Revocation Schemes for Delegation Licences
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Semantic context aware security policy deployment
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Reaction Policy Model Based on Dynamic Organizations and Threat Context
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
An Extended Role-Based Access Control Model for Delegating Obligations
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
Security policies for the visualization of Geo Data
Proceedings of the 2nd SIGSPATIAL ACM GIS 2009 International Workshop on Security and Privacy in GIS and LBS
An ontology-based approach to react to network attacks
International Journal of Information and Computer Security
Formalization and management of group obligations
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Negotiating and delegating obligations
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
Dynamic deployment of context-aware access control policies for constrained security devices
Journal of Systems and Software
Contextual privacy management in extended role based access control model
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Dynamic security rules for geo data
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
A contextual privacy-aware access control model for network monitoring workflows: work in progress
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Using requirements engineering in an automatic security policy derivation process
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
A workflow checking approach for inherent privacy awareness in network monitoring
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Adaptive access control enforcement in social network using aspect weaving
DASFAA'12 Proceedings of the 17th international conference on Database Systems for Advanced Applications
SecuriTAS: a tool for engineering adaptive security
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
STRoBAC: spatial temporal role based access control
ICCCI'12 Proceedings of the 4th international conference on Computational Collective Intelligence: technologies and applications - Volume Part II
An Integrated Approach for the Enforcement of Contextual Permissions and Pre-Obligations
International Journal of Mobile Computing and Multimedia Communications
Enabling dynamic security policy in the java security manager
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
A privacy-aware access control model for distributed network monitoring
Computers and Electrical Engineering
Modelling context-aware RBAC models for mobile business processes
International Journal of Wireless and Mobile Computing
Formal specification and management of security policies with collective group obligations
Journal of Computer Security
Hi-index | 0.00 |
As computer infrastructures become more complex, security models must provide means to handle more flexible and dynamic requirements. In the Organization Based Access Control (OrBAC) model, it is possible to express such requirements using the notion of context. In OrBAC, each security rule (permission, prohibition, obligation or dispensation) only applies in a given context. A context is viewed as an extra condition that must be satisfied to activate a given security rule. In this paper, we present a taxonomy of different types of context and investigate the data the information system must manage in order to deal with these different contexts. We then explain how to model and evaluate them in the OrBAC model.