Abstract | ||
---|---|---|
Role based access control (RBAC) is an established paradigm in resource protection. However, with the proliferation of mobile computing, it is being frequently observed that the RBAC access decision is directly influenced by the spatiotemporal context of both the subjects and the objects in the system. Currently, there are only a few models (STRBAC, GSTRBAC) in place which specify spatiotemporal security policy on top of the classical RBAC. In this paper we propose a complete RBAC model in spatiotemporal domain based on the idea of spatiotemporal extent. The concept of spatiotemporal role extent and spatiotemporal permission extent introduced here enables our model to specify granular spatiotemporal access control policies not specifiable in the existing approaches. Our model is also powerful enough to incorporate classical role hierarchy and other useful RBAC policies including Role based Separation of Duty and Permission based Separation of Duty in spatiotemporal domain. Healthcare is an area in which information security is of utmost importance. The risk of personal medical data leakage is especially high in mobile healthcare applications. As a proof of concept, we have implemented the proposed spatiotemporal access control method in a mobile telemedicine system. |
Year | DOI | Venue |
---|---|---|
2009 | 10.1007/978-3-642-01004-0_10 | Transactions on Computational Science |
Keywords | Field | DocType |
spatiotemporal context,mobile applications,proposed spatiotemporal access control,classical rbac,granular spatiotemporal access control,spatiotemporal domain,spatiotemporal extent,access control,spatiotemporal role extent,rbac access decision,spatiotemporal permission extent,spatiotemporal security policy,proof of concept,information security,separation of duty,role based access control,mobile computer,security policy | Mobile computing,Permission,Computer science,Computer security,Role-based access control,Information security,Role hierarchy,Access control,Security policy,Separation of duties,Distributed computing | Journal |
Volume | ISSN | Citations |
4 | 0302-9743 | 29 |
PageRank | References | Authors |
0.91 | 12 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Subhendu Aich | 1 | 33 | 2.08 |
Samrat Mondal | 2 | 100 | 18.02 |
Shamik Sural | 3 | 1008 | 96.36 |
Arun Majumdar | 4 | 105 | 10.82 |