GEO-RBAC: a spatially aware RBAC
Proceedings of the tenth ACM symposium on Access control models and technologies
High Level Conflict Management Strategies in Advanced Access Control Models
Electronic Notes in Theoretical Computer Science (ENTCS)
Security policy compliance with violation management
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Data security in location-aware applications: an approach based on RBAC
International Journal of Information and Computer Security
Role engineering: From design to evolution of security schemes
Journal of Systems and Software
Deploying access control in distributed workflow
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Specifying Intrusion Detection and Reaction Policies: An Application of Deontic Logic
DEON '08 Proceedings of the 9th international conference on Deontic Logic in Computer Science
Supporting dynamic administration of RBAC in web-based collaborative applications during run-time
International Journal of Information and Computer Security
DRM policies for web map service
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
Consistency checking of role assignments in inter-organizational collaboration
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
A Service Dependency Modeling Framework for Policy-Based Response Enforcement
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Security policies for the visualization of Geo Data
Proceedings of the 2nd SIGSPATIAL ACM GIS 2009 International Workshop on Security and Privacy in GIS and LBS
An ontology-based approach to react to network attacks
International Journal of Information and Computer Security
Multi-agents system service based platform in telecommunication security incident reaction
GIIS'09 Proceedings of the Second international conference on Global Information Infrastructure Symposium
An integrated model for access control and information flow requirements
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
FORM: a federated rights expression model for open DRM frameworks
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
A conceptual meta-model for secured information systems
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
Combining UML, ASTD and B for the formal specification of an access control filter
Innovations in Systems and Software Engineering
A contextual multilevel access control model
International Journal of Internet Technology and Secured Transactions
A dynamic access control model
Applied Intelligence
Spatial context in role-based access control
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Dynamic security rules for geo data
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Semantic access control for corporate mobile devices
ICA3PP'10 Proceedings of the 10th international conference on Algorithms and Architectures for Parallel Processing - Volume Part II
Protection of relationships in XML documents with the XML-BB model
ICISS'05 Proceedings of the First international conference on Information Systems Security
Using requirements engineering in an automatic security policy derivation process
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Future Generation Computer Systems
| Hi-index | 0.00 |
As computer infrastructures become more complex, securitymodels must provide means to handle more flexibleand dynamic requirements. In the Organization Based AccessControl (Or-BAC) model, it is possible to express suchrequirements using the notion of context. In Or-BAC, eachprivilege (permission or obligation or prohibition) only appliesin a given context. A context is viewed as an extracondition that must be satisfied to activate a given privilege.In this paper, we present a taxonomy of different typesof context and investigate the data the information systemmust manage in order to deal with these different contexts.We then explain how to model them in the Or-BAC model.