Enforcing spatio-temporal access control in mobile applications

被引:7
作者
Abdunabi, Ramadan [1 ]
Sun, Wuliang [1 ]
Ray, Indrakshi [1 ]
机构
[1] Colorado State Univ, Dept Comp Sci, Ft Collins, CO 80523 USA
关键词
Spatio-temporal access control; Policy enforcement;
D O I
10.1007/s00607-013-0340-2
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Mobile application technology is quickly evolving and being progressively utilized in the commercial and public sectors. Such applications make use of spatio-temporal information to provide better services and functionalities. Authorization to such services often depends on the credentials of the user and also on the location and time. Although researchers have proposed spatio-temporal access control models for such applications, not much has been done with respect to enforcement of spatio-temporal access control. Towards this end, we provide a practical framework that allows one to enforce spatio-temporal policies in mobile applications. Our policy enforcement mechanism illustrates the practical viability of spatio-temporal authorization models and discusses potential challenges with possible solutions. Specifically, we propose an architecture for enforcing spatio-temporal access control and demonstrate its feasibility by developing a prototype. We also provide a number of protocols for granting and revoking access and formally analyze these protocols using the Alloy constraint solver to provide assurance that our proposed approach is indeed secure.
引用
收藏
页码:313 / 353
页数:41
相关论文
共 51 条
[1]  
Abdunabi R, 2013, IEEE SYST J IN PRESS
[2]  
Ahn G.-J., 2000, ACM Transactions on Information and Systems Security, V3, P207, DOI 10.1145/382912.382913
[3]  
Ahn GJ, 2001, PROCEEDINGS OF THE TENTH IEEE INTERNATIONAL WORKSHOPS ON ENABLING TECHNOLOGIES: INFRASTRUCTURE FOR COLLABORATIVE ENTERPRISES, P157, DOI 10.1109/ENABL.2001.953406
[4]  
Aich S, 2007, LECT NOTES COMPUT SC, V4804, P1567
[5]  
Aich S, 2009, LECT NOTES COMPUT SC, V5430, P177, DOI 10.1007/978-3-642-01004-0_10
[6]  
ANDERSON A., 2004, OASIS ACCESS CONTROL, P13
[7]  
[Anonymous], 2005, ADDISON WESLEY OBJEC
[8]  
Bertino E., 2001, ACM Transactions on Information and Systems Security, V4, P191, DOI 10.1145/501978.501979
[9]  
Bertino Elisa., 2005, SACMAT 05, P29
[10]  
Bose B., 2010, ICWET, P518