STARBAC: spatiotemporal role based access control

Authors:
Subhendu Aich;Shamik Sural;A. K. Majumdar
Affiliations:
School of Information Technology, Indian Institute of Technology, Kharagpur, India;School of Information Technology, Indian Institute of Technology, Kharagpur, India;Department of Computer Science & Engineering, Indian Institute of Technology, Kharagpur, India
Venue:
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Year:
2007

Citing 12
Cited 17

Role-Based Access Control Models

Computer
Role templates for content-based access control

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role-based access control: a natural approach

RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
An access control model supporting periodicity constraints and temporal reasoning

ACM Transactions on Database Systems (TODS)
An authorization model for temporal data

Proceedings of the 7th ACM conference on Computer and communications security
Securing context-aware applications using environment roles

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
TRBAC: A temporal role-based access control model

ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
A Generalized Temporal Role-Based Access Control Model

IEEE Transactions on Knowledge and Data Engineering
GEO-RBAC: a spatially aware RBAC

Proceedings of the tenth ACM symposium on Access control models and technologies
A geotemporal role-based authorisation system

International Journal of Information and Computer Security
LRBAC: a location-aware role-based access control model

ICISS'06 Proceedings of the Second international conference on Information Systems Security

Spatiotemporal Connectives for Security Policy in the Presence of Location Hierarchy

TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
Spatial Domains for the Administration of Location-based Access Control Policies

Journal of Network and Systems Management
Towards movement-aware access control

SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
Role Based Access Control with Spatiotemporal Context for Mobile Applications

Transactions on Computational Science IV
Towards formal security analysis of GTRBAC using timed automata

Proceedings of the 14th ACM symposium on Access control models and technologies
XML-based policy specification framework for spatiotemporal access control

Proceedings of the 2nd international conference on Security of information and networks
Physically restricted authentication with trusted hardware

Proceedings of the 2009 ACM workshop on Scalable trusted computing
Towards location-based access control in healthcare emergency response

Proceedings of the 2nd SIGSPATIAL ACM GIS 2009 International Workshop on Security and Privacy in GIS and LBS
Enforcing spatial constraints for mobile RBAC systems

Proceedings of the 15th ACM symposium on Access control models and technologies
Enforcing physically restricted access control for remote data

Proceedings of the first ACM conference on Data and application security and privacy
Location-based access control systems for mobile users: concepts and research directions

Proceedings of the 4th ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Prox-RBAC: a proximity-based spatially aware RBAC

Proceedings of the 19th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems
A map-layer-based access control model

WISA'11 Proceedings of the 12th international conference on Information Security Applications
Trust-aware RBAC

MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
ERBAC: event-driven RBAC

Proceedings of the 18th ACM symposium on Access control models and technologies
Specification and analysis of access control policies for mobile applications

Proceedings of the 18th ACM symposium on Access control models and technologies
Enforcing spatio-temporal access control in mobile applications

Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Role Based Access Control (RBAC) has emerged as an important access control paradigm in computer security. However, the access decisions that can be taken in a system implementing RBAC do not include many relevant factors like user location, system location, system time, etc. We propose a spatiotemporal RBAC Model (STARBAC) which reasons in spatial and temporal domain in tandem. STARBAC control command enables or disables role based on spatiotemporal conditions. The new model is able to specify a number of different types of important access requirements not expressible in existing variations of RBAC model like GEORBAC and TRBAC. The specification language we present here is powerful enough to allow logical connectives like AND (∧) and OR (∨) over spatiotemporal conditions.