On spatio-temporal constraints and inheritance in role-based access control

Chen, Liang and Crampton, Jason (2008) On spatio-temporal constraints and inheritance in role-based access control. In: 3rd ACM Symposium on Information, Computer and Communications Security, 18-20 Mar 2008, Tokyo, Japan.

Full text not available from this repository.


Pervasive computing environments have created a requirement for spatial- and temporal-aware access control systems. Although temporal, spatial and spatio-temporal role-based access control (RBAC) models have been developed, a family of simple, expressive and flexible models that convincingly addresses the interaction between spatio-temporal constraints and inheritance in RBAC does not yet exist. In this paper, we define three spatio-temporal models based on RBAC96 the de facto standard for RBAC, and extend these models to include activation and usage hierarchies. These models provide different authorization semantics, varying in the extent to which RBAC entities and relations are constrained by spatio-temporal restrictions. We introduce the notion of trusted entities, which are used to selectively override certain spatio-temporal restrictions. We also demonstrate that our spatio-temporal models are consistent and compatible with RBAC96 and the ANSI-RBAC standard, in contrast to existing models. Finally, we propose four approaches to encoding spatio-temporal requirements in practical applications that permit access requests to be answered efficiently.

Item Type: Conference or Workshop Item (Paper)
ISBN: 9781595939791
Identifier: 10.1145/1368310.1368341
Page Range: pp. 205-216
Identifier: 10.1145/1368310.1368341
Keywords: ERBAC, RBAC, Spatio-temporal domain
Subjects: Computing
Depositing User: Liang Chen
Date Deposited: 22 Mar 2016 18:02
Last Modified: 28 Aug 2021 07:19
URI: https://repository.uwl.ac.uk/id/eprint/1833

Actions (login required)

View Item View Item