Spatial Domains for the Administration of Location-based Access Control Policies

Damiani, Maria Luisa; Bertino, Elisa; Silvestri, Claudio

doi:10.1007/s10922-008-9106-0

Cited by 7 publications

(5 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Damiani et al [45] discuss the problem of 'domain awareness', similar to the problem of accidental access mentioned earlier by Gupta et al: a traveler might connect to many different systems and must be made aware of this, without being bothered too much. 10 To solve this, Kirkpatrick and Bertino [48] propose to use enabled and activated roles: the first are possible, and the latter require a specific location or a user action.…”

Section: )mentioning

confidence: 98%

See 1 more Smart Citation

Benefits of Location-Based Access Control: A Literature Study

Cleeff

Pieters

Wieringa

2010

2010 IEEE/ACM Int'l Conference on Green Computing and Communications &Amp; Int'l Conference on Cyber, Physical and Social Compu

View full text Add to dashboard Cite

Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been investigated thoroughly. To this end, we perform a structured literature review, and examine the goals that LBAC can potentially fulfill, the specific LBAC systems that realize these goals and the context on which LBAC depends. Our paper has four main contributions: first we propose a theoretical framework for LBAC evaluation, based on goals, systems and context. Second, we formulate and apply criteria for evaluating the usefulness of an LBAC system. Third, we identify four usage scenarios for LBAC: open areas and systems, hospitals, enterprises, and finally data centers and military facilities. Fourth, we propose directions for future research: (i) assessing the tradeoffs between location-based, physical and logical access control, (ii) improving the transparency of LBAC decision making, and (iii) formulating design criteria for facilities and working environments for optimal LBAC usage.

show abstract

Section: )mentioning

confidence: 98%

“…Maintainability: LBAC maintainability is mostly ignored in the literature [45]. An exception is GEO-RBAC where maintenance is split between specific spatial domains and subdomains.…”

Section: )mentioning

confidence: 99%

Benefits of Location-Based Access Control: A Literature Study

Cleeff

Pieters

Wieringa

2010

2010 IEEE/ACM Int'l Conference on Green Computing and Communications &Amp; Int'l Conference on Cyber, Physical and Social Compu

View full text Add to dashboard Cite

show abstract

“…Generalized Spatial RBAC [7] (GSRBAC), a model that extends RBAC and SRBAC to incorporate location information associated with roles and services in order to permit location-based definition of security and energy related policies. In the GSRBAC model, permissions are dynamically assigned to the role depending on location of a user and may be granted if in addition location of the requested service satisfies specified spatial constraints.…”

Section: G Gsrbacmentioning

confidence: 99%

Information Assurance through Access Control Policies: A Comprehensive Study

GnanaJeyaraman¹,

Gunaseelan²,

Kumaresan³

2014

IJCOT

View full text Add to dashboard Cite

show abstract

“…By hiding σ from clients, the schema and data in the original document remain hidden, while clients are able to issue queries on accessible regions using D v . A new type of RBAC‐based access control policies tackles location‐based authorization, in which the permissions for a mobile user vary depending on her current location (Damiani et al , 2008). To date, there has been no location‐based access control models designed for XML.…”

Section: Related Workmentioning

confidence: 99%

Schema‐level access control policies for XML documents

Müldner

Leighton²,

Miziołek³

2009

International Journal of Web Information Systems

View full text Add to dashboard Cite

PurposeThe purpose of this paper is to consider the secure publishing of XML documents, where a single copy of an XML document is disseminated and a stated role‐based access control policy (RBACP) is enforced via selective encryption. It describes a more efficient solution over previously proposed approaches, in which both policy specification and key generation are performed once, at the schema‐level. In lieu of the commonly used super‐encryption technique, in which nodes residing in the intersection of multiple roles are encrypted with multiple keys, it describes a new approach called multi‐encryption that guarantees each node is encrypted at most once.Design/methodology/approachThis paper describes two alternative algorithms for key generation and single‐pass algorithms for multi‐encrypting and decrypting a document. The solution typically results in a smaller number of keys being distributed to each user.FindingsThe paper proves the correctness of the presented algorithms, and provides experimental results indicating the superiority of multi‐encryption over super‐encryption, in terms of encryption and decryption time requirements. It also demonstrates the scalability of the approach as the size of the input document and complexity of the schema‐level RBACP are increased.Research limitations/implicationsAn extension of this work involves designing and implementing re‐usability of keyrings when a schema or ACP is modified. In addition, more flexible solutions for handling cycles in schema graphs are possible. The current solution encounters difficulty when schema graphs are particularly deep and broad.Practical implicationsThe experimental results indicate that the proposed approach is scalable, and is applicable to scenarios in which XML documents conforming to a common schema are to be securely published.Originality/valueThis paper contributes to the efficient implementation of secure XML publication systems.

show abstract

Spatial Domains for the Administration of Location-based Access Control Policies

Cited by 7 publications

References 15 publications

Benefits of Location-Based Access Control: A Literature Study

Benefits of Location-Based Access Control: A Literature Study

Information Assurance through Access Control Policies: A Comprehensive Study

Schema‐level access control policies for XML documents

Contact Info

Product

Resources

About