You are viewing a javascript disabled version of the site. Please enable Javascript for this site to function properly.
Go to headerGo to navigationGo to searchGo to contentsGo to footer
In content section. Select this link to jump to navigation

On the formalization and analysis of a spatio-temporal role-based access control model

Issue title: DBSEC 2008

Guest editors: Vijay AtluriEditor

Article type: Research Article

Authors: Toahchoodee, Manachai | Ray, Indrakshi

Affiliations: Department of Computer Science, Colorado State University, Fort Collins, CO, USA. E-mails: toahchoo@cs.colostate.edu, iray@cs.colostate.edu

Abstract: With the growing use of wireless networks and mobile devices, we are moving towards an era of pervasive computing. Such environments will spawn new applications that use contextual information to provide enhanced services. Traditional access control models cannot protect such applications because the access requirements may be contingent upon the location of the user and the time of access. Consequently, we propose a new spatio-temporal role-based access control model that supports delegation for use in such applications. The model can be used by any application where the access is contingent not only on the role of the user, but also on the locations of the user and the object and the time of access. We describe how each entity in the role-based access control model is affected by time and location and propose constraints to express this. We also show how the formal semantics of our model can be expressed using graph-theoretic notation. The various features of our model give rise to numerous constraints that may interact with each other and result in conflicts. Thus, for any given application using our model, it is important to analyze the interaction of constraints to ensure that conflicts or security breaches do not occur. Manual analysis is tedious and error-prone. Towards this end, we show how the analysis can be automated using Coloured Petri Nets. Since automated analysis for large applications is time consuming, we propose an approach that reduces the analysis time.

Keywords: Access control model, security, requirements specification, model analysis and verification

DOI: 10.3233/JCS-2010-0418

Journal: Journal of Computer Security, vol. 19, no. 3, pp. 399-452, 2011

Published: 30 May 2011
Price: EUR 27.50
Show more