Abstract
Today advancements in information technology have led to multi-user information systems of high complexity, where users can group, collaborate and share resources. The variety of such systems include a wide range of applications such as collaborative document sharing and editing, social networks, work flow management systems, mobile location based applications etc. As those systems continue to evolve, additional requirements arise which need to be met, such as context inclusion in access control decision making and security policies that support grouping, collaboration and sharing. To address this need, we are working on expanding C-TMAC, a security model that intrinsically supports grouping, collaboration and context awareness. In this perspective, we utilize the mathematical modeling language of Colored Petri Nets, along with the CPNtools, in order to represent and analyze the basic components of C-TMAC model.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Georgiadis, C.K., Mavridis, I., Pangalos, G., Thomas, R.K.: Flexible Team-Based Access Control Using Contexts. In: Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies, Chantilly, Virginia, USA (2001)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. 4(3), 224–274 (2001)
Thomas, R.K.: Team-Based Access Control (TMAC): A Primitive for Applying Role-Based Access Controls in Collaborative Environments. In: Proceedings of the Second ACM Workshop on Role-based Access Control, Fairfax, VAUSA, pp. 13–19 (1997)
Jensen, K.: Coloured Petri Nets. Basic Concepts, Analysis Methods and Practical Use. Three Volumes (1997)
Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: A temporal role based access control model. ACM Transactions on Information and System Security 4(3), 191–223 (2001)
Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role based access control model. IEEE Transactions on Knowledge and Data Engineering 17(1), 4–23 (2005)
Covington, M.J., Long, W., Srinivasan, S., Dey, A.K., Ahamad, M., Abowd, G.D.: Securing Context-Aware Applications Using Environment Roles. In: SACMAT 2001: Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies, pp. 10–20 (2001)
Neumann, G., Strembeck, M.: An Approach to Engineer and Enforce Context Constraints in an RBAC Environment. In: SACMAT 2003: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies, pp. 65–79 (2003)
Kulkarni, D., Tripathi, A.: Context-aware role-based access control in pervasive computing systems. In: SACMAT, pp. 113–122 (2008)
Liscano, R., Wang, K.: A SIP-based Architecture model for Contextual Coalition Access Control for Ubiquitous Computing. In: Proceedings of the Second Annual Conference on Mobile and Ubiquitous Systems (MobiQuitous 2005). IEEE Computer Society Press (2005)
Freudenthal, E., Pesin, T., Port, L., Keenan, E.: dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments. In: 22nd International Conference on Distributed Computing Systems (ICDCS 2002), pp. 411–420. IEEE ( (2002)
Alotaiby, F.T., Chen, J.X.: A Model for Team-based Access Control (TMAC 2004). In: Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC 2004), vol. 2, p. 450. IEEE Computer Society, Washington, DC (2004)
Tolone, W., Ahn, G., Pai, T., Hong, S.: Access control in collaborative systems. ACM Comput. Surv. 37(1), 29–41 (2005)
Shafiq, B., Masood, A., Joshi, J., Ghafoor, A.: A role-based access control policy verification framework for real-time systems. In: WORDS 2005: Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems, pp. 13–20. IEEE Computer Society, Washington (2005)
Rakkay, H., Boucheneb, H.: Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds.) Transactions on Computational Science IV. LNCS, vol. 5430, pp. 149–176. Springer, Heidelberg (2009)
Kadloul, L., Djouani, K., Tfaili, W.: Using Timed Colored Petri Nets and CPN-tool to Model and Verify TRBAC Security Policies. In: Fourth International Workshop on Verification and Evaluation of Computer and Communication Systems, VECoS 2010 (2010)
Mondal, S., Sural, S., Atluri, V.: Towards formal security analysis of GTRBAC using timed automata. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies (SACMAT 2009), pp. 33–42. ACM, NY (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Provatidis, A.K., Georgiadis, C.K., Mavridis, I.K. (2012). Towards Colored Petri Net Modeling of Expanded C-TMAC. In: Georgiadis, C.K., Jahankhani, H., Pimenidis, E., Bashroush, R., Al-Nemrat, A. (eds) Global Security, Safety and Sustainability & e-Democracy. e-Democracy ICGS3 2011 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 99. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33448-1_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-33448-1_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33447-4
Online ISBN: 978-3-642-33448-1
eBook Packages: Computer ScienceComputer Science (R0)