Paper Info
Title
A Policy Model and Framework for Context-Aware Access Control to Information Resources.
Abstract
In todayu0027s dynamic ICT environments, the ability to control usersu0027 access to resources becomes ever important. On the one hand, it should adapt to the usersu0027 changing needs; on the other hand, it should not be compromised. Therefore, it is essential to have a flexible access control model, incorporating dynamically changing context information. Towards this end, this paper introduces a policy framework for context-aware access control (CAAC) applications that extends the role-based access control model with both dynamic associations of user-role and role-permission capabilities. We first present a formal model of CAAC policies for our framework. Using this model, we then introduce an ontology-based approach and a software prototype for modelling and enforcing CAAC policies. In addition, we evaluate our policy ontology model and framework by considering (i) the completeness of the ontology concepts, specifying different context-aware user-role and role-permission assignment policies from the healthcare scenarios; (ii) the correctness and consistency of the ontology semantics, assessing the core and domain-specific ontologies through the healthcare case study; and (iii) the performance of the framework by means of response time. The evaluation results demonstrate the feasibility of our framework and quantify the performance overhead of achieving context-aware access control to information resources.
Year
Venue
DocType
2019
Comput. J.
Journal
Volume
Citations 
PageRank 
abs/1703.02162
1
0.35
References 
Authors
17
5
Name
Order
Citations
PageRank
A. S. M. Kayes17815.75
Jun Han277759.18
J. Wenny Rahayu31275106.72
Md. Saiful Islam420953.11
Alan Colman529117.99