A temporal authorization model
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
The multilevel relational (MLR) data model
ACM Transactions on Information and System Security (TISSEC)
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A lattice model of secure information flow
Communications of the ACM
Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A Temporal Access Control Mechanism for Database Systems
IEEE Transactions on Knowledge and Data Engineering
Establishing Business Rules for Inter-Enterprise Electronic Commerce
DISC '00 Proceedings of the 14th International Conference on Distributed Computing
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
An integrated approach to engineer and enforce context constraints in RBAC environments
ACM Transactions on Information and System Security (TISSEC)
Supporting conditional delegation in secure workflow management systems
Proceedings of the tenth ACM symposium on Access control models and technologies
GEO-RBAC: A spatially aware RBAC
ACM Transactions on Information and System Security (TISSEC)
The concept of decentralized and secure electronic marketplace
Electronic Commerce Research
Delegation and satisfiability in workflow systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Context-Aware Computing Applications
WMCSA '94 Proceedings of the 1994 First Workshop on Mobile Computing Systems and Applications
LoT-RBAC: a location and time-based RBAC model
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
Law-aware access control: about modeling context and transforming legislation
JSAI-isAI'09 Proceedings of the 2009 international conference on New frontiers in artificial intelligence
Benefits of Location-Based Access Control: A Literature Study
GREENCOM-CPSCOM '10 Proceedings of the 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing
| Hi-index | 0.00 |
Financial institutions are restricted by legislation and have to ensure that mobile access to data is legal in a defined context. However, today's access control solutions work but cannot decide whether an access is legal. Especially when an access from different countries is required different legislations have to be taken into account. In this paper, we address the problem of a law-compliant access in international financial environments. We present an extension to context-aware access control systems so that they incorporate legal constraints. To this end, we introduce different facets of context information, their interrelations, and describe their necessity for a law-aware access control. Finally, by using an international banking application scenario, we demonstrate how a system that follows our approach can decide about access.