Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: DBSEC 2008
Guest editors: Vijay AtluriEditor
Article type: Research Article
Authors: Toahchoodee, Manachai | Ray, Indrakshi
Affiliations: Department of Computer Science, Colorado State University, Fort Collins, CO, USA. E-mails: [email protected], [email protected]
Abstract: With the growing use of wireless networks and mobile devices, we are moving towards an era of pervasive computing. Such environments will spawn new applications that use contextual information to provide enhanced services. Traditional access control models cannot protect such applications because the access requirements may be contingent upon the location of the user and the time of access. Consequently, we propose a new spatio-temporal role-based access control model that supports delegation for use in such applications. The model can be used by any application where the access is contingent not only on the role of the user, but also on the locations of the user and the object and the time of access. We describe how each entity in the role-based access control model is affected by time and location and propose constraints to express this. We also show how the formal semantics of our model can be expressed using graph-theoretic notation. The various features of our model give rise to numerous constraints that may interact with each other and result in conflicts. Thus, for any given application using our model, it is important to analyze the interaction of constraints to ensure that conflicts or security breaches do not occur. Manual analysis is tedious and error-prone. Towards this end, we show how the analysis can be automated using Coloured Petri Nets. Since automated analysis for large applications is time consuming, we propose an approach that reduces the analysis time.
Keywords: Access control model, security, requirements specification, model analysis and verification
DOI: 10.3233/JCS-2010-0418
Journal: Journal of Computer Security, vol. 19, no. 3, pp. 399-452, 2011
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]