List of Journals    /    Call For Papers    /    Subscriptions    /    Login
 
 
 
 
 SEARCH
By Author By Title
 
 
ABOUT CSC
 About CSC Journals
 CSC Journals Objectives
 List of Journals
 CALL FOR PAPERS
 Call For Papers CFP
 Special Issue CFP
AUTHOR GUIDELINES
 Submission Guidelines
 Peer Review Process
 Helpful Hints For Getting Published
 Plagiarism Policies
 Abstracting & Indexing
 Open Access Policy
 Submit Manuscript
 FOR REVIEWERS
 Reviewer Guidelines
 FOR EDITORIAL
 Editor Guidelines
 Join Us As Editor
 Launch Special Issue
 Suggest New Journal
 CSC LIBRARY
 Browse CSC Library
 Open Access Policy
  SERVICES
 Conference Partnership Program (CPP)
 Abstracting & Indexing
 SUBSCRIPTIONS
 Subscriptions
 Discounted Packages
 Archival Subscriptions
 How to Subscribe
 Librarians
 Subscriptions Agents
 Order Form
 DOWNLOADS
 
 
 
 
Hierarchies in Contextual Role- Based Access Control Model (C-RBAC)
Full text
 PDF(137.3KB)
Source 
International Journal of Computer Science and Security (IJCSS)
Table of Contents
Download Complete Issue    PDF(1016.41KB)
Volume:  2    Issue:  4
Pages:  1-42
Publication Date:   August 2008
ISSN (Online): 1985-1553
Pages 
28 - 42
Author(s)  
 
Published Date   
15-11-2008 
Publisher 
CSC Journals, Kuala Lumpur, Malaysia
ADDITIONAL INFORMATION
Keywords   Abstract   References   Cited by   Related Articles   Collaborative Colleague
 
KEYWORDS:    
 
 
This Manuscript is indexed in the following databases/websites:-
1. Directory of Open Access Journals (DOAJ)
2. Free-Books-Online
3. Docstoc
4. Scribd
5. PDFCAST
6. CiteSeerX
7. Google Scholar
8. ScientificCommons
9. Bielefeld Academic Search Engine (BASE)
10. ResearchGATE
11. refSeek
12. Academic Index
13. iSEEK
14. Microsoft Academic Search
15. Socol@r
16. Libsearch
17. slideshare
 
 
Hierarchical representation is a natural way of organizing roles in role-based access control systems. Besides its advantages of providing a way of establishing parent-child relationships among different roles, it also provides a facility to design and organize context dependant application roles that users may activate depending on their current context (spatial, temporal) conditions. In this paper, we show that if spatial roles are organized in hierarchical relationships, it can cause the problem of disambiguation in making access control decisions especially when the user moves from one location to another location frequently in a single transaction and a single session. We extend our work of Contextual Role-Based Access Control (C-RBAC) by introducing hierarchical relationship among subject, location and purpose roles and solve the disambiguation problem in hierarchy by considering user motion direction and his/her context roles (spatial and spatial purpose) in order to make more fine grained and better access control decisions. 
 
 
 
