On Spatio-Temporal Constraints and Inheritance in Role-Based Access Control

Liang Chen, Jason Crampton

Research output: Chapter in Book/Report/Conference proceedingConference contribution

28 Citations (Scopus)

Abstract

Pervasive computing environments have created a requirement for spatial- and temporal-aware access control systems. Although temporal, spatial and spatio-temporal role-based access control (RBAC) models have been developed, a family of simple, expressive and flexible models that convincingly addresses the interaction between spatio-temporal constraints and inheritance in RBAC does not yet exist. In this paper, we define three spatio-temporal models based on RBAC96 the de facto standard for RBAC, and extend these models to include activation and usage hierarchies. These models provide different authorization semantics, varying in the extent to which RBAC entities and relations are constrained by spatio-temporal restrictions. We introduce the notion of trusted entities, which are used to selectively override certain spatio-temporal restrictions. We also demonstrate that our spatio-temporal models are consistent and compatible with RBAC96 and the ANSI-RBAC standard, in contrast to existing models. Finally, we propose four approaches to encoding spatio-temporal requirements in practical applications that permit access requests to be answered efficiently.
Original languageEnglish
Title of host publicationProceeding ASIACCS '08 Proceedings of the 2008 ACM symposium on Information, computer and communications security
Place of PublicationNew York
PublisherACM Press
Pages205-216
Number of pages12
ISBN (Print)978-1-59593-979-1
DOIs
Publication statusPublished - 2008
EventProceedings of the 2008 ACM Symposium on Information, Computer and Communications Security - Tokyo, Japan
Duration: 18 Mar 200820 Mar 2008

Conference

ConferenceProceedings of the 2008 ACM Symposium on Information, Computer and Communications Security
CountryJapan
CityTokyo
Period18/03/0820/03/08

Fingerprint Dive into the research topics of 'On Spatio-Temporal Constraints and Inheritance in Role-Based Access Control'. Together they form a unique fingerprint.

  • Cite this

    Chen, L., & Crampton, J. (2008). On Spatio-Temporal Constraints and Inheritance in Role-Based Access Control. In Proceeding ASIACCS '08 Proceedings of the 2008 ACM symposium on Information, computer and communications security (pp. 205-216). ACM Press. https://doi.org/10.1145/1368310.1368341