Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: DBSEC 2009
Guest editors: Jaideep VaidyaGuest Editor and Ehud GudesGuest Editor
Article type: Research Article
Authors: Shin, Heechanga; * | Atluri, Vijayalakshmib | Cho, June-suhc
Affiliations: [a] Information Systems Department, Iona College, New Rochelle, NY, USA. E-mail: [email protected] | [b] MSIS Department and CIMIC, Rutgers University, Newark, NJ, USA. E-mail: [email protected] | [c] Hankuk University of Foreign Studies, Seoul, South Korea. E-mail: [email protected]
Correspondence: [*] Corresponding author.
Abstract: In a mobile environment, user’s physical location plays an important role in determining access to resources. However, because current moving object databases do not keep the exact location of the moving objects, but rather maintain their approximate location for reasons of minimizing the updates, the access request evaluation cannot always guarantee the intended access control policy requirements. This may be risky to the system’s security, especially for highly sensitive resources. In this paper, we introduce an authorization model that takes the uncertainty of location measures into consideration for specifying and evaluating access control policies. An access request is granted only if the confidence level of the location predicate exceeds the predefined uncertainty threshold level specified in the policy. However, this access request evaluation is computationally expensive as it requires to evaluate a location predicate condition and may also require evaluating the entire moving object database. For reducing the cost of evaluation, in this paper, we compute lower and upper bounds (Rmin and Rmax) on the region that minimize the region to be evaluated, thereby allowing unneeded moving objects to be discarded from evaluation. To further minimize the region of evaluation, we propose to compute Rmin′ and Rmax′ that have smaller filter size so that filtering more objects out for evaluation. In addition, we extend our approach such that it does not require assumptions on the probability distribution functions. We show how these filters Rmin, Rmax, Rmin′, and Rmax′ can be computed and maintained, and provide algorithms to process access requests.
Keywords: Uncertain location, spatiotemporal access control, security, mobile environment
DOI: 10.3233/JCS-2011-0423
Journal: Journal of Computer Security, vol. 19, no. 3, pp. 607-637, 2011
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]