Metrics

  • citations in SCIndeks: [1]
  • citations in CrossRef:0
  • citations in Google Scholar:[]
  • visits in previous 30 days:2
  • full-text downloads in 30 days:0

Contents

article: 2 from 2  
Back back to result list
Info M
2012, vol. 11, iss. 41, pp. 33-39
Context-sensitive access control
Sladić Goran ORCID, Milosavljević Branko ORCID, Konjović Zora
University of Novi Sad, Faculty of Technical Science, Serbia

emailsladicg@uns.ac.rs, mbranko@uns.ac.rs, ftn_zora@uns.ac.rs
Keywords: access control; RBAC; context-sensitive access control; context; context-sensitive computing
Abstract
In today’s information technology era, access control is concerned with the way in which users can access resources in a computer system, or informally speaking, with 'who can do what'. Access control is arguably the most fundamental security mechanism in use today. Traditional access control models, such as RBAC (Role Based Access Control), are passive access control models. They do not take into account contextual information. Consequently, these models are inadequate for specifying access control needs of many complex real world cases. As context data gets involved, the access decision no longer depends on user credentials only, it also depends on the state of the system’s environment and the system itself. Most research in this area is based on extensions of the RBAC model to support context-sensitive access control. This paper gives overview of the selected context-sensitive access control models applied in different areas.
References

Abowd, G.D., Dey, A.K., Brown, P.J., Davies, N., Smith, M., Steggles, P. (1999) Towards a better understanding of context and context-awareness. in: International symposium on Handheld and ubiquitous computing (I), HUC 99, proceedings, London: Springer-Verlag, str. 304-307

Bacon, J., Moody, K., Yao, W. (2002) A model of OASIS role-based access control and its support for active security. ACM Transactions on Information and System Security, 5(4): 492-540

Bao, Y., Song, J., Wang, D., Shen, D., Yu, G. (2008) A role and context based access control model with UML. in: International Conference for Young Computer Scientists, pp. 1175-1180

Bhatti, R., Ghafoor, A., Bertino, E., Joshi, J.B.D. (2005) X-GTRBAC: An XML-based policy specification framework and architecture for enterprise-wide access control. ACM Transactions on Information and System Security, 8(2): 187-227

Brezillon, P., Kouadri, M.G. (2004) Context-based security policies: a new modeling approach. in: PERCOMW ’04 - Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, Proceedings, p. 154

Buchholz, T., Kupper, A., Schiffers, M. (2003) Quality of context: What it is and why we need it. in: Workshop of the HP Open View University Association (HPOVUA 2003), Proceedings

Cholewka, D., Botha, R., Eloff, J. (2000) A contextsensitive access control model and prototype implementation. in: IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures, Proceedings, pp. 341-350

Corradi, A., Montanari, R., Tibaldi, D. (2004) Context-based access control for ubiquitous service provisioning. in: 28th Annual International Computer Software and Applications Conference (COMPSAC), Proceedings, pp. 444-451

Covington, M.J., Long, W., Srinivasan, S., Dev, A.K., Ahamad, M., Abowd, G.D. (2001) Securing context-aware applications using environment roles. in: ACM symposium on access control models and technologies (SACMAT) (VI), proceedings, New York: ACM, str. 10-20

Dey, A.K. (2000) Providing architectural support for building context-aware applications. Georgia, USA: Georgia Institute of Technology, PhD thesis

Emami, S., Amini, M., Zokaei, S. (2007) A context-aware access control model for pervasive computing environments. in: IEEE International Conference on Intelligent Pervasive Computing (IPC), Proceedings, pp. 51-56

Feng, X., Jun, X., Hao, H., Li, X. (2004) Context-aware role-based access control model for web services. in: Grid and cooperative computing GCC 2004 workshops, international workshop on information security and survivability for grid, 3252, 430-436

Fernandez, E., Larrondo-Petrie, M., Escobar, A. (2007) Contexts and contextbased access control. in: 3rd International Conference on Wireless and Mobile Communications (ICWMC), Proceedings, pp. 73-78

2

Ferraiolo, D.R., Kuhn, D.R., Chandramouli, R. (2003) Role-based access control. Artech House

Filho, J.B., Martin, H. (2008) Using context quality indicators for improving context-based access control in pervasive environments. in: IEEE/IFIP international conference on embedded and ubiquitous computing, EUC 08, proceedings, Washington: IEEE Computer Society, str. 285-290

Freudenthal, E., Pesin, T., Port, L., Keenan, E., Karamcheti, V. (2002) dRBAC: Distributed role-based access control for dynamic coalition environments. in: International Conference on Distributed Computing Systems, volume p. 411

Georgiadis, C.K., Mavridis, I., Pangalos, G., Thomas, R.K. (2001) Flexible team-based access control using contexts. in: ACM symposium on access control models and technologies (VI), SACMAT 01, proceedings, New York: ACM, str. 21-27