1 [1] . Health Insurance Portability & Accountability Act http://www.hipaa.org
2 [2] . Hansen F, Oleshchuk V. Spatial role-based access control model for wireless networks. In Proceedings of 58th IEEE Vehicular Technology Conference (VTC’03), 2093-2097, Orlando, Florida, 2003
3 [3] . Bertino E, Catania B, Damiani ML, Persasca P. GEO-RBAC: A Spatially Aware RBAC. In Proceedings of 10th Symposium on Access Control Models and Technologies (SACMAT'05), 29-37, 2005
4 [4] . Corradi A, Montanari R, Tibaldi D. Context-based Access Control in Ubiquitous Environments. In Proceedings of 3rd IEEE International Symposium on Network Computing and Applications (NCA 2004), 253-260, 2004
5 [5] . Fu S, Xu C. A Coordinated Spatio-Temporal Access Control Model for Mobile Computing in Coalition Environments. In Proceedings of 19th IEEE International Conference on Parallel and Distributed Processing, 289b-289b, Denver, CA, USA, 2005.
6 [6] . Joshi JBD, Bertino E, Shafiq B, Ghafoor A. Dependencies and Separation of Duty Constraints in GTRBAC. In Proceedings of 8th ACM Symposium on Access Control Models and Technologies, 51-64, Como, Italy, 2003.
7 Joshi JBD, Bertino E, Latif U, Ghafoor A. A generalized temporal role-based access control model. IEEE Transactions on Knowledge and Data Engineering, 17(1): 4-23, 2005.
8 [8] . Joshi JBD, Bertino E, Ghafoor A. Analysis of Expressiveness and Design Issues for a Generalized Temporal Role Based Access Control Model. IEEE Transactions on Dependable and Secure Computing, 2(2):157-175, 2005
9 Yasuda M, Tachikawa T, Takizawa M. A purpose-oriented access control model. In Proceedings of 13th International Conference on Information Networking, 168-173, Cheju, Korea, 1998.
10 Covington MJ, Moyer MJ, Ahmad M. Generalized role-based access control for securing future applications. In Proceedings of the 23rd National Information Systems Security Conference. Baltimore, MD, USA, 2000.
11 Byun J, Bertino E, Ninghui L. Purpose Based Access Control for Privacy Protection in Relational Database Systems. Technical Report 2004-52, Purdue University, USA, 2004.
12 Tahir N. Contextual Role-Based Access Control, Ubiquitous Computing and Communication Journal, 2(3), 2007
13 Sandhu R, Ferraiolo D, Kuhn R. The NIST Model for Role-Based Access Control: Towards A Unified Standard. In Proceedings of 5th ACM Workshop on Role-Based Access Control, 47-63, Berlin, Germany, 2000
14 S. Chandaran and J. Joshi. LoT-RBAC: A location and time-based RBAC model. In Proceedings of the 6th International Conference on Web Information Systems Engineering (WISE’05). Page(s): 361-375, NewYork, USA, 2005.
15 [15] . Yialelis N, Sloman M. A Security Framework Supporting Domain-Based Access Control in Distributed Systems. In Proceedings of IEEE ISOC Symposium on Network and Distributed Systems Security'96 1996; 26-34, San Diego
16 Lee KH. A Distributed Network Management System with Multi-level Domain Approach. In Proceedings of International Conference on Communication Systems ICCS 1994; 789-793, Singapore.
17 Sloman M. Policy Driven Management for Distributed Systems. Journal of Network and Systems Management; 2(4): 333-361, 1994.
18 Constantine E. A role-based framework for distributed systems management. PhD Thesis, University of London, July 1998.
19 Gramm-Leach-Bliley Act (GLB Act): U.S. Senate Committee on Banking, Housing, and Urban Affairs http://banking.senate.gov/conf
20 [20] . Personal Information Protection and Electronic Documents Act http://www.nymity.com/pipeda/
21 A. Hameed, M. N. Tahir, S. Rehman. Impact of Role-Based Access Control in e-Governance. In Proceedings of 3rd International Conference on E-Governance, Lahore, Pakistan, 2005.
22 http://www.google.com/search?hl=en&rlz=1T4GFRC_en___MY202&defl=en&q=define:purpose&sa=X&oi= glossary_definition&ct=title
 
 
 
1 W. Tang, J. Ni, M. Chen and X. Yang, “Contextual Role-Based Security Enhancement Mechanism for 2G-RFID Systems”, in Proceedings, Computer Communications Workshops (INFOCOM WKSHPS), IEEE Conference, Shanghai, 10-15 April 2011, pp. 942-946.
2 S. Gkarafli and A. A. Economides, “Comparing The Proof By Knowledge Authentication Techniques”, International Journal of Computer Science and Security (IJCSS), 4(2), pp. 237 – 255, 2010.
3 M. N. Tahir, “Purpose Engineering for Contextual Role-Based Access Control (C-RBAC)”, International Journal of Engineering (IJE), 2(3), pp. 41 – 50, 2008.
4 W. Tang, M. Chen, J. Ni and X. Yang “Security Enhancement Mechanism Based on Contextual Authentication and Role Analysis for 2G-RFID Systems”. Sensors, 11(7), pp. 6743-6759. 2011.
 
 
 
 
 
Muhammad Nabeel Tahir : Colleagues  
 
 
 
  Untitled Document
 
Copyrights (c) 2012 Computer Science Journals. All rights reserved.
Best viewed at 1152 x 864 resolution. Microsoft Internet Explorer.
 
  
 
Copyrights & Usage: Articles published by CSC Journals are Open Access. Permission to copy and distribute any other content, images, animation and other parts of this website is prohibited. CSC Journals has the rights to take action against individual/group if they are found victim of copying these parts of the website.