Skip to main content
SpringerLink
Log in

Access Control Privileges Management for Risk Areas

  • Conference paper
Information Systems for Crisis Response and Management in Mediterranean Countries (ISCRAM-med 2014)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 196))

  • 870 Accesses

Abstract

This paper presents adaptive access control for areas where risks require modifying authorizations dynamically at run time to enlarge and/or restrict privileges for risk rescue teams. Resources, which have a spatial description, as well as data elements of the areas to be protected, are considered. Based on a risk scenario, principles of access control based on the ABAC (Attribute Based Access Control) model for Subjects and Objects are given. Adaptivity of access control rules apply to subjects who intervene in the risk area and who require enlarged privileges to access to resources. The Access Control Domain concept models the policies of adaptive changes to Subject/Object attributes to face the crisis events. Events have a spatial description to enable managing the crisis according to where the event has occurred, since the same event can have different impacts on the environment depending on where it happens.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Liao, W., Ou, Y., Chu, E., Shih, C., Liu, J.: Ubiquitous Smart Devices and Applications for Disaster Preparedness. In: 9th International Conference on Autonomic & Trusted Computing, UIC/ATC (2012)

    Google Scholar 

  2. Liu, J., Shih, C., Chu, E.: Cyberphysical Elements of Disaster-Prepared Smart Environments. IEEE Computer 46(2), 69–75 (2013)

    Article  Google Scholar 

  3. Liu, S., Shaw, D., Brewster, C.: Ontologies for Crisis Management: A Review of State of the Art in Ontology Design and Usability. In: The Information Systems for Crisis Response and Management conference ISCRAM (2013)

    Google Scholar 

  4. Mayrhofer, R., Schmidtke, H., Sigg, S.: Security and trust in context-aware applications. Personal and Ubiquitous Computing 1(2) (2014)

    Google Scholar 

  5. Hu, V., Ferraiolo, D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to Attribute Based Access Control (ABAC) (2014)

    Google Scholar 

  6. Rissanen, E.: eXtensible access control markup language (XACML) version 3.0., OASIS standard (2012)

    Google Scholar 

  7. In: OSIRIS - Open architecture for Smart and Interoperable networks in Risk management based on In-situ Sensors http://www.osiris-fp6.eu/ (accessed June 2014)

  8. Fugini, M., Raibulet, C., Ubezio, L.: Risk assessment in work environments: modeling and simulation. Concurrency and Computation: Practice and Experience 24(18), 2381–2403 (2012)

    Article  Google Scholar 

  9. FEMA. In: Integrated Public Alert and Warning System (IPAWS) http://www.fema.gov/emergency/ipaws/about.shtm (accessed June 2014)

  10. CAP: Common Alert Protocol, V1.2, http://docs.oasis-open.org/emergency/cap/v1.2/CAP-v1.2-os.html (accessed June 2014)

  11. Venkatasubramanian, K., Mukherjee, T., Gupta, S.: CAAC: An Adaptive and Proactive Access Control Approach for Emergencies in Smart Infrastructures. ACM Transactions on Autonomous and Adaptive Systems (TAAS) 8(4), 20 (2014)

    Article  Google Scholar 

  12. Kirkpatrick, M., Bertino, E.: Enforcing spatial constraints for mobile RBAC systems. In: The 15th ACM symposium on Access control models and technologies, pp. 99–108 (2010)

    Google Scholar 

  13. Kandala, S., Sandhu, R., Bhamidipati, V.: An attribute based framework for risk-adaptive access control models. In: Sixth International Conference on Availability, Reliability and Security (ARES), pp. 236–241. IEEE (2011)

    Google Scholar 

  14. Wu, M., Ke, C., Liu, J.: Active Role-based Access Control Model with Event-Condition-Action Rule and Case-Based Reasoning. Journal of Convergence Information Technology 6(4) (2011)

    Google Scholar 

  15. Cheng, B.H.C., et al.: Software Engineering for Self-Adaptive Systems: A research roadmap. In: Cheng, B.H.C., de Lemos, R., Giese, H., Inverardi, P., Magee, J. (eds.) Software Engineering for Self-Adaptive Systems. LNCS, vol. 5525, pp. 1–26. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  16. Fugini, M., Hadjichristofi, G., Teimourikia, M.: Adaptive Security for Risk Management Using Spatial Data. In: 25th International Conference on Database and Expert Systems Applications, DEXA (2014)

    Google Scholar 

  17. Fugini, M., Hadjichristofi, G., Teimourikia, M.: Dynamic Security Modelling in Risk Management Using Environmental Knowledge. In: 23th IEEE Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electronics, Information and Bioengineering, Politecnico di Milano, Milan, Italy

    Mariagrazia Fugini & Mahsa Teimourikia

Authors
  1. Mariagrazia Fugini
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mahsa Teimourikia
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institut de Recherche en Informatique de Toulouse IRIT, UMR 5505, Université Toulouse 1 Capitole, 2 rue du Doyen-Gabriel-Marty, Toulouse Cedex 9, 31042, France

    Chihab Hanachi

  2. Ecole des Mines d’Albi, Centre de Génie, Industriel Route de Teillet, 81000, Albi, France

    Frédérick Bénaben

  3. B038 LORIA, Université de Lorraine, BP 239-54506, Vandoeuvre-lès-Nancy Cedex, France

    François Charoy

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Fugini, M., Teimourikia, M. (2014). Access Control Privileges Management for Risk Areas. In: Hanachi, C., Bénaben, F., Charoy, F. (eds) Information Systems for Crisis Response and Management in Mediterranean Countries. ISCRAM-med 2014. Lecture Notes in Business Information Processing, vol 196. Springer, Cham. https://doi.org/10.1007/978-3-319-11818-5_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-11818-5_9

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-11817-8

  • Online ISBN: 978-3-319-11818-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation