Abstract
This paper presents adaptive access control for areas where risks require modifying authorizations dynamically at run time to enlarge and/or restrict privileges for risk rescue teams. Resources, which have a spatial description, as well as data elements of the areas to be protected, are considered. Based on a risk scenario, principles of access control based on the ABAC (Attribute Based Access Control) model for Subjects and Objects are given. Adaptivity of access control rules apply to subjects who intervene in the risk area and who require enlarged privileges to access to resources. The Access Control Domain concept models the policies of adaptive changes to Subject/Object attributes to face the crisis events. Events have a spatial description to enable managing the crisis according to where the event has occurred, since the same event can have different impacts on the environment depending on where it happens.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Liao, W., Ou, Y., Chu, E., Shih, C., Liu, J.: Ubiquitous Smart Devices and Applications for Disaster Preparedness. In: 9th International Conference on Autonomic & Trusted Computing, UIC/ATC (2012)
Liu, J., Shih, C., Chu, E.: Cyberphysical Elements of Disaster-Prepared Smart Environments. IEEE Computer 46(2), 69–75 (2013)
Liu, S., Shaw, D., Brewster, C.: Ontologies for Crisis Management: A Review of State of the Art in Ontology Design and Usability. In: The Information Systems for Crisis Response and Management conference ISCRAM (2013)
Mayrhofer, R., Schmidtke, H., Sigg, S.: Security and trust in context-aware applications. Personal and Ubiquitous Computing 1(2) (2014)
Hu, V., Ferraiolo, D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to Attribute Based Access Control (ABAC) (2014)
Rissanen, E.: eXtensible access control markup language (XACML) version 3.0., OASIS standard (2012)
In: OSIRIS - Open architecture for Smart and Interoperable networks in Risk management based on In-situ Sensors http://www.osiris-fp6.eu/ (accessed June 2014)
Fugini, M., Raibulet, C., Ubezio, L.: Risk assessment in work environments: modeling and simulation. Concurrency and Computation: Practice and Experience 24(18), 2381–2403 (2012)
FEMA. In: Integrated Public Alert and Warning System (IPAWS) http://www.fema.gov/emergency/ipaws/about.shtm (accessed June 2014)
CAP: Common Alert Protocol, V1.2, http://docs.oasis-open.org/emergency/cap/v1.2/CAP-v1.2-os.html (accessed June 2014)
Venkatasubramanian, K., Mukherjee, T., Gupta, S.: CAAC: An Adaptive and Proactive Access Control Approach for Emergencies in Smart Infrastructures. ACM Transactions on Autonomous and Adaptive Systems (TAAS)Â 8(4), 20 (2014)
Kirkpatrick, M., Bertino, E.: Enforcing spatial constraints for mobile RBAC systems. In: The 15th ACM symposium on Access control models and technologies, pp. 99–108 (2010)
Kandala, S., Sandhu, R., Bhamidipati, V.: An attribute based framework for risk-adaptive access control models. In: Sixth International Conference on Availability, Reliability and Security (ARES), pp. 236–241. IEEE (2011)
Wu, M., Ke, C., Liu, J.: Active Role-based Access Control Model with Event-Condition-Action Rule and Case-Based Reasoning. Journal of Convergence Information Technology 6(4) (2011)
Cheng, B.H.C., et al.: Software Engineering for Self-Adaptive Systems: A research roadmap. In: Cheng, B.H.C., de Lemos, R., Giese, H., Inverardi, P., Magee, J. (eds.) Software Engineering for Self-Adaptive Systems. LNCS, vol. 5525, pp. 1–26. Springer, Heidelberg (2009)
Fugini, M., Hadjichristofi, G., Teimourikia, M.: Adaptive Security for Risk Management Using Spatial Data. In: 25th International Conference on Database and Expert Systems Applications, DEXA (2014)
Fugini, M., Hadjichristofi, G., Teimourikia, M.: Dynamic Security Modelling in Risk Management Using Environmental Knowledge. In: 23th IEEE Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE (2014)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Fugini, M., Teimourikia, M. (2014). Access Control Privileges Management for Risk Areas. In: Hanachi, C., Bénaben, F., Charoy, F. (eds) Information Systems for Crisis Response and Management in Mediterranean Countries. ISCRAM-med 2014. Lecture Notes in Business Information Processing, vol 196. Springer, Cham. https://doi.org/10.1007/978-3-319-11818-5_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-11818-5_9
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11817-8
Online ISBN: 978-3-319-11818-5
eBook Packages: Computer ScienceComputer Science (R0)