GEO-RBAC
- 1 June 2005
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
Securing access to data in location-based services and mobile applications requires the definition of spatially aware access control systems. Even if some approaches have already been proposed either in the context of geographic database systems or context-aware applications, a comprehensive framework, general and flexible enough to cope with spatial aspects in real mobile applications, is still missing. In this paper, we make one step towards this direction and we present GEO-RBAC, an extension of the RBAC model to deal with spatial and location-based information. In GEO-RBAC, spatial entities are used to model objects, user positions, and geographically bounded roles. Roles are activated based on the position of the user. Besides a physical position, obtained from a given mobile terminal or a cellular phone, users are also assigned a logical and device independent position, representing the feature (the road, the town, the region) in which they are located. To make the model more flexible and re-usable, we also introduce the concept of role schema, specifying the name of the role as well as the type of the role spatial boundary and the granularity of the logical position. We then extend GEO-RBAC to cope with hierarchies, modeling permission, user, and activation inheritance.Keywords
This publication has 5 references indexed in Scilit:
- An authorization model for geographical mapsPublished by Association for Computing Machinery (ACM) ,2004
- Spatial role-based access control model for wireless networksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2003
- Proposed NIST standard for role-based access controlACM Transactions on Information and System Security, 2001
- Securing context-aware applications using environment rolesPublished by Association for Computing Machinery (ACM) ,2001
- The NIST model for role-based access controlPublished by Association for Computing Machinery (ACM) ,2000