LoT-RBAC: A Location and Time-Based RBAC Model

Recent growth in location-based mobile services has introduced a significant need for location and time-based access control to resources. High mobility of the users and services in the emerging mobile applications in particular make the issue of controlling who can access what information and resources from which locations a daunting challenge. Several RBAC based models have been proposed that attempt to capture the location based and/or time-based access control requirements in various applications. However, they have limited flexibility and granularity. In this paper, we propose a Location and Time-based RBAC (LoT-RBAC) model to address the access control requirements of highly mobile, dynamic environments to provide both location and time based control.

[1]  Gregory D. Abowd,et al.  Securing context-aware applications using environment roles , 2001, SACMAT '01.

[2]  Roshan K. Thomas,et al.  Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments , 1997, RBAC '97.

[3]  Cheng-Zhong Xu,et al.  A coordinated spatio-temporal access control model for mobile computing in coalition environments , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[4]  Vladimir A. Oleshchuk,et al.  Spatial role-based access control model for wireless networks , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[5]  Elisa Bertino,et al.  Temporal hierarchies and inheritance semantics for GTRBAC , 2002, SACMAT '02.

[6]  Arun Kumar,et al.  Context sensitivity in role-based access control , 2002, OPSR.

[7]  Mark Strembeck,et al.  An integrated approach to engineer and enforce context constraints in RBAC environments , 2004, TSEC.

[8]  Elisa Bertino,et al.  An analysis of expressiveness and design issues for the generalized temporal role-based access control model , 2005, IEEE Transactions on Dependable and Secure Computing.

[9]  Manish Parashar,et al.  Dynamic context-aware access control for grid applications , 2003, Proceedings. First Latin American Web Congress.

[10]  Elisa Bertino,et al.  A generalized temporal role-based access control model , 2005, IEEE Transactions on Knowledge and Data Engineering.

[11]  Elisa Bertino,et al.  Dependencies and separation of duty constraints in GTRBAC , 2003, SACMAT '03.

[12]  Elisa Bertino,et al.  GEO-RBAC: a spatially aware RBAC , 2005, SACMAT '05.

[13]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[14]  Horst F. Wedde,et al.  Role-based access control in ambient and remote space , 2004, SACMAT '04.

[15]  Ajith K. Narayanan Realms and states: a framework for location aware mobile computing , 2001, WMC '01.

[16]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[17]  Elisa Bertino,et al.  Access-control language for multidomain environments , 2004, IEEE Internet Computing.

[18]  Antonio Corradi,et al.  Context-based access control management in ubiquitous environments , 2004, Third IEEE International Symposium on Network Computing and Applications, 2004. (NCA 2004). Proceedings..

[19]  Weigang Wang,et al.  Team-and-role-based organizational context and access control for cooperative hypermedia environments , 1999, Hypertext.

[20]  Elisa Bertino,et al.  TRBAC , 2001, ACM Trans. Inf. Syst. Secur..

[21]  Ahmed K. Elmagarmid,et al.  Spatial and temporal content-based access to hypervideo databases , 1998, The VLDB Journal.

[22]  Markus Schneider,et al.  Spatio-Temporal Predicates , 2002, IEEE Trans. Knowl. Data Eng..

[23]  Vijayalakshmi Atluri,et al.  An authorization model for geospatial data , 2004, IEEE Transactions on Dependable and Secure Computing.