Towards a theory of declarative knowledge
Foundations of deductive databases and logic programming
Some computer science issues in ubiquitous computing
Communications of the ACM - Special issue on computer augmented environments: back to the real world
Tcl and the Tk toolkit
Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role templates for content-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Proceedings of the tenth ACM Conference on Hypertext and hypermedia : returning to our diverse roots: returning to our diverse roots
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Flexible control of downloaded executable content
ACM Transactions on Information and System Security (TISSEC)
On the increasing importance of constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Supporting relationships in access control using role based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
TRBAC: a temporal role-based access control model
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Handling Obstacles in Goal-Oriented Requirements Engineering
IEEE Transactions on Software Engineering - special section on current trends in exception handling—part II
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Access control mechanisms for inter-organizational workflow
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A model of OASIS role-based access control and its support for active security
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Design and implementation of a flexible RBAC-service in an object-oriented scripting language
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Information sharing and security in dynamic coalitions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Models for coalition-based access control (CBAC)
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Understanding and Using Context
Personal and Ubiquitous Computing
Web E-Speak: Facilitating Web-Based E-Services
IEEE MultiMedia
A Content-Based Authorization Model for Digital Libraries
IEEE Transactions on Knowledge and Data Engineering
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Experience with Goal-Scenario Coupling in Requirements Engineering
RE '99 Proceedings of the 4th IEEE International Symposium on Requirements Engineering
Goal-Based Requirements Analysis
ICRE '96 Proceedings of the 2nd International Conference on Requirements Engineering (ICRE '96)
Goal-Oriented Requirements Engineering: A Guided Tour
RE '01 Proceedings of the Fifth IEEE International Symposium on Requirements Engineering
XOTcl: an object-oriented scripting language
TCLTK'00 Proceedings of the 7th conference on USENIX Tcl/Tk - Volume 7
Experiences with the enforcement of access rights extracted from ODRL-based digital contracts
Proceedings of the 3rd ACM workshop on Digital rights management
Role-based access control in ambient and remote space
Proceedings of the ninth ACM symposium on Access control models and technologies
On the role of roles: from role-based to role-sensitive access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Context-Based Access Control for Ubiquitous Service Provisioning
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
Mediation security specification and enforcement for heterogeneous databases
Proceedings of the 2005 ACM symposium on Applied computing
IEEE Transactions on Dependable and Secure Computing
Object-based and class-based composition of transitive mixins
Information and Software Technology
Context-aware role-based access control in pervasive computing systems
Proceedings of the 13th ACM symposium on Access control models and technologies
A Study on How to Classify the Security Rating of Medical Information Neural Network
ISNN '07 Proceedings of the 4th international symposium on Neural Networks: Part II--Advances in Neural Networks
From Formal Access Control Policies to Runtime Enforcement Aspects
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools
Transactions on Computational Science IV
An architecture approach to dynamic policy in RBAC
CSCWD'06 Proceedings of the 10th international conference on Computer supported cooperative work in design III
Deriving XACML policies from business process models
WISE'07 Proceedings of the 2007 international conference on Web information systems engineering
Context RBAC/MAC access control for ubiquitous environment
DASFAA'07 Proceedings of the 12th international conference on Database systems for advanced applications
Role-based secure inter-operation and resource usage management in mobile grid systems
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
A state-transfer-based dynamic policy approach for constraints in RBAC
WAIM'05 Proceedings of the 6th international conference on Advances in Web-Age Information Management
A metamodel of the b modeling of access-control policies: work in progress
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
A framework integrating attribute-based policies into role-based access control
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Context-Aware Identity Management in Pervasive Ad-hoc Environments
International Journal of Advanced Pervasive and Ubiquitous Computing
| Hi-index | 0.00 |
This paper presents an approach that uses special purpose RBAC constraints to base certain access control decisions on context information. In our approach a context constraint is defined as a dynamic RBAC constraint that checks the actual values of one or more contextual attributes for predefined conditions. If these conditions are satisfied, the corresponding access request can be permitted. Accordingly, a conditional permission is an RBAC permission which is constrained by one or more context constraints. We present an engineering process for context constraints, that is based on goal-oriented requirements engineering techniques, and describe how we extended the design and implementation of an existing RBAC service to enable the enforcement of context constraints. With our approach we aim to preserve the advantages of RBAC, and offer an additional means for the definition and enforcement of fine-grained context-dependent access control policies.