Securing access to data in location-based services and mobile applications requires the definition of spatially aware access control systems. Even if some approaches have already been proposed either in the context of geographic database systems or contextaware applications, a comprehensive framework, general and flexible enough to cope with spatial aspects in real mobile applications, is still missing. In this paper, we make one step towards this direction and we present GEO-RBAC, an extension of the RBAC model to deal with spatial and location-based information. In GEORBAC, spatial entities are used to model objects, user positions, and geographically bounded roles. Roles are activated based on the position of the user. Besides a physical position, obtained from a given mobile terminal or a cellular phone, users are also assigned a logical and device independent position, representing the feature (the road, the town, the region) in which they are located. To make the model more flexible and re-usable, we also introduce the concept of role schema, specifying the name of the role as well as the type of the role spatial boundary and the granularity of the logical position. We then extend GEO-RBAC to cope with hierarchies, modeling permission, user, and activation inheritance.

GEO-RBAC : a spatially aware RBAC / E. Bertino, B. Catania, M.L. Damiani, P. Perlasca - In: SACMAT 2005 : proceedings of Tenth ACM Symposium on Access Control Models and Technologies : June 1-3, 2005, Stockholm, Sweden / [a cura di] E. Ferrari, G.J. Ahn. - New York : ACM Press, 2005. - ISBN 1595930450. - pp. 29-37 (( Intervento presentato al 10. convegno ACM Symposium on Access Control Models tenutosi a Stockholm nel 2005 [10.1145/1063979.1063985].

GEO-RBAC : a spatially aware RBAC

M.L. Damiani
Penultimo
;
P. Perlasca
Ultimo
2005

Abstract

Securing access to data in location-based services and mobile applications requires the definition of spatially aware access control systems. Even if some approaches have already been proposed either in the context of geographic database systems or contextaware applications, a comprehensive framework, general and flexible enough to cope with spatial aspects in real mobile applications, is still missing. In this paper, we make one step towards this direction and we present GEO-RBAC, an extension of the RBAC model to deal with spatial and location-based information. In GEORBAC, spatial entities are used to model objects, user positions, and geographically bounded roles. Roles are activated based on the position of the user. Besides a physical position, obtained from a given mobile terminal or a cellular phone, users are also assigned a logical and device independent position, representing the feature (the road, the town, the region) in which they are located. To make the model more flexible and re-usable, we also introduce the concept of role schema, specifying the name of the role as well as the type of the role spatial boundary and the granularity of the logical position. We then extend GEO-RBAC to cope with hierarchies, modeling permission, user, and activation inheritance.
Spatial Databases and GIS ; Security and Protection
Settore INF/01 - Informatica
Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni
2005
Association of Computing Machinery
Book Part (author)
File in questo prodotto:
File Dimensione Formato  
pubblicato.pdf

accesso aperto

Tipologia: Publisher's version/PDF
Dimensione 139.61 kB
Formato Adobe PDF
139.61 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/6340
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 207
  • ???jsp.display-item.citation.isi??? ND
social impact