Skip to main content
SpringerLink
Log in

LoT-RBAC: A Location and Time-Based RBAC Model

  • Conference paper
Web Information Systems Engineering – WISE 2005 (WISE 2005)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3806))

Included in the following conference series:

Abstract

Recent growth in location-based mobile services has introduced a significant need for location and time-based access control to resources. High mobility of the users and services in the emerging mobile applications in particular make the issue of controlling who can access what information and resources from which locations a daunting challenge. Several RBAC based models have been proposed that attempt to capture the location based and/or time-based access control requirements in various applications. However, they have limited flexibility and granularity. In this paper, we propose a Location and Time-based RBAC (LoT-RBAC) model to address the access control requirements of highly mobile, dynamic environments to provide both location and time based control.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Hansen, F., Oleshchuk, V.: Spatial Role-Based Access Control Model for Wireless Networks. In: 2003 IEEE 58th Vehicular Technology Conference, VTC 2003-Fall, October 6-9, vol. 3, pp. 2093–2097 (2003)

    Google Scholar 

  2. Bertino, E., Catania, B., Damiani, M.L., Persasca, P.: GEO-RBAC: A Spatially Aware RBAC. In: 10th Symposium on Access Control Models and Technologies, SACMAT 2005 (2005)

    Google Scholar 

  3. Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Transactions on Knowledge and Data Engineering 17(1), 4–23 (2005)

    Article  Google Scholar 

  4. Joshi, J.B.D., Bertino, E., Ghafoor, A.: Analysis of Expressiveness and Design Issues for a Temporal Role Based Access Control Model. IEEE Transactions on Dependable and Secure Computing (accepted)

    Google Scholar 

  5. Joshi, J.B.D., Bertino, E., Ghafoor, A.: Formal Foundations for Hybrid Hierarchies in GTRBAC. ACM Transactions on Information and System Security (under review)

    Google Scholar 

  6. Joshi, J.B.D., Bertino, E., Ghafoor, A.: Temporal hierarchy and inheritance semantics for GTRBAC. In: 7th ACM Symposium on Access Control Models and Technologies, Monterey, CA, June 3-4 (2002)

    Google Scholar 

  7. Joshi, J.B.D., Bertino, E., Shafiq, B., Ghafoor, A.: Dependancies and Separation of Duty Constraints in GTRBAC. In: 8th ACM Symposium on Access Control Models and Technologies, Como, Italy, June 2-3 (2003)

    Google Scholar 

  8. Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)

    Google Scholar 

  9. Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: A temporal role-based access control model. ACM Transactions on Information & System Security 4(3), 191–233 (2001)

    Article  Google Scholar 

  10. Covington, M.J., Long, W., Srinivasan, S., Dev, A.K., Ahamad, M., Abowd, G.D.: Securing context-aware applications using environment roles. In: Proceedings of the sixth ACM symposium on Access control models and technologies, pp. 10–20. ACM Press, Chantilly (2001)

    Chapter  Google Scholar 

  11. Strembeck, M., Neumann, G.: An integrated approach to engineer and enforce context constraints in RBAC environments. ACM Transactions on Information and System Security (TISSEC) 7(3), 392–427 (2004)

    Article  Google Scholar 

  12. Ferraiolo, D.F., Sandhu, F., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access Control. ACM Transactions on Information and System Security (TISSEC) 4(3) (August 2001)

    Google Scholar 

  13. Erwig, M., Schneider, M.: Spatio-Temporal Predicates. IEEE Transactions on Knowledge and Data Engineering 14(4), 881–901 (2002)

    Article  Google Scholar 

  14. Corradi, A., Montanari, R., Tibaldi, D.: Context-based Access Control in Ubiquitous Environments. In: Proceedings. Third IEEE International Symposium on Network Computing and Applications (NCA 2004), August 30 -September 1, pp. 253–260 (2004)

    Google Scholar 

  15. Fu, S., Xu, C.-Z.: A Coordinated Spatio-Temporal Access Control Model for Mobile Computing in Coalition Environments. In: Proceedings. 19th IEEE International Parallel and Distributed Processing Symposium, April 04-08, p. 289b (2005)

    Google Scholar 

  16. Wedde, H.F., Lischka, M.: Role Based Access Control in Remote and Ambient Spaces. In: Proceedings of the ninth ACM symposium on Access control models and technologies, pp. 21–30. ACM Press, YorkTown Heights (2004)

    Chapter  Google Scholar 

  17. Jiang, H., Elmagarmid, A.K.: Spatial and temporal content-based access to hypervideo databases. The VLDB Journal 7, 226–238 (1998)

    Article  Google Scholar 

  18. Wang, W.: Team-and-Role-Based Organizational Context and Access Control for Cooperative Hypermedia Environments. In: Proceedings of Hypertext 1999: Returning to our diverse roots, Darmstadt, Germany, pp. 37–46. ACM Press, New York (1999)

    Chapter  Google Scholar 

  19. Atluri, V., Chun, S.A.: An Authorization Model for Geospatial Data. IEEE Transactions on Dependable and Secure Computing 1(4) (October-December 2004)

    Google Scholar 

  20. Narayanan, A.K.: Realms and States: A Framework for Location Aware Mobile Computing. In: Proceedings of the 1st International Workshop on Mobile Commerce, Rome, Italy, pp. 48–54 (2001)

    Google Scholar 

  21. Kumar, A., Karnik, N., Chafle, G.: Context-Sensitivity in Role-based Access Control. ACM SIGOPS Operating Systems Review 36(3), 53–66 (2002)

    Article  Google Scholar 

  22. Thomas, R.K.: Team-based Access Control (TMAC): A Primitive for Applying Role-based Access Controls in Collaborative Environments. In: Proceedings of the second ACM workshop on Role-based access control, Fairfax, Virginia, United States, pp. 13–19 (1997)

    Google Scholar 

  23. Zhang, G., Parashar, M.: Dynamic Context-aware Access Control for Grid Applications. In: Proceedings of Fourth International Workshop on Grid Computing, November 17, pp. 101–108 (2003)

    Google Scholar 

  24. Joshi, J.B.D.: Access-control language for multidomain environments. IEEE Internet Computing 8(6), 40–50 (2004)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Sciences and Telecommunications, University of Pittsburgh,  

    Suroop Mohan Chandran & J. B. D. Joshi

Authors
  1. Suroop Mohan Chandran
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. J. B. D. Joshi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Texas State University, San Marcos, TX,  

    Anne H. H. Ngu

  2. Institute of Industrial Science, The University of Tokyo, 4-6-1 Komaba, Meguro-ku, 153-8505, Tokyo, Japan

    Masaru Kitsuregawa

  3. University of Vienna, Vienna, Austria

    Erich J. Neuhold

  4. IBM Research Division, Thomas J. Watson Research Center, P.O. Box 218, 10598, New York, Yorktown Heights, USA

    Jen-Yao Chung

  5. School of Computer Science and Engineering, University of New South Wales, NSW 2052, Sydney, Australia

    Quan Z. Sheng

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chandran, S.M., Joshi, J.B.D. (2005). LoT-RBAC: A Location and Time-Based RBAC Model. In: Ngu, A.H.H., Kitsuregawa, M., Neuhold, E.J., Chung, JY., Sheng, Q.Z. (eds) Web Information Systems Engineering – WISE 2005. WISE 2005. Lecture Notes in Computer Science, vol 3806. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11581062_27

Download citation

  • DOI: https://doi.org/10.1007/11581062_27

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30017-5

  • Online ISBN: 978-3-540-32286-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation