Publication

Data security in location-aware applications: an approach based on RBAC

Maria Luisa Damiani
2007
Journal paper
Abstract

Data security in a mobile context is a critical issue. Over the last few years a new category of location-based services, the Enterprise LBS (ELBS), has emerged focusing on the demands of mobility in organisations. These applications pose challenging requirements, including the need of selective access to ELBS based on the position of mobile users and spatially bounded organisational roles. To deal with these requirements a novel access control system, named GEO-RBAC, has been developed. GEO-RBAC extends the NIST RBAC (Role-Based Access Control) standard with the notions of spatial role, role-dependent position, role schema and role instance. Further, roles become enabled/disabled based on the position of the user. In the paper we present GEO-RBAC, a full-fledged RBAC-based model, consisting, like RBAC, of three distinct components: the Core GEO-RBAC, the Hierarchical GEO-RBAC and the Constrained GEO-RBAC. The paper focuses on the innovative aspects that have been introduced in the model to account for the spatial dimension. Further, a rigorous specification of the model (reference model) is presented.

About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.
Related concepts (35)
Role-based access control
In computer systems security, role-based access control (RBAC) or role-based security is an approach to restricting system access to authorized users, and to implementing mandatory access control (MAC) or discretionary access control (DAC). Role-based access control is a policy-neutral access control mechanism defined around roles and privileges. The components of RBAC such as role-permissions, user-role and role-role relationships make it simple to perform user assignments.
Access control
In physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization. Locks and login credentials are two analogous mechanisms of access control. Physical security Geographical access control may be enforced by personnel (e.g. border guard, bouncer, ticket checker), or with a device such as a turnstile.
Access-control list
In computer security, an access-control list (ACL) is a list of permissions associated with a system resource (object or facility). An ACL specifies which users or system processes are granted access to resources, as well as what operations are allowed on given resourcess. Each entry in a typical ACL specifies a subject and an operation. For instance, If a file object has an ACL that contains , this would give Alice permission to read and write the file and give Bob permission only to read it.
Show more
Related publications (59)

When Your AI Becomes a Target: AI Security Incidents and Best Practices

Alexandre Massoud Alahi, Kathrin Grosse

In contrast to vast academic efforts to study AI security, few real-world reports of AI security incidents exist. Released incidents prevent a thorough investigation of the attackers' motives, as crucial information about the company and AI application is ...
AAAI Press2024

How not to get lost in the quest to publish an Open Access article?

Lorenza Salvatori, Manon Velasco

Upon attending this training, participants should have a clear understanding of what OA is; which are the most used models (Gold, Hybrid, Green...); what are the policies at national and institutional levels and how to comply with funders’ requirements; ho ...
2022

An anomaly detection approach for backdoored neural networks: face recognition as a case study

Sébastien Marcel, Alexander Carl Unnervik

Backdoor attacks allow an attacker to embed functionality jeopardizing proper behavior of any algorithm, machine learning or not. This hidden functionality can remain inactive for normal use of the algorithm until activated by the attacker. Given how steal ...
IEEE2022
Show more

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.