: A framework integrating attribute-based policies into role-based access control. In: SACMAT, pp. 187–196 (2012)

    Google Scholar 

  7. Kayes, A.S.M., Han, J., Colman, A.: ICAF: A context-aware framework for access control. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 442–449. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  8. Kayes, A.S.M., Han, J., Colman, A.: An ontology-based approach to context-aware access control for software services. In: Lin, X., Manolopoulos, Y., Srivastava, D., Huang, G. (eds.) WISE 2013, Part I. LNCS, vol. 8180, pp. 410–420. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  9. Kayes, A.S.M., Han, J., Colman, A.: A semantic policy framework for context-aware access control applications. In: TrustCom, pp. 753–762 (2013)

    Google Scholar 

  10. Lee, A.J., Winslett, M., Basney, J., Welch, V.: The traust authorization service. ACM Trans. Inf. Syst. Secur. 11(1), 2:1–2:33 (2008)

    Google Scholar 

  11. O’Connor, A.C., Loomis, R.J.: 2010 economic analysis of role-based access control. NIST report (2010)

    Google Scholar 

  12. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29, 38–47 (1996)

    CrossRef  Google Scholar 

  13. Squicciarini, A., Paci, F., Sundareswaran, S.: Prima: an effective privacy protection mechanism for social networks. In: ASIACCS, pp. 320–323 (2010)

    Google Scholar 

  14. Wang, L., Wijesekera, D., Jajodia, S.: A logic-based framework for attribute based access control. In: FMSE, pp. 45–55 (2004)

    Google Scholar 

  15. Weiser, M.: Some computer science issues in ubiquitous computing. Commun. ACM 36(7), 75–84 (1993)

    CrossRef  Google Scholar 

  16. Yau, S.S., Huang, D.: Development of situation-aware applications in services and cloud computing environments. IJSI 7(1), 21–39 (2013)

    Google Scholar 

  17. Yau, S.S., Liu, J.: A situation-aware access control based privacy-preserving service matchmaking approach for service-oriented architecture. In: ICWS, pp. 1056–1063 (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Kayes, A.S.M., Han, J., Colman, A. (2014). A Context-Aware Access Control Framework for Software Services. In: Lomuscio, A.R., Nepal, S., Patrizi, F., Benatallah, B., Brandić, I. (eds) Service-Oriented Computing – ICSOC 2013 Workshops. ICSOC 2013. Lecture Notes in Computer Science, vol 8377. Springer, Cham. https://doi.org/10.1007/978-3-319-06859-6_53

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-06859-6_53

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-06858-9

  • Online ISBN: 978-3-319-06859-6

  • eBook Packages: Computer ScienceComputer Science (R0)