Abstract
Context information plays a crucial role in dynamically changing environments and the different types of contextual conditions bring new challenges to access control. This information mostly can be derived from the crisp sets. For example, we can utilize a crisp set to derive a patient and nurse are co-located in the general ward of the hospital or not. Some of the context information characterizations cannot be made using crisp sets, however, they are equally important in order to make access control decisions. For example, a patient’s current health status is “critical” or “high critical” which are imprecise fuzzy facts, whereas “95% level of maximum blood pressure allowed” is precise. Thus, there is a growing need for integrating these kinds of fuzzy and other conditions to appropriately control context-specific access to information resources at different granularity levels. Towards this goal, this paper introduces an approach to Context-Aware Access Control using Fuzzy logic (FCAAC) for information resources. It includes a formal context model to represent the fuzzy and other contextual conditions. It also includes a formal policy model to specify the policies by utilizing these conditions. Using our formal approach, we combine the fuzzy model with an ontology-based approach that captures such contextual conditions and incorporates them into the policies, utilizing the ontology languages and the fuzzy logic-based reasoning. We justify the feasibility of our approach by demonstrating the practicality through a prototype implementation and a healthcare case study, and also evaluating the performance in terms of response time.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Weiser, M.: Some computer science issues in ubiquitous computing. Commun. ACM 36(7), 75–84 (1993)
Kayes, A.S.M., Han, J., Colman, A.: OntCAAC: an ontology-based approach to context-aware access control for software services. Comput. J. 58(11), 3000–3034 (2015)
Kayes, A.S.M., Han, J., Colman, A.W.: An ontological framework for situation-aware access control of software services. Inf. Syst. 53, 253–277 (2015)
Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: GEO-RBAC: a spatially aware RBAC. In: SACMAT, pp. 29–37 (2005)
Joshi, J., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Trans. Knowl. Data Eng. 17(1), 4–23 (2005)
Bonatti, P., Galdi, C., Torres, D.: Event-driven RBAC. J. Comput. Secur. 23(6), 709–757 (2015)
Schefer-Wenzl, S., Strembeck, M.: Modelling context-aware RBAC models for mobile business processes. IJWMC 6(5), 448–462 (2013)
Hosseinzadeh, S., Virtanen, S., Rodríguez, N.D., Lilius, J.: A semantic security framework and context-aware role-based access control ontology for smart spaces. In: SBD@SIGMOD, pp. 1–6 (2016)
Trnka, M., Cerný, T.: On security level usage in context-aware role-based access control. In: SAC, pp. 1192–1195 (2016)
Kayes, A.S.M., Han, J., Colman, A.: An ontology-based approach to context-aware access control for software services. In: Lin, X., Manolopoulos, Y., Srivastava, D., Huang, G. (eds.) WISE 2013. LNCS, vol. 8180, pp. 410–420. Springer, Heidelberg (2013). doi:10.1007/978-3-642-41230-1_34
Kayes, A.S.M., Han, J., Colman, A., Islam, M.S.: RelBOSS: a relationship-aware access control framework for software services. In: CoopIS, pp. 258–276 (2014)
Kayes, A.S.M., Han, J., Colman, A.: PO-SAAC: a purpose-oriented situation-aware access control framework for software services. In: Jarke, M., Mylopoulos, J., Quix, C., Rolland, C., Manolopoulos, Y., Mouratidis, H., Horkoff, J. (eds.) CAiSE 2014. LNCS, vol. 8484, pp. 58–74. Springer, Cham (2014). doi:10.1007/978-3-319-07881-6_5
Kayes, A.S.M., Han, J., Colman, A.: A semantic policy framework for context-aware access control applications. In: TrustCom, pp. 753–762 (2013)
Almenárez, F., Marín, A., Campo, C., García R., C.: TrustAC: Trust-based Access Control for pervasive devices. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 225–238. Springer, Heidelberg (2005). doi:10.1007/11414360_22
Cheng, P.C., Rohatgi, P., Keser, C., Karger, P.A., Wagner, G.M., Reninger, A.S.: Fuzzy multi-level security: an experiment on quantified risk-adaptive access control. In: IEEE Symposium on Security and Privacy, pp. 222–230. IEEE (2007)
Takabi, H., Amini, M., Jalili, R.: Trust-based user-role assignment in role-based access control. In: AICCSA, pp. 807–814. IEEE (2007)
Martínez-García, C., Navarro-Arribas, G., Borrell, J.: Fuzzy role-based access control. Inf. Process. Lett. 111(10), 483–487 (2011)
Feng, L., Dillon, T.S.: Using fuzzy linguistic representations to provide explanatory semantics for data warehouses. IEEE Trans. Knowl. Data Eng. 15(1), 86–102 (2003)
Dey, A.K.: Understanding and using context. Pers. Ubiquitous Comput. 5(1), 4–7 (2001)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29, 38–47 (1996)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM TISSEC 4(3), 224–274 (2001)
Riboni, D., Bettini, C.: OWL 2 modeling and reasoning with complex human activities. Pervasive Mob. Comput. 7, 379–395 (2011)
OWL: Web ontology language (2017). http://www.w3.org/2007/owl/
SWRL: Semantic web rule language (2017). http://www.w3.org/submission/swrl/
Protégé: Protégé-OWL API (2017). http://protege.stanford.edu/
Jess: Jess rule engine (2017). http://herzberg.ca.sandia.gov/
jFuzzyLogic: Fuzzy concepts and fuzzy control system in Java (2017). http://sourceforge.net/projects/jfuzzylogic
Wong, A.K.Y., Wong, J.H.K., Lin, W.W.K., Dillon, T.S., Chang, E.J.: Semantically Based Clinical TCM Telemedicine Systems. SCI, vol. 587. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46024-5
Chang, E., Hussain, F., Dillon, T.: Trust and Reputation for Service-Oriented Environments: Technologies for Building Business Intelligence and Consumer Confidence. Wiley, London (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kayes, A.S.M., Rahayu, W., Dillon, T., Chang, E., Han, J. (2017). Context-Aware Access Control with Imprecise Context Characterization Through a Combined Fuzzy Logic and Ontology-Based Approach. In: Panetto, H., et al. On the Move to Meaningful Internet Systems. OTM 2017 Conferences. OTM 2017. Lecture Notes in Computer Science(), vol 10573. Springer, Cham. https://doi.org/10.1007/978-3-319-69462-7_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-69462-7_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69461-0
Online ISBN: 978-3-319-69462-7
eBook Packages: Computer ScienceComputer Science (R0)