A location aware role and attribute based access control system

In this paper, we follow the role-based access control (RBAC) approach and extend it to provide for the dynamic association of roles with users. In our framework, privileges associated with resources are assigned depending on the attribute values of the resources, attribute values associated with users determine the association of users with privileges, and a location mapping function between physical and logical locations allows to enable/disable roles depending on the logical location of the users and thus preserve the privacy of the location. We use Semantic Web technologies and a graphical user interface based on the Google Maps API.

[1]  Elisa Bertino,et al.  Access Control and Privacy in Location-Aware Services forMobile Organizations , 2006, 7th International Conference on Mobile Data Management (MDM'06).

[2]  Elisa Bertino,et al.  GEO-RBAC: a spatially aware RBAC , 2005, SACMAT '05.

[3]  Junzhong Gu,et al.  Ex-RBAC: An Extended Role Based Access Control Model for Location-aware Mobile Collaboration System , 2007, Second International Conference on Internet Monitoring and Protection (ICIMP 2007).

[4]  Roberto Tamassia,et al.  A Role and Attribute Based Access Control System Using Semantic Web Technologies , 2007, OTM Workshops.