Context sensitivity in role-based access control

Authors:
Arun Kumar;Neeran Karnik;Girish Chafle
Affiliations:
Block 1, Indian Institute of Technology, Hauz Khas, New Delhi-110016, India;Block 1, Indian Institute of Technology, Hauz Khas, New Delhi-110016, India;Block 1, Indian Institute of Technology, Hauz Khas, New Delhi-110016, India
Venue:
ACM SIGOPS Operating Systems Review
Year:
2002

Citing 10
Cited 17

Semantic file systems

SOSP '91 Proceedings of the thirteenth ACM symposium on Operating systems principles
Role-Based Access Control Models

Computer
Team-and-role-based organizational context and access control for cooperative hypermedia environments

Proceedings of the tenth ACM Conference on Hypertext and hypermedia : returning to our diverse roots: returning to our diverse roots
Supporting relationships in access control using role based access control

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Securing context-aware applications using environment roles

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A Policy Based Role Object Model

EDOC '97 Proceedings of the 1st International Conference on Enterprise Distributed Object Computing
A Context-Sensitive Access Control Model and Prototype Implementation

Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures
Role-based security for distributed object systems

WET-ICE '96 Proceedings of the 5th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'96)
Generalized Role-Based Access Control

ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems

Purpose based access control of complex data for privacy protection

Proceedings of the tenth ACM symposium on Access control models and technologies
An Analysis of Expressiveness and Design Issues for the Generalized Temporal Role-Based Access Control Model

IEEE Transactions on Dependable and Secure Computing
Purpose based access control for privacy protection in relational database systems

The VLDB Journal — The International Journal on Very Large Data Bases
A Context-Aware Mandatory Access Control Model for Multilevel Security Environments

SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
Enforcing role based access control model with multimedia signatures

Journal of Systems Architecture: the EUROMICRO Journal
Context-Based Constraints in Security: Motivations and First Approach

Electronic Notes in Theoretical Computer Science (ENTCS)
Management advantages of object classification in role-based access control (RBAC)

ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Evaluating access control of open source electronic health record systems

Proceedings of the 3rd Workshop on Software Engineering in Health Care
A feature-based approach for modeling role-based access control systems

Journal of Systems and Software
Conformance checking of dynamic access control policies

ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
A contextual multilevel access control model

International Journal of Internet Technology and Secured Transactions
LoT-RBAC: a location and time-based RBAC model

WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
A semantic context-aware access control in pervasive environments

ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part II
Spatial context in role-based access control

ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Situation-based policy enforcement

TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
RABAC: role-centric attribute-based access control

MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
FENCE: continuous access control enforcement in dynamic data stream environments

Proceedings of the third ACM conference on Data and application security and privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper describes an extended role-based access control (RBAC) model, which makes RBAC sensitive to the context of an attempted operation. Traditional RBAC does not specify whether the permissions associated with a role enable access to a particular object, or to some subset of objects belonging to a class. We extend the model by introducing the notions of role context and context filters. Context filters are Boolean expressions based on the context of the user attempting the operation, as well as the context of the object upon which the operation is attempted. By supplying context filters during the definition of a role, a security administrator can easily limit the applicability of users' role memberships to particular subsets of the target objects. We also describe our implementation of the model in a web-services platform, to illustrate how this technique is particularly valuable when the data is hierarchically structured.