Dynamic Security Rules for Geo Data

  • Alban Gabillon
  • Patrick Capolsini
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5939)


A powerful and flexible authorization model should be able to cope with various security requirements. We show in this paper that we can use the Or-BAC model [1] to express security policies for spatial applications. We first add to Or-BAC the spatial predicates defined in the OpenGIS Geometry Model [2]. We then show how to model various types of spatial contexts. We finally use these spatial contexts to write security policies for spatial applications.


Security Policy Spatial Context Geo-Referenced Object Moving Object 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    El-Kalam, A., El-Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miège, A., Saurel, C., Trouessin, G.: Organization Based Access Control. In: 4th IEEE International Workshop on Policies for Distributed Systems and Networks (Policy 2003). IEEE, Como (2003)Google Scholar
  2. 2.
    Herring, J.R.: OpenGIS(R) Implementation Specification for Geographic information - Simple feature access - Part 1: Common architecture. Open Geospatial Consortium Inc. OGC(R) 06-103r3 (2006)Google Scholar
  3. 3.
    Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. IEEE Computer 29, 38–47 (1996)Google Scholar
  4. 4.
    Moyer, M., Ahamad, M.: Generalized Role-Based Access Control. In: Proceedings of the 21st International Conference on Distributed Computing Systems. IEEE Computer Society, Los Alamitos (2001)Google Scholar
  5. 5.
    Park, S.-H., Han, Y.-J., Chung, T.-M.: Context-Role Based Access Control for Context-Aware Application. In: Gerndt, M., Kranzlmüller, D. (eds.) HPCC 2006. LNCS, vol. 4208, pp. 572–580. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: A temporal role-based access control model. ACM Transactions on Information and System Security (TISSEC 2001) 4, 191–233 (2001)CrossRefGoogle Scholar
  7. 7.
    Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Transactions on Knowledge and Data Engineering 17, 4–23 (2005)CrossRefGoogle Scholar
  8. 8.
    Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: GEO-RBAC: A spatially Aware RBAC. In: ACM Symposium on Access Control Models and Technologies (SACMAT 2005), Stockholm, Sweeden, pp. 29–37 (2005)Google Scholar
  9. 9.
    Atluri, V., Chun, S.A.: A geotemporal role-based authorization system. International Journal of Information and Computer Security 1, 143–168 (2007)CrossRefGoogle Scholar
  10. 10.
    Cuppens, F., Miège, A.: Modeling Contexts in the Or-BAC Model. In: 19th Annual Computer Security Applications Conference (ACSAC 2003), Las Vegas, NV, USA (2003)Google Scholar
  11. 11.
    Cuppens, F., Cuppens-Boulahia, N.: Modeling Contextual security policies. International Journal of Information Security (IJIS 2008) 7, 285–305 (2008)CrossRefGoogle Scholar
  12. 12.
    OGC: Open Geospatial Consortium Inc. - About Us (2008)Google Scholar
  13. 13.
    Cuppens, F., Cuppens-Boulahia, N., Miège, A.: Inheritance hierarchies in the Or-BAC model and application in a network environment. In: Second Foundation of Computer Security WorkShop (FCS 2004), Turku, Finland (2004)Google Scholar
  14. 14.
    Cuppens, F., Cuppens-Boulahia, N., Ghorbel, M.B.: High Level Conflict Management Strategies in Advanced Access Control Models. Electronic Notes in Theoretical Computer Science (ENTCS) 186, 3–26 (2007)CrossRefGoogle Scholar
  15. 15.
    Janée, G., Frew, J., Hill, L.L.: Issues in Geo-referenced Digital Libraries. D-Lib Magazine 10 (2004)Google Scholar
  16. 16.
    Rigaux, P., Scholl, M., Voisard, A.: Spatial Databases with application to GIS. Elsevier, Amsterdam (2002)Google Scholar
