Skip to main content

Context RBAC/MAC Access Control for Ubiquitous Environment

  • Conference paper
Advances in Databases: Concepts, Systems and Applications (DASFAA 2007)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4443))

Included in the following conference series:

Abstract

Ubiquitous environment that is omnipresent is existent everywhere or seems to be always present. Such an environment is a next generation paradigm in which many invisible computers are integrated into background of our lives. However, it requires more secure technologies to protect privacy because user may access information without time and space restriction. In this paper, we propose the mechanism that a user is able to automatically access to resource by means of context aware on ubiquitous computing environments. For this purpose, we exploit Role-Based Access Control (RBAC) and Mandatory Access Control (MAC) policies, and defines extended context rules. We also provide an advanced security authorization mechanism and show how to securely preserve properties despite of dynamic change of access control privilege.

This research was supported by the MIC (Ministry of Information and Communication), Korea, under the ITRC (Information Technology Research Center) support program supervised by the IITA (Institute of Information Technology Assessment).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bertino, E., Sandhu, R.: Database security-Concepts, Approaches, and Challenges. IEEE Transaction 2(1), 2–19 (2005)

    Google Scholar 

  2. Neumann, G., Strembeck, M.: An Approach to Engineer and Enforce Context Constraints in an RBAC Environment. In: Proceeding of the eighth ACM symposium on Access control models and technologies (2003)

    Google Scholar 

  3. Roman, M., Campbell, R.H., Nahrstedt, K.: Gaia OS: A middleware infrastructure to enable Active Spaces. IEEE Pervasive Computing, 74–83 (2002)

    Google Scholar 

  4. Sampemane, G., Naldurg, P., Campbell, R.H.: Access control for Active Spaces. In: Proceedings of the Annual Computer Security Applications Conference (ACSAC), Las Vegas (2002)

    Google Scholar 

  5. Adam, N.R., Atluri, V., Bertino, E., Ferrari, E.: A Content-Based Authorization Model for Digital Libraries. IEEE Transactions on Knowledge and Data Engineering, 103–112 (2002)

    Google Scholar 

  6. Hada, S., Kudo, M.X.: Access Control Language: Provisional Authorization for XML Document. Tokyo Research Laboratory, IBM Research (October 2000)

    Google Scholar 

  7. XACML and OASIS Security Services Technical Committee. eXtendible Access Control Markup Language (xacml) committee specification 2.0 (2005)

    Google Scholar 

  8. Motta, G.H.M.B., Furuie, S.S.: A Contextual Role-Based Access Control Authorization Model for Electronic Patient Record. IEEE Transactions on Information Technology in Biomedicine 7(3), 202–207 (2003)

    Article  Google Scholar 

  9. Jiang, X., Hong, J., Landay, J.: Approximate Information Flow: Socially Based Modeling of Privacy in Pervasive Computing. To be published in proceeding, Pervasive Computing, Springer, Berlin (2002)

    Google Scholar 

  10. Phillips, C.E., Demurjian, S.A.: Security Assurance For an RBAC/MAC security Model. In: Proceeding of the IEEE, Workshop on Information Assurance, N.Y., pp. 260–267 (2003)

    Google Scholar 

  11. Moyer, M.J., Ahamad, M.: Generalized Role-Based Access Control, Distributed Computing Systems. In: Proceeding of the IEEE, 21st International Conference, pp. 391–398 (2001)

    Google Scholar 

  12. Tolone, W., Ahn, G.-J., Pai, T.: Access Control in Collaborative Systems. ACM Computing Surveys (CSUR) 37(1) (2005)

    Google Scholar 

  13. Bertino, E., Catania, B., Ferrari, E., Perlasca, P.: A System to Specify and Manage Multipolicy Access Control Models. In: Proceeding of the IEEE, Distributed Systems and Networks, pp. 116–127 (2002)

    Google Scholar 

  14. Convington, M.J., Long, W., Srinivasan, S.: Securing Context-Aware Applications Using Environment Roles. In: Proceeding of the sixth ACM symposium on Access control models and technologies (2001)

    Google Scholar 

  15. Sandhu, R.S., Cynek, E.J., Fensteink, H.L., Youmank, C.E.: Role-Based Access Control Model. IEEE Computer 29(2) (1996)

    Google Scholar 

  16. Crampton, J.: Specifying and Enforcing Constraints in Role-Based Access Control. In: Proceeding of the eighth ACM symposium on Access control models and technologies (2003)

    Google Scholar 

  17. Ahn, G.-J., Sandhu, R.: Role-based authorization constraints specification. ACM Transactions on Information and System Security 3(4) (2000)

    Google Scholar 

  18. Corradi, A., Montanari, R., Tibaldi, D.: Context-based access for pervasive service provisioning. In: Proceedings of the 28th Annual International, vol. 1, pp. 444–451 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Ramamohanarao Kotagiri P. Radha Krishna Mukesh Mohania Ekawit Nantajeewarawat

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, K.I., Ko, H.J., Hwang, H.S., Kim, U.M. (2007). Context RBAC/MAC Access Control for Ubiquitous Environment. In: Kotagiri, R., Krishna, P.R., Mohania, M., Nantajeewarawat, E. (eds) Advances in Databases: Concepts, Systems and Applications. DASFAA 2007. Lecture Notes in Computer Science, vol 4443. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71703-4_108

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-71703-4_108

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-71702-7

  • Online ISBN: 978-3-540-71703-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics