Skip to main content
SpringerLink
Log in

Control Operation Flow for Mobile Access Control with the Use of MABAC Model

  • Chapter
  • First Online:
Towards a Synergistic Combination of Research and Practice in Software Engineering

Part of the book series: Studies in Computational Intelligence ((SCI,volume 733))

Abstract

As mobile devices tend to become more and more essential part of everyday life the significance of security of applications designed for the use on such devices is constantly growing. Most of the mobile platform providers assure sophisticated security mechanisms which aim to prevent threatening applications to be published as well as they make certain security features available to use. Nevertheless, the design and implementation of these features leaves a vast area where potential enhancements can be brought to life and mistakes avoided. In order to address this field of mobile application development MABAC, an access control model was introduced which aims to characterize the access control flow specific for mobile systems. The paper describes the crucial processes connected with the MABAC model and brings closer the details of the control flow in the mobile application designed according to the rules of the model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Porter Felt A., Finifter M., Chin E., Hanna S., Wagner D.: A survey of mobile malware in the wild. In: Proceedings of 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 3–14 (2011)

    Google Scholar 

  2. Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: Proceedings of 33rd IEEE Symposium on Security and Privacy (2012)

    Google Scholar 

  3. Michalska, A., Poniszewska-Maranda, A.: Security risks and their prevention capabilities in mobile application development. Inf. Syst. Manage. 4(2), 123–134 (2015)

    Google Scholar 

  4. Apple, iOS Security. http://images.apple.com/ipad/business/docs/iOS_Security_Feb14.pdf (2014)

  5. Benedict, C.: Under the Hood: Reversing Android Applications (2001). Infosec Institute (2012)

    Google Scholar 

  6. Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A Study of android application security. In: Proceedings of 20th USENIX Security Symposium (2011)

    Google Scholar 

  7. Souppaya M. P., Scarfone K. A.: Guidelines for Managing the Security of Mobile Devices in the Enterprise. NIST (2013)

    Google Scholar 

  8. Fitzgerald, W.M., Neville, U., Foley, S.N.: MASON: mobile autonomic security for network access controls. Inf. Secur. Appl. 18(1), 14–29 (2013)

    Google Scholar 

  9. Michalska, A., Poniszewska-Maranda, A.: Secure development model for mobile applications. Bull. Polish Acad. Sci. Tech. Sci. 64(3), 495–503 (2016)

    Google Scholar 

  10. Poniszewska-Maranda, A., Majchrzycka, A.: Access control approach in development of mobile applications. In: Younas, M., et al. (eds.) Mobile Web and Intelligent Information Systems, LNCS 9847, pp. 149–162 (2016)

    Google Scholar 

  11. Ferraiolo, D., Sandhu, R.S., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Role-Based Access Control. ACM TISSEC (2001)

    Google Scholar 

  12. Ahn, G.-J., Sandhu, R.S.: Role-based authorization constraints specification. ACM Trans. Inf. Syst. Secur. (2000)

    Google Scholar 

  13. Alhamed, M., Amir, K., Omari, M., Le, W.: Comparing privacy control methods for smartphone platforms. Eng. Mobile-Enabled Syst. (2013)

    Google Scholar 

  14. Castaro S., Fugini M., Martella G., Samarati P.: Database Security. Addison-Wesley (1994)

    Google Scholar 

  15. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996)

    Article  Google Scholar 

  16. Bertino E., Bettini C., Samarati P.: Temporal access control mechanism for database systems. IEEE Trans. Knowl. Data Eng. 8 (1996)

    Google Scholar 

  17. Bertino, E., Bonatti, P., Ferrari, E.: A temporal role-based access control model. ACM Trans. Inf. Syst. Secur. 4(3), 191–233 (2001)

    Article  Google Scholar 

  18. Gal, V., Atluri, V.: An authorization model for temporal data. ACM Trans. Inf. Syst. Secur. 5(1) (2002)

    Google Scholar 

  19. James, B., Joshi, E., Bertino, U., Latif, A., Ghafoo, A.: A generalized temporal role-based access control model. IEEE Trans. Knowl. Eng. 17(1), 4–23 (2005)

    Article  Google Scholar 

  20. Park, J., Sandhu, R.S.: The UCONABC usage control model. ACM Trans. Inf. Syst. Security 7(1), 128–174 (2004)

    Article  Google Scholar 

  21. Poniszewska-Maranda, A.: Modeling and design of role engineering in development of access control for dynamic information systems. Bull. Polish Acad. Sci. Tech. Sci. 61(3), 569–580 (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Technology, Lodz University of Technology, Łódź, Poland

    Aneta Majchrzycka & Aneta Poniszewska-Maranda

Authors
  1. Aneta Majchrzycka
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aneta Poniszewska-Maranda
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aneta Poniszewska-Maranda .

Editor information

Editors and Affiliations

  1. Faculty of Cybernetics, Institute of Computer and Information Systems, Military University of Technology , Warsaw, Poland

    Piotr Kosiuczenko

  2. Wroclaw University of Science and Technology, Wrocław, Poland

    Lech Madeyski

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this chapter

Cite this chapter

Majchrzycka, A., Poniszewska-Maranda, A. (2018). Control Operation Flow for Mobile Access Control with the Use of MABAC Model. In: Kosiuczenko, P., Madeyski, L. (eds) Towards a Synergistic Combination of Research and Practice in Software Engineering. Studies in Computational Intelligence, vol 733. Springer, Cham. https://doi.org/10.1007/978-3-319-65208-5_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-65208-5_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-65207-8

  • Online ISBN: 978-3-319-65208-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation