Design and Implementation of a Context-Based Security Model

  • Tadashi Iijima
  • Satoshi Kido
Part of the Communications in Computer and Information Science book series (CCIS, volume 466)


This paper proposes a context-based security model and describes one of the design and implementation of enforcement mechanism of it. In this access control model, a kind of object-oriented petri-net with nets-within-nets semantics is adopted as a context representation.

This approach is, particularly, expected to be suitable for dynamic access control within inter-organizational business processes. The overall architecture of the access control model is designed by extending XACML standard architecture. And a Scala-based internal Domain Specific Language is designed to specify security policies.


Access Control Model Context Sensibility XACML Domain Specific Language 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Valk, R.: Object Petri Nets. In: Desel, J., Reisig, W., Rozenberg, G. (eds.) Lectures on Concurrency and Petri Nets. LNCS, vol. 3098, pp. 819–848. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Sandhu, M.S., Coyne, E.J., et al.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)CrossRefGoogle Scholar
  3. 3.
    OASIS Standard: eXtensible Access Control Markup Language(XACML) 3.0 (January 22, 2013),
  4. 4.
    Sun Microsystems, Inc.: Sun’s XACML Implementation (July 16, 2004),
  5. 5.
    Health Policy Bureau of Ministry of Health, Labor and Welfare, Japan: For partial revision of the scope of the emergency life-saving treatment (in Japanese), Health Policy NotificationN o.0302001 (March 2, 2009),
  6. 6.
    Nielsen, M., Winskel, G.: Petri nets and bisimulation. Theoretical Computer Science 153(1-2), 211–244 (1986)CrossRefMathSciNetGoogle Scholar
  7. 7.
    Thomas, R.K.: Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments. In: RBAC 1997 Proceedings of the Second ACM Workshop on Role-based Access Control, pp. 13–19 (1997)Google Scholar
  8. 8.
    Deng, J., Brooks, R., Taiber, J.: Security Automata Integrated XACML and Security Validation. In: Proc IEEE SOUTHEASTCON 2010, pp. 338-343 (March 2010)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Tadashi Iijima
    • 1
  • Satoshi Kido
    • 1
  1. 1.Faculty of Science and TechnologyKeio Univ.Japan

Personalised recommendations