Abstract
Pervasive computing environments have created a requirement for spatial- and temporal-aware access control systems. Although temporal, spatial and spatio-temporal role-based access control (RBAC) models have been developed, a family of simple, expressive and flexible models that convincingly addresses the interaction between spatio-temporal constraints and inheritance in RBAC does not yet exist. In this paper, we define three spatio-temporal models based on RBAC96 the de facto standard for RBAC, and extend these models to include activation and usage hierarchies. These models provide different authorization semantics, varying in the extent to which RBAC entities and relations are constrained by spatio-temporal restrictions. We introduce the notion of trusted entities, which are used to selectively override certain spatio-temporal restrictions. We also demonstrate that our spatio-temporal models are consistent and compatible with RBAC96 and the ANSI-RBAC standard, in contrast to existing models. Finally, we propose four approaches to encoding spatio-temporal requirements in practical applications that permit access requests to be answered efficiently.
| Original language | English |
|---|---|
| Title of host publication | Proceeding ASIACCS '08 Proceedings of the 2008 ACM symposium on Information, computer and communications security |
| Place of Publication | New York |
| Publisher | ACM Press |
| Pages | 205-216 |
| Number of pages | 12 |
| ISBN (Print) | 978-1-59593-979-1 |
| DOIs | |
| Publication status | Published - 2008 |
| Event | Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security - Tokyo, Japan Duration: 18 Mar 2008 → 20 Mar 2008 |
Conference
| Conference | Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security |
|---|---|
| Country/Territory | Japan |
| City | Tokyo |
| Period | 18/03/08 → 20/03/08 |