GEO-RBAC: A spatially aware RBAC

ACM Transactions on Information and System Security

Volumn 10, Issue 1, 2007, Pages

  Damiani, Maria Luisa ^a,b   Bertino, Elisa ^c   Catania, Barbara ^d   Perlasca, Paolo ^a  

^a UNIVERSITY OF MILAN   (Italy)

^b EPFL   (Switzerland)

^c PURDUE UNIVERSITY   (United States)

^d UNIVERSITY OF GENOA   (Italy)

Author keywords

Access control model; GIS; Location based services

Indexed keywords

ACCESS CONTROL MODEL; GEOGRAPHIC DATABASE SYSTEMS; MOBILE APPLICATIONS;

CELLULAR TELEPHONE SYSTEMS; CONTROL SYSTEMS; DATABASE SYSTEMS; GEOGRAPHIC INFORMATION SYSTEMS; MATHEMATICAL MODELS; TELECOMMUNICATION SERVICES;

SECURITY OF DATA;

EID: 33847092871     PISSN: 10949224     EISSN: 15577406     Source Type: Journal    
DOI: 10.1145/1210263.1210265     Document Type: Article

References (26)

1. ATLURI, V. AND MAZZOLENI, P. 2002. A uniform indexing scheme for geo-spatial data and authorizations. In Proceedings of the 16th IFIP WG 11.3 Conference on Data and Application Security, Kluwer Academic Publ, Boston, MA. 207-218.
2. BELUSSI, A., BERTINO, E., CATANIA, B., DAMIANI, M., AND NUCITA, A. 2004. An authorization model for geographical maps. In Proceedings of the 12th Annual ACM International Workshop on Geographic Information Systems. ACM Press, New York. 82-91.
3. BERTINO, E., DAMIANI, M., AND MOMINI, D. 2004. An access-control system for a web map management service. In Proceedings of the 14th International Workshop on Research Issues on Data Engineering (RIDE'04). IEEE Computer Society, Washington, D.C. 33-39.
4. BHATTI, R., GHAFOOR, A., BERTINO, E., AND JOSHI, J. 2005. X-GTRBAC: an XML-based policy specification framework and architecture for enterprise-wide access-control. ACM Transactions on Information and System Security (TISSEC) 8, 2 (May), 187-227.
5. CHANDRAN, S. AND JOSHI, J. 2005. LoT RBAC: A location and time-based RBAC model. In Proceedings of the 6th International Conference on Web Information Systems Engineering (WISE'05). Springer-Verlag, New York. 361-375.
6. CHUN, S. AND ATLURI, V. 2000. Protecting privacy from continuous high-resolution satellite surveillance. In Proceedings of the 14th IFIP 11.3 Annual Working Conference on Database Security, Schoorl, The Netherlands. 233-244.
7. CLEMENTINI, E., FELICE, P. D., AND VAN OOSTEROM, P. 1993. A small set of formal topological relationships suitable for end-user interaction. In Proceedings of the 3rd International Symposium on Advances in Spatial Databases. Lecture Notes in Computer Science, vol. 692. Springer-Verlag, New York. 277-295.
8. COVINGTON, M., MOYER, M., AND AHAMAD, M. 2000. Generalized role-based access-control for securing future applications. In Proceedings of the 23rd National Information Systems Security Conference,
9. COVINGTON, M., LONG, W., SRINIVASAN, S., DEV, A., AHAMAD, M., AND ABOWD, G. 2001. Securing context-aware applications using environment roles. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT01). ACM Press, New York. 10-20.
10. DAMIANI, M. AND BERTINO, E. 2006. Access control and privacy in location-aware services for mobile organizations. In Proceedings of 7th Conference on Mobile Data Management (MDM'06). IEEE Computer Society, Washington, D.C. 11.
11. FERRAIOLO, D., SANDHU, R., GAVRILA, S., KUHN, D., AND CHANDRAMOULI, R. 2001. Proposed NIST standard for role-based access-control. ACM Transactions on Information and System Security (TISSEC) 4, 3 (Aug.), 224-274.
12. FORLIZZI, L., KUIJPERS, B., AND NARDELLI, E. 2003. Region-based query languages for spatial databases in the topological data model. In Proceedings of the 8th International Symposium on Spatial and Temporal Databases (SSTD'03). Lecture Notes in Computer Science, vol. 2750. Springer-Verlag, New York. 344-361.
13. HANSEN, F. AND OLESHCHUK, V. 2003a. Spatial role-based access-control model for wireless networks. In Proceedings of the 58th IEEE Vehicular Technology Conference (VTC'03). Vol. 3. IEEE Computer Society, Washington, D.C. 2093-2097.
14. HANSEN, F. AND OLESHCHUK, V. 2003b. SRBAC: a spatial role-based access-control model for mobile systems. In Proceedings of the 7th Nordic Workshop on Secure IT Systems (NORDSEC'03). Gj'vik, Norway, 129-141.
15. JOSHI, J., BERTINO, E., LATIF, U., AND GHAFOOR, A. 2005. A generalized temporal role-based access-control model. IEEE Transactions on Knowledge and Data Engineering 17, 1 (Jan.), 4-23.
16. KOLAITIS, P. AND VARDI, M. 1998. Conjunctive-query containment and constraint satisfaction. In Proceedings of the 17th ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems (PODS'98). ACM Press, New York. 205-213.
17. KUHN, D. 1997. Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control (RBAC'97). ACM Press, New York. 23-30.
18. LI, N., BIZRI, Z., AND TRIPUNITARA, M. 2004. On mutually-exclusive roles and separation of duty. In Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS'04). Washington D.C. 42-51.
19. MATHEUS, A. 2005. Declaration and enforcement of fine grained access restrictions for a service-based geospatial data infrastructure. In Proceedings of the 10th ACM Symposium on Access Control Models and Technologies (SACMAT'05). ACM Press, New York. 21-28.
20. OPEN GIS CONSORTIUM. 1999. Open GIS simple features specification for SQL. Revision 1.1.
21. OPEN GIS CONSORTIUM. 2001. The open GIS abstract specification, topic 1: Feature geometry (ISO 19107 spatial schema). Version 5.
22. OPEN GIS CONSORTIUM. 2003. Open GIS geography markup language (GML) implementation specification. Version 3.00.
23. PUREVJII, B., MAGASA, T. A., IMAI, S., AND KANAMORI, Y. 2004. An access control model for geographic data in an XML-based framework. In Proceedings of the 2nd International Workshop on Security In Information Systems (WOSIS'04). INSTICC Press, Porto, Portugal. 251-260.
24. SANDHU, R., COYNE, E., PEINSTEIN, H., AND YOUMAN, C. 1996. Role-Based Access Control Models. IEEE Computer 29, 2, 38-47.
25. SANDHU, R., FERRAIOLO, D., AND KUHN, D. 2000. The NIST model for role-based access control: towards a unified standard. In Proceedings of the 6th ACM Workshop on Role-based Access Control (RBAC'00). ACM Press, New York. 47-63.
26. STREMBECK, M. 2004. Conflict checking of separation of duty constraints in RBAC - implementation experiences. In Proceedings of the Conference on Software Engineering (SE'04), Innsbruck, Austria. 224-229.