Gostojic, S., Sladic, G., Milosavljevic, B., Konjovic, Z. (2012) Context-Sensitive Access Control Model for Government Services. Journal of Organizational Computing and Electronic Commerce, vol. 22, br. 2, str. 184-213

Haibo, S., Fan, H. (2005) A context-aware role-based access control model for web services. in: IEEE international conference on e-business engineering, ICEBE, proceedings, 220-223

Han, W., Zhang, J., Yao, X. (2005) Context sensitive access control model and implementation. in: 5th International Conference on Computer and Information Technology (CIT), Proceedings, pp. 757-763

Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A. (2005) A generalized temporal role-based access control model. IEEE Transactions on Knowledge and Data Engineering, 17(1): 4-23

Kapsalis, V., Hadellis, L., Karelis, D., Koubias, S. (2006) A dynamic context-aware access control architecture for e-services. Computers & Security, 25(7): 507-521

Kouadri, M.G.K.G., Brezillon, P. (2003) A generic framework for context-based distributed authorizations. in: 4th International and Interdisciplinary Conference on Modeling and Using Context (Context 03), pp. 204-217

Kumar, A., Karnik, N., Chafle, G. (2002) Context sensitivity in role-based access control. ACM SIGOPS Operating Systems Review, 36(3): 53-66

Li, Y., Hong, J., Landay, J. (2003) Context map: Modeling scenes of the real world for context-aware computing. in: Ubiquitous Computing (Ubi-Comp2003), 5th Int. Conf

Liscano, R., Wang, K. (2007) A context-based delegation access control model for pervasive computing. in: 21st International Conference on Advanced Information Networking and Applications Workshops - AINAW ’07, Proceedings, pp. 44-51

Mostefaoui, K.G. (2003) Security in pervasive environments, what's next?. in: International Conference on Security and Management(SAM'03), proceedings, pp. 93-96

Mostefaoui, K.G., Brezillon, P. (2004) Modeling context-based security policies with contextual graphs. in: Second IEEE Annual Conference on Pervasive Computing and Communications Workshops - PERCOMW, Proceedings, p. 28, 04

Najar, S., Saidani, O., Kirsch-Pinheiro, M., Souveyet, C., Nurcan, S. (2009) Semantic representation of context models: A framework for analyzing and understanding. in: CIAO ’09 - 1st Workshop on Context, Information and Ontologies, Proceedings, pp. 1-10

Park, M., Gu, M.S., Ryu, K.H. (2007) Context information model using ontologies and rules based on spatial object. in: Advanced Intelligent Computing Theories and Applications. With Aspects of Contemporary Intelligent Computing Techniques, pp. 107-114

Pigeot, C.E., Gripay, Y., Scuturici, M., Pierson, J.M. (2007) Context-sensitive security framework for pervasive environments. in: ECUMN'07 Fourth European Conference on Universal Multiservice Networks, Proceedings, pp. 391-400

Schilit, B., Adams, N., Want, R. (1994) Context-aware computing applications. in: Proc of IEEE workshop on mobile computing systems and applications, Washington: IEEE Computer Society, str. 85-91

Shang, C., Yang, Z., Liu, Q., Zhao, C. (2008) A context based dynamic access control model for web service. in: International conference on embedded and ubiquitous computing, IEEE/IFIP, Los Alamitos, CA, USA, IEEE Computer Society, vol. 2, str. 339-343

Sladić, G. (2012) Model kontekstno zavisne kontrole pristupa u poslovnim sistemima. Novi Sad: Fakultet tehničkih nauka, doktorska disertacija

Strang, T., Linnhoff-Popien, C. (2004) A context modeling survey. in: UbiComp 2004 - The Sixth International Conference on Ubiquitous Computing, Workshop on Advanced Context Modelling, Reasoning and Management

Strembeck, M., Neumann, G. (2004) An integrated approach to engineer and enforce context constraints in RBAC environments. ACM Transactions on Information and System Security, 7(3): 392-427

Thomas, R. (1997) Team based access control (TMAC): A primitive for applying role-based access controls in collaborative environments. in: RBAC ’97 Proceedings of the second ACM workshop on Role-based access control, pp. 13-19

Wolf, R., Keinz, T., Schneider, M. (2003) A model for context-dependent access control for web-based services with role-based approach. in: IEEE international workshop on database and expert systems applications (XIV), DEXA, proceedings, 209-214

Yau, S.S., Yao, Y., Banga, V. (2005) Situation-aware access control for service-oriented autonomous decentralized systems. in: Autonomous Decentralized Systems, Proceedings, pp. 17-24
   

About

article language: Serbian
document type: Paper
published in SCIndeks: 22/03/2013

Related records

No related records