Skip to main content
SpringerLink
Log in

Mandatory and Location-Aware Access Control for Relational Databases

  • Conference paper
Book cover Communications Infrastructure. Systems and Applications in Europe (EuropeComm 2009)

Abstract

Access control is concerned with determining which operations a particular user is allowed to perform on a particular electronic resource. For example, an access control decision could say that user Alice is allowed to perform the operation read (but not write) on the resource research report. With conventional access control this decision is based on the user’s identity whereas the basic idea of Location-Aware Access Control (LAAC) is to evaluate also a user’s current location when making the decision if a particular request should be granted or denied. LAAC is an interesting approach for mobile information systems because these systems are exposed to specific security threads like the loss of a device. Some data models for LAAC can be found in literature, but almost all of them are based on RBAC and none of them is designed especially for Database Management Systems (DBMS). In this paper we therefore propose a LAAC-approach for DMBS and describe a prototypical implementation of that approach that is based on database triggers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bell, D.E., LaPadula, L.J.: Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report MTR-2997, The MITRE Corporation (1976)

    Google Scholar 

  2. Biba, K.J.: Integrity Considerations for Secure Computer Systems. Technical Report MTR-3153, The MITRE Corporation (1976)

    Google Scholar 

  3. Casati, F., Castano, S., Fugini, M.G.: Managing Workflow Authorization Constraints through Active Database Technology. Information Systems Frontiers 3(3), 319–338 (2001)

    Article  Google Scholar 

  4. Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison-Wesley, Wokingham (1994)

    MATH  Google Scholar 

  5. Cho, Y., Bao, L., Goodrich, M.T.: LAAC: A Location-Aware Access Control Protocol. In: Third Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services, pp. 1–7 (2006)

    Google Scholar 

  6. Damiani, M.L., Bertino, E., Perlasca, P.: Data Security in Location-Aware Applications: An Approach Based on RBAC. International Journal of Information and Computer Security 1(1/2), 5–38 (2007)

    Article  Google Scholar 

  7. Decker, M.: Location Privacy – An Overview. In: Proceedings of the International Conference on Mobile Business (ICMB 2008), Barcelona, Spain. IEEE, Los Alamitos (2008)

    Google Scholar 

  8. Decker, M.: Location-Aware Access Control: An Overview. In: Proceedings of the Conference on Wireless Applications and Computing (WAC 2009), Carvoeiro, Portugal, pp. 75–82 (2009)

    Google Scholar 

  9. Decker, M.: Prevention of Location-Spoofing. A Survey on Different methods to Prevent the Manipulation of Locating-Technologies. In: Proceedings of the International Conference on e-Business (ICE-B), Milano, Italy, pp. 109–114. INSTICC (2009)

    Google Scholar 

  10. Elmasri, R., Navathe, S.: Fundamentals of Database Systems, 4th edn. Pearson, Boston (2004)

    MATH  Google Scholar 

  11. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control, 2nd edn. Artech House, Boston (2007)

    MATH  Google Scholar 

  12. Gallagher, M.: Location-based authorization. Master’s thesis, University of Minnesota (2002)

    Google Scholar 

  13. Hansen, F., Oleshchuk, V.: SRBAC: A Spatial Role-Based Access Control Model for Mobile Systems. In: Proceedings of the Nordic Workshop on Secure IT Systems (NORDSEC), Gjovik, Norway, pp. 129–141 (2003)

    Google Scholar 

  14. Küpper, A.: Location-based Services – Fundamentals and Operation. John Wiley & Sons, Chichester (Reprint, 2007)

    Google Scholar 

  15. Lake, R., Burggraf, D.S., Trninic, M., Rae, L.: GML. Geography Mark-Up Language. Foundation for the Geo-Web. John Wiley & Sons, Chichester (2004)

    Google Scholar 

  16. Lunt, T.F., Denning, D.E., Schell, R.R., Heckman, M., Shockley, W.R.: The seaview security model. IEEE Trans. Softw. Eng. 16(6), 593–607 (1990)

    Article  Google Scholar 

  17. Ray, I., Kumar, M.: Towards a Location-based Mandatory Access Control Model. Computers & Security 25(1), 36–44 (2006)

    Article  Google Scholar 

  18. Sastry, N., Shankar, U., Wagner, D.: Secure Verification of Location Claims. In: Proceedings of the 2nd ACM Workshop on Wireless Security (WiSE 2003), San Diego, California, USA, pp. 1–10 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute AIFB, University of Karlsruhe (TH), Kaiserstr. 89, 76 128, Karlsruhe, Germany

    Michael Decker

Authors
  1. Michael Decker
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Engineering, Civil and Computational Engineering Centre, Swansea University, SA2 8PP, Swansea, United Kingdom

    Rashid Mehmood

  2. Department of Informatics Engineering, University of Coimbra, Polo II 3030-290, Coimbra, Portugal

    Eduardo Cerqueira

  3. Wroclaw Research Centre EIT+sp.zo.o, R&D: ICT Development, 54-066, Wroclaw, Poland

    Radoslaw Piesiewicz

  4. CreateNet Research Consortium, University of Trento, Via Solteri 38, 38100, Trento, Italy

    Imrich Chlamtac

Rights and permissions

Reprints and permissions

Copyright information

© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Decker, M. (2009). Mandatory and Location-Aware Access Control for Relational Databases. In: Mehmood, R., Cerqueira, E., Piesiewicz, R., Chlamtac, I. (eds) Communications Infrastructure. Systems and Applications in Europe. EuropeComm 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 16. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11284-3_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-11284-3_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-11283-6

  • Online ISBN: 978-3-642-11284-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation