The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Protecting Privacy from Continuous High-resolution Satellite Surveillance
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
A Small Set of Formal Topological Relationships Suitable for End-User Interaction
SSD '93 Proceedings of the Third International Symposium on Advances in Spatial Databases
Access Control for Active Spaces
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Modelling Contexts in the Or-BAC Model
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
An Access Control System for a Web Map Management Service
RIDE '04 Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and E-Government Applications (RIDE'04)
An authorization model for geographical maps
Proceedings of the 12th annual ACM international workshop on Geographic information systems
TrustBAC: integrating trust relationships into the RBAC model for access control in open systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Integrating presence inference into trust management for ubiquitous systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Architectural issues for a location-aware role-based access control system
Proceedings of the 2006 ACM symposium on Applied computing
Sharing digital rights with domain licensing
Proceedings of the 4th ACM international workshop on Contents protection and security
Inverting sensor networks and actuating the environment for spatio-temporal access control
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
An extended RBAC profile of XACML
Proceedings of the 3rd ACM workshop on Secure web services
Efficient techniques for realizing geo-spatial access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Towards realizing a formal RBAC model in real systems
Proceedings of the 12th ACM symposium on Access control models and technologies
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
Location constraints in digital rights management
Computer Communications
Data security in location-aware applications: an approach based on RBAC
International Journal of Information and Computer Security
A geotemporal role-based authorisation system
International Journal of Information and Computer Security
On spatio-temporal constraints and inheritance in role-based access control
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Context-aware role-based access control in pervasive computing systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Specifying Intrusion Detection and Reaction Policies: An Application of Deontic Logic
DEON '08 Proceedings of the 9th international conference on Deontic Logic in Computer Science
On the Formal Analysis of a Spatio-temporal Role-Based Access Control Model
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
A Spatio-temporal Access Control Model Supporting Delegation for Pervasive Computing Applications
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
A location aware role and attribute based access control system
Proceedings of the 16th ACM SIGSPATIAL international conference on Advances in geographic information systems
Semantic context aware security policy deployment
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Ensuring spatio-temporal access control for real-world applications
Proceedings of the 14th ACM symposium on Access control models and technologies
Towards Achieving Personalized Privacy for Location-Based Services
Transactions on Data Privacy
Spatiotemporal Access Control Enforcement under Uncertain Location Estimates
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
A Trust-Based Access Control Model for Pervasive Computing Applications
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Security policies for the visualization of Geo Data
Proceedings of the 2nd SIGSPATIAL ACM GIS 2009 International Workshop on Security and Privacy in GIS and LBS
A spatio-temporal role-based access control model
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
STARBAC: spatiotemporal role based access control
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Architecture of context-aware workflow authorization management systems for workflow-based systems
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Modeling location attributes using XACML-RBAC model
Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia
Integrating GSTRBAC spatial constraints in X-GTRBAC
Proceedings of the 7th International Conference on Frontiers of Information Technology
A unified index structure for efficient enforcement of spatiotemporal authorisations
International Journal of Information and Computer Security
A mobile IP based WLAN security management framework with reconfigurable hardware acceleration
Proceedings of the 3rd international conference on Security of information and networks
An interoperation framework for secure collaboration among organizations
Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Rule-based policy enforcement point for map services
Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Security mechanisms for geographic data
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
Dynamic deployment of context-aware access control policies for constrained security devices
Journal of Systems and Software
A moving-object index for efficient query processing with peer-wise location privacy
Proceedings of the VLDB Endowment
Access control in geographic databases
CoMoGIS'06 Proceedings of the 2006 international conference on Advances in Conceptual Modeling: theory and practice
LoT-RBAC: a location and time-based RBAC model
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
The research for spatial role-based access control model
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
Spatial context in role-based access control
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
LRBAC: a location-aware role-based access control model
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Dynamic security rules for geo data
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
A location-based policy-specification language for mobile devices
Pervasive and Mobile Computing
Enforcing protection mechanisms for geographic data
W2GIS'12 Proceedings of the 11th international conference on Web and Wireless Geographical Information Systems
Analyzing temporal role based access control models
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
ICAF: a context-aware framework for access control
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Transformation of spatio-temporal role based access control specification to alloy
MEDI'12 Proceedings of the 2nd international conference on Model and Data Engineering
Context-awareness: exploring the imperative shared context of security and ubiquitous computing
Proceedings of the 14th International Conference on Information Integration and Web-based Applications & Services
An information flow control meta-model
Proceedings of the 18th ACM symposium on Access control models and technologies
Modelling context-aware RBAC models for mobile business processes
International Journal of Wireless and Mobile Computing
Formal specification and management of security policies with collective group obligations
Journal of Computer Security
| Hi-index | 0.00 |
Securing access to data in location-based services and mobile applications requires the definition of spatially aware access control systems. Even if some approaches have already been proposed either in the context of geographic database systems or context-aware applications, a comprehensive framework, general and flexible enough to cope with spatial aspects in real mobile applications, is still missing. In this paper, we make one step towards this direction and we present GEO-RBAC, an extension of the RBAC model to deal with spatial and location-based information. In GEO-RBAC, spatial entities are used to model objects, user positions, and geographically bounded roles. Roles are activated based on the position of the user. Besides a physical position, obtained from a given mobile terminal or a cellular phone, users are also assigned a logical and device independent position, representing the feature (the road, the town, the region) in which they are located. To make the model more flexible and re-usable, we also introduce the concept of role schema, specifying the name of the role as well as the type of the role spatial boundary and the granularity of the logical position. We then extend GEO-RBAC to cope with hierarchies, modeling permission, user, and activation inheritance.