Role-based access control in ambient and remote space

In the era of Ubiquitous Computing and world-wide data transfer mobility, as an innovative aspect of professional activities, imposes new andcomplex problems of mobile and distributed access to information,services, and on--line negotiations for this purpose. This paperrestricts itself to presenting a distributed and location--dependentRBAC approach which is multi--layered. Also an adapted form ofAdministration Nets is presented whichallows the scheduling of distributed on--line processes for automatedlocation--dependent negotiating procedures, and for provingtheir correctness. Examples are discussed in some detail.

[1]  Kurt Lautenbach,et al.  The Analysis of Distributed Systems by Means of Predicate ? Transition-Nets , 1979, Semantics of Concurrent Computation.

[2]  Horst F. Wedde,et al.  COMPOSING HETEROGENOUS ACCESS POLICIES BETWEEN ORGANIZATIONS , 2003 .

[3]  Carlo Ghezzi,et al.  A Unified High-level Petri Net Model for Time Critical Systems , 1991 .

[4]  Sushil Jajodia,et al.  A logical language for expressing authorizations , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[5]  Horst F. Wedde,et al.  Modular authorization , 2001, SACMAT '01.

[6]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[7]  Mustaque Ahamad,et al.  Generalized Role-Based Access Control for Securing Future Applications , 2000 .

[8]  Elisa Bertino,et al.  A unified framework for enforcing multiple access control policies , 1997, SIGMOD '97.

[9]  Elisa Bertino,et al.  A Temporal Access Control Mechanism for Database Systems , 1996, IEEE Trans. Knowl. Data Eng..

[10]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[11]  B. Hanlon DEPARTMENT OF COMMERCE , 2004 .

[12]  Carlo Ghezzi,et al.  A Unified High-Level Petri Net Formalism for Time-Critical Systems , 1991, IEEE Trans. Software Eng..

[13]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[14]  Elisa Bertino,et al.  An access control model supporting periodicity constraints and temporal reasoning , 1998, TODS.

[15]  Mark Strembeck,et al.  An approach to engineer and enforce context constraints in an RBAC environment , 2003, SACMAT '03.

[16]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[17]  Elisa Bertino,et al.  Dependencies and separation of duty constraints in GTRBAC , 2003, SACMAT '03.

[18]  Vincent Rijmen,et al.  Rijndael/AES , 2005, Encyclopedia of Cryptography and Security.

[19]  Horst F. Wedde,et al.  Cooperative role-based administration , 2003, SACMAT '03.

[20]  Wil M. P. van der Aalst,et al.  The Application of Petri Nets to Workflow Management , 1998, J. Circuits Syst. Comput..

[21]  Gregory D. Abowd,et al.  Securing context-aware applications using environment roles , 2001, SACMAT '01.

[22]  Ravi S. Sandhu,et al.  A model for role administration using organization structure , 2002, SACMAT '02.

[23]  Rüdiger Valk Infinite Behaviour of Petri Nets , 1983, Theor. Comput. Sci..

[24]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.