  17. 17.
    Damiani, M.L., Silvestri, C.: Towards movement-aware access control. In: ACM SIGSPATIAL GIS 2008 International Workshop on Security and Privacy in GIS and LBS (SPRINGL2008), pp. 39–45. Association for Computing Machinery, Irvine (2008)CrossRefGoogle Scholar
  18. 18.
    Bertino, E., Damiani, M.L., Momini, D.: An access control system for a Web map management service. In: Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for e-Commerce and e-Government Applications (RIDE 2004), pp. 33–39 (2004)Google Scholar
  19. 19.
    Belussi, A., Bertino, E., Catania, B., Damiani, M.L., Nucita, A.: An Authorization model for geographical maps. In: Proceedings of the 12th annual ACM International Workshop on Geographic Information Systems (RIDE 2004), Washington DC, USA, pp. 82–91 (2004)Google Scholar
  20. 20.
    Hansen, F., Oleshchuk, V.: SRBAC: A spatial Role-Based Access Control Model for Mobile Systems. In: 7th Nordic workshop on secure IT systems (NORDSEC 2003), Gjvik, Norway, pp. 129–141 (2003)Google Scholar
  21. 21.
    Matheus, A., Herrmann, J.: Geospatial eXtensible Access Control Markup Language (GeoXACML). Open Geospatial Consortium Inc. OGC(R) 07-026r2 (2008)Google Scholar
  22. 22.
    Gabillon, A., Capolsini, P.: DRM policies for Web Map Service. In: ACM SIGSPATIAL GIS 2008 International Workshop on Security and Privacy in GIS and LBS (SPRINGL 2008), pp. 20–29. Association for Computing Machinery, Irvine (2008)CrossRefGoogle Scholar
  23. 23.
    Chandran, S.M., Joshi, J.B.D.: LoT-RBAC: A location and time-based RBAC model. In: Ngu, A.H.H., Kitsuregawa, M., Neuhold, E.J., Chung, J.-Y., Sheng, Q.Z. (eds.) WISE 2005. LNCS, vol. 3806, pp. 361–375. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  24. 24.
    Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: GEO-RBAC: A spatially Aware RBAC. ACM Transactions on Information Systems and Security, 1–34 (2006)Google Scholar
  25. 25.
    Chun, S.A., Atluri, V.: Protecting privacy from continuous high-resolution satellite surveillance. In: Proceedings of the 14th IFIP 11.3 Annual Working Conference on Database Security, Schoorl, The Netherlands, pp. 233–244 (2000)Google Scholar
  26. 26.
    Atluri, V., Mazzoleni, P.: A uniform indexing scheme for geo-spatial data and authorizations. In: Proceedings of the 16th IFIP WG 11.3 Conference on Data and Application Security (2002)Google Scholar
  27. 27.
    Atluri, V., Chun, S.A.: An authorization Model for Geospatial Data. IEEE Transactions on Dependable and Secure Computing 1, 238–254 (2004)CrossRefGoogle Scholar
  28. 28.
    Autrel, F., Cuppens, F., Cuppens-Boulahia, N., Coma, C.: MotOrBAC 2: a security policy tool. In: 3rd Conference on Security in Network Architectures and Information Systems (SAR-SSI 2008), Loctudy, France, pp. 273–288 (2008)Google Scholar
  29. 29.
    Carroll, J.J., Dickinson, I., Dollin, C., Reynolds, D., Seaborne, A., Wilkinson, K.: Jena: Implementing the semantic web recommendations. In: Proceedings of the 13th international World Wide Web conference on Alternate track papers & posters, New York, USA, pp. 74–83 (2004)Google Scholar
  30. 30.
    Hergé: Destination Moon (The adventures of Tintin). Casterman (1953)Google Scholar
  31. 31.
    Spaccapietra, S., Parent, C., Damiani, M.L., Macedo, J.A.d., Porto, F., Vangenot, C.: A Conceptual View on Trajectories. Data and Knowledge Engineering 65, 124–146 (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Alban Gabillon
    • 1
  • Patrick Capolsini
    • 1
  1. 1.Université de la Polynésie Française, Laboratoire GePaSud, BP 6570 – 98702 FAA’A – Tahiti – Polynésie française 

Personalised recommendations