Short Paper: Towards a Location-Aware Role-Based Access Control Model

Citations Over TimeTop 10% of 2006 papers

Abstract

With the growing use of wireless networks and mobile devices, we are moving towards an era where location information will be necessary for access control. The use of location information can be used for enhancing the security of an application, and it can also be exploited to launch attacks. For critical applications, a formal model for location-based access control is needed that increases the security of the application and ensures that the location information cannot be exploited to cause harm. In this paper, we show how the Role-Based Access Control (RBAC) model can be extended to incorporate the notion of location. We show how the different components in the RBAC model are related with location and how this location information can be used to determine whether a subject has access to a given object. This model is suitable for applications consisting of static and dynamic objects, where location of the subject and object must be considered before granting access.

Related Papers

• → Configuring role-based access control to enforce mandatory and discretionary access control policies(2000)572 cited
• → Role-based Access Control (RBAC) Authorization in Kubernetes(2023)14 cited
• → Using Parameterized UML to Specify and Compose Access Control Models(2005)33 cited
• Research on Uniform Model of RBAC and MAC(2008)
• Μοντέλα ελέγχου πρόσβασης βασισμένα σε ρόλους (RBAC) : υλοποίηση με ενσωμάτωση χρονικών περιορισμών για τα Windows(2011)