ACM Transactions on Programming Languages and Systems (TOPLAS)
Role-Based Access Control Models
Computer
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role Hierarchies and Constraints for Lattice-Based Access Controls
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
How to Prevent Type Flaw Attacks on Security Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Protocols for Key Establishment and Authentication
Protocols for Key Establishment and Authentication
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
Context sensitive access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Access Control and Privacy in Location-Aware Services forMobile Organizations
MDM '06 Proceedings of the 7th International Conference on Mobile Data Management
GEO-RBAC: A spatially aware RBAC
ACM Transactions on Information and System Security (TISSEC)
Lessons learned from the deployment of a smartphone-based access-control system
Proceedings of the 3rd symposium on Usable privacy and security
A geotemporal role-based authorisation system
International Journal of Information and Computer Security
NFC Devices: Security and Privacy
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
STARBAC: spatiotemporal role based access control
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
LoT-RBAC: a location and time-based RBAC model
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
LRBAC: a location-aware role-based access control model
ICISS'06 Proceedings of the Second international conference on Information Systems Security
VeriPlace: a privacy-aware location proof architecture
Proceedings of the 18th SIGSPATIAL International Conference on Advances in Geographic Information Systems
Porscha: policy oriented secure content handling in Android
Proceedings of the 26th Annual Computer Security Applications Conference
Location-based access control systems for mobile users: concepts and research directions
Proceedings of the 4th ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Prox-RBAC: a proximity-based spatially aware RBAC
Proceedings of the 19th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems
Mobi-CoSWAC: an access control approach for collaborative scientific workflow in mobile environment
ICPCA/SWS'12 Proceedings of the 2012 international conference on Pervasive Computing and the Networked World
Secure and resilient proximity-based access control
Proceedings of the 2013 international workshop on Data management & analytics for healthcare
Hi-index | 0.00 |
Proposed models for spatially-aware extensions of role-based access control (RBAC) combine the administrative and security advantages of RBAC with the dynamic nature of mobile and pervasive computing systems. However, implementing systems that enforce these models poses a number of challenges. As a solution, we propose an architecture for designing such a system. The architecture is based on an enhanced RBAC model that supports location-based access control policies by incorporating spatial constraints. Enforcing spatially-aware RBAC policies in a mobile environment requires addressing several challenges. First, one must guarantee the integrity of a user's location during an access request. We adopt a proximity-based solution using Near-Field Communication (NFC) technology. The next challenge is to verify the user's position continuously satisfies the location constraints. To capture these policy restrictions, we incorporate elements of the UCON_ABC usage control model in our architecture. In this work, we also propose a number of protocols, describe our prototype implementation, report the performance of our prototype, and evaluate the security guarantees.