Role-Based Access Control Models
Computer
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
GEO-RBAC: A spatially aware RBAC
ACM Transactions on Information and System Security (TISSEC)
A geotemporal role-based authorisation system
International Journal of Information and Computer Security
A spatio-temporal role-based access control model
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
STARBAC: spatiotemporal role based access control
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
LRBAC: a location-aware role-based access control model
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Context-aware role mining for mobile service recommendation
Proceedings of the 27th Annual ACM Symposium on Applied Computing
A formal role-based access control model for security policies in multi-domain mobile networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Proceedings of the 18th ACM symposium on Access control models and technologies
Specification and analysis of access control policies for mobile applications
Proceedings of the 18th ACM symposium on Access control models and technologies
Over-Fitting and Error Detection for Online Role Mining
International Journal of Web Services Research
| Hi-index | 0.00 |
Role based access control (RBAC) is an established paradigm in resource protection. However, with the proliferation of mobile computing, it is being frequently observed that the RBAC access decision is directly influenced by the spatiotemporal context of both the subjects and the objects in the system. Currently, there are only a few models (STRBAC, GSTRBAC) in place which specify spatiotemporal security policy on top of the classical RBAC. In this paper we propose a complete RBAC model in spatiotemporal domain based on the idea of spatiotemporal extent. The concept of spatiotemporal role extent and spatiotemporal permission extent introduced here enables our model to specify granular spatiotemporal access control policies not specifiable in the existing approaches. Our model is also powerful enough to incorporate classical role hierarchy and other useful RBAC policies including Role based Separation of Duty and Permission based Separation of Duty in spatiotemporal domain. Healthcare is an area in which information security is of utmost importance. The risk of personal medical data leakage is especially high in mobile healthcare applications. As a proof of concept, we have implemented the proposed spatiotemporal access control method in a mobile telemedicine system.