short-paper

Modeling location attributes using XACML-RBAC model

Authors:

Maha Aburahma,

Reinhard StumptnerAuthors Info & Claims

MoMM '09: Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia

Pages 251 - 254

https://doi.org/10.1145/1821748.1821796

Published: 14 December 2009 Publication History

Get Access

Abstract

Location-based access control (LBAC) takes the requester's location into account when deciding weather the requester should be granted access to the requested resource or not. Many models have been suggested to extend the Role-based access control (RBAC) model to provide location aware access control. In this paper we consider one of the suggested models, namely Spatial Role-based access control (SRBAC) and model it using eXtensible Access Control Markup Language XACML.

References

[1]

A. Anderson. Core and hierarchical role based access control (RBAC) profile of XACML v2.0. Standard, Organization for the Advancement of Structured Information Standards (OASIS), February 2005. http://www.oasis-open.org/committees/xacml.

Google Scholar

[2]

C. A. Ardagna, M. Cremonini, E. Damiani, S. D. C. di Vimercati, and P. Samarati. Supporting location-based conditions in access control policies. In ASIACCS '06: Proceedings of the 2006 ACM Symposium on Information, computer and communications security, pages 212--222, New York, NY, USA, 2006. ACM.

Digital Library

Google Scholar

[3]

E. Bertino, B. Catania, M. L. Damiani, and P. Perlasca. GEO-RBAC: a spatially aware RBAC. In SACMAT '05: Proceedings of the tenth ACM symposium on Access control models and technologies, pages 29--37. ACM, 2005.

Digital Library

Google Scholar

[4]

I. F. Cruz, R. Gjomemo, B. Lin, and M. Orsini. A location aware role and attribute based access control system. In GIS '08: Proceedings of the 16th ACM SIGSPATIAL international conference on Advances in geographic information systems, pages 1--2, New York, NY, USA, 2008. ACM.

Digital Library

Google Scholar

[5]

M. Decker. Requirements for a location-based access control model. In MoMM '08: Proceedings of the 6th International Conference on Advances in Mobile Computing and Multimedia, pages 346--349, New York, NY, USA, 2008. ACM.

Digital Library

Google Scholar

[6]

S. Godik and T. Moses. eXtensible Access Control Markup Language (XACML) Version 1.0. Standard, Organization for the Advancement of Structured Information Standards (OASIS), February 2003. http://www.oasis-open.org/committees/xacml.

Google Scholar

[7]

F. Hansen and V. Oleshchuk. Spatial role-based access control model for wireless networks. In In Proceedings of the 58th IEEE Vehicular Technology Conference (VTCŠ 03). Vol. 3. IEEE Computer Society, 2003.

Crossref

Google Scholar

[8]

T. Moses. eXtensible Access Control Markup Language (XACML) Version 2.0. Standard, Organization for the Advancement of Structured Information Standards (OASIS), February 2003. http://www.oasis-open.org/committees/xacml.

Google Scholar

[9]

P. Samarati and S. de Vimercati. Access control: Policies, models, and mechanisms. In Foundations of Security Analysis and Design, volume 2171 of Lecture Notes in Computer Science, pages 137--196. Springer Berlin/Heidelberg, 2001.

Digital Library

Google Scholar

[10]

R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38--47, 1996.

Digital Library

Google Scholar

Cited By

View all

Ulltveit-Moe NOleshchuk V(2018)Enforcing mobile security with location-aware role-based access controlSecurity and Communication Networks10.1002/sec.8799:5(429-439)Online publication date: 20-Dec-2018
https://dl.acm.org/doi/10.1002/sec.879
El-Aziz AKannan A(2013)A survey on XML security2013 International Conference on Recent Trends in Information Technology (ICRTIT)10.1109/ICRTIT.2013.6844275(638-642)Online publication date: Jul-2013
https://doi.org/10.1109/ICRTIT.2013.6844275
El-Aziz AKannan A(2012)Storing XML documents and XML policies in relational databases2012 International Conference on Computer Communication and Informatics10.1109/ICCCI.2012.6158814(1-7)Online publication date: Jan-2012
https://doi.org/10.1109/ICCCI.2012.6158814
Show More Cited By

Index Terms

Modeling location attributes using XACML-RBAC model
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

An extended RBAC profile of XACML
SWS '06: Proceedings of the 3rd ACM workshop on Secure web services

Nowadays many organizations use security policies to control access to sensitive resources. Moreover, exchanging or sharing services and resources is essential for these organizations to achieve their business objectives. Since the eXtensible Access ...
A role-based XACML administration and delegation profile and its enforcement architecture
SWS '09: Proceedings of the 2009 ACM workshop on Secure web services

The OASIS technical committee published the XACML v3.0 administration and delegation profile (XACML-Admin) working draft on 16 April 2009 [3] in order to provide policy administration and dynamic delegation services to the XACML runtime. We enhance this ...
Runtime Administration of an RBAC Profile for XACML

The eXtensible Access Control Markup Language (XACML) is the de facto language to specify access control policies for web services. XACML has an RBAC profile (XACML-RBAC) to support role-based access control policies. We extend this profile with an ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

MoMM '09: Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia

December 2009

663 pages

ISBN:9781605586595

DOI:10.1145/1821748

General Chair:
Gabriele Kotsis
Johannes Kepler University Linz, Austria
,
Program Chairs:
David Taniar
Monash University, Australia
,
Eric Pardede
La Trobe University, Australia

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 December 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

MoMM '09

Sponsor:

MoMM '09: 7th International Conference on Mobile Computing and Multimedia

December 14 - 16, 2009

Kuala Lumpur, Malaysia

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
150
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 31 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Ulltveit-Moe NOleshchuk V(2018)Enforcing mobile security with location-aware role-based access controlSecurity and Communication Networks10.1002/sec.8799:5(429-439)Online publication date: 20-Dec-2018
https://dl.acm.org/doi/10.1002/sec.879
El-Aziz AKannan A(2013)A survey on XML security2013 International Conference on Recent Trends in Information Technology (ICRTIT)10.1109/ICRTIT.2013.6844275(638-642)Online publication date: Jul-2013
https://doi.org/10.1109/ICRTIT.2013.6844275
El-Aziz AKannan A(2012)Storing XML documents and XML policies in relational databases2012 International Conference on Computer Communication and Informatics10.1109/ICCCI.2012.6158814(1-7)Online publication date: Jan-2012
https://doi.org/10.1109/ICCCI.2012.6158814
El-Aziz AKannan A(2012)Access control for healthcare data using extended XACML-SRBAC model2012 International Conference on Computer Communication and Informatics10.1109/ICCCI.2012.6158775(1-4)Online publication date: Jan-2012
https://doi.org/10.1109/ICCCI.2012.6158775
Ulltveit-Moe NOleshchuk V(2012)Mobile Security with Location-Aware Role-Based Access ControlSecurity and Privacy in Mobile Information and Communication Systems10.1007/978-3-642-30244-2_15(172-183)Online publication date: 2012
https://doi.org/10.1007/978-3-642-30244-2_15

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

An extended RBAC profile of XACML

A role-based XACML administration and delegation profile and its enforcement architecture

Runtime Administration of an RBAC Profile for XACML