Skip to main content
SpringerLink
Log in

Relation-Based Access Control: An Access Control Model for Context-Aware Computing Environment

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Context-aware computing is an important aspect of the pervasive computing environment and its various dynamic context information brings new challenges to access control systems. In this paper a new access control model, relation based access control (RelBAC), is provided for context-aware environment with a domain specific Description Logic to formalize the model. The novelty of RelBAC is that permissions are formalized as binary relations between subjects and objects which could evolve with the dynamic contexts. The expressive power of RelBAC is illustrated in a case study of a project meeting event.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Baader F., Calvanese D., McGuinness D. L., Nardi D., Patel-Schneider P. F. (Eds.). (2003). The description logic handbook: Theory, implementation, and applications. New York: Cambridge University Press.

    MATH  Google Scholar 

  2. Bouquet, P., Giunchiglia, F., Harmelen, F. V., Serafini, L., & Stuckenschmidt, H. (2003). C-owl: Contextualizing ontologies. In: Journal Of Web Semantics, Springer, pp. 164–179.

  3. Covington, M. J., Long, W., Srinivasan, S., Dev, A. K., Ahamad, M., & Abowd, G. D. (2001). Securing context-aware applications using environment roles. In: SACMAT ’01: Proceedings of the sixth ACM symposium on Access control models and technologies (pp. 10–20). New York, NY: ACM. http://doi.acm.org/10.1145/373256.373258

  4. Damiani, M. L., Bertino, E., Catania, B., & Perlasca, P. (2007). Geo-rbac: A spatially aware rbac. ACM Transactions on Information and System Security, 10(1).

  5. Damianou, N., Dulay, N., Lupu, E. C., & Sloman, M. (2000). Ponder: A language for specifying security and management policies for distributed systems. Imperial College Research Report DoC 2000/1. URL:citeseer.ist.psu.edu/damianou00ponder.html.

  6. Emami, S. S., Amini, M., & Zokaei, S. (2007). A context-aware access control model for pervasive computing environments. Intelligent Pervasive Computing, 0, 51–56. http://doi.ieeecomputersociety.org/10.1109/IPC.2007.6

  7. Ferraiolo, D. F., Sandhu, R. S., Gavrila, S. I., Kuhn, D. R., & Chandramouli, R. (2001). Proposed NIST standard for role-based access control. Information and System Security, 4(3), 224–274. URL:http://citeseer.ist.psu.edu/ferraiolo01proposed.html.

  8. Giunchiglia, F., Marchese, M., & Zaihrayeu, I. (2007). Encoding classifications into lightweight ontologies. Journal of Data Semantics, 8.

  9. Giunchiglia, F., Zhang, R., & Crispo, B. (2008). Relbac: Relation based access control. In: SKG ’08: Proceedings of the 2008 Fourth International Conference on Semantics, Knowledge and Grid (pp. 3–11). Washington, DC: IEEE Computer Society. http://dx.doi.org/10.1109/SKG.2008.76.

  10. Hulsebosch, R. J., Salden, A. H., Bargh, M. S., Ebben, P. W. G., & Reitsma, J. (2005). Context sensitive access control. In: SACMAT ’05: Proceedings of the tenth ACM symposium on Access control models and technologies (pp. 111–119). New York, NY: ACM. http://doi.acm.org/10.1145/1063979.1064000.

  11. Joshi J., Bertino E., Latif U., Ghafoor A. (2005) A generalized temporal role-based access control model. IEEE Transactions on Knowledge and Data Engineering 17(1): 4–23

    Article  Google Scholar 

  12. Kagal, L. (2002). Rei : A Policy Language for the Me-Centric Project. Tech. rep., HP Labs. http://www.hpl.hp.com/techreports/2002/HPL-2002-270.html.

  13. Kagal, L., Finin, T., & Joshi, A. (2003). A policy language for a pervasive computing environment. In:POLICY ’03: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks (p. 63). Washington, DC: IEEE Computer Society.

  14. Kulkarni, D., & Tripathi, A. (2008). Context-aware role-based access control in pervasive computing systems. In: SACMAT, pp. 113–122.

  15. Lampson, B. (1971). Protection. In: Proceedings of 5th Princeton Conference on Information Sciences and Systems, Princeton, 1971. Reprinted in ACM Operating Systems Rev. 8, 1, pp. 18–24

  16. Mccarthy, J. (1993). Notes on formalizing context. In: Proceedings of the Thirteenth International Joint conference on Artificial Intelligence (pp. 555–560). Morgan Kaufmann.

  17. Moyer, M. J., & Ahamad, M. (2001). Generalized role-based access control. In: ICDCS, pp. 391–398.

  18. Uszok, A., Bradshaw, J. M., Johnson, M., Jeffers, R., Tate, A., Dalton, J., & Aitken, S. (2004). Kaos policy management for semantic web services. IEEE Intelligent Systems 19(4), 32–41. http://doi.ieeecomputersociety.org/10.1109/MIS.2004.31.

    Google Scholar 

  19. Zhang, G., & Parashar, M. (2004). Context-aware dynamic access control for pervasive computing. http://citeseer.ist.psu.edu/687356.html.

  20. Zhang, R., Artale, A., Giunchiglia, F., & Crispo, B. (2009). Using description logics in relation based access control. Tech. rep., University of Trento. http://eprints.biblio.unitn.it/archive/00001611/01/024.pdf.

Download references

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Jilin University, Street Qianjin, Changchun, 2699, China

    Rui Zhang

  2. DISI, University of Trento, Via Sommarive 14, Povo, Trento, 38050, Italy

    Fausto Giunchiglia & Bruno Crispo

  3. Peking University, Beijing, China

    Lingyang Song

Authors
  1. Rui Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fausto Giunchiglia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bruno Crispo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lingyang Song
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rui Zhang.

Additional information

This work was done during the PhD program of the first author in University of Trento.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Zhang, R., Giunchiglia, F., Crispo, B. et al. Relation-Based Access Control: An Access Control Model for Context-Aware Computing Environment. Wireless Pers Commun 55, 5–17 (2010). https://doi.org/10.1007/s11277-009-9782-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-009-9782-4

Keywords

Search

Navigation