Abstract
This paper describes an authorization model for specifying access privileges of users who make requests to access a set of locations in a building or more generally a physical or virtual infrastructure. In the model, primitive locations can be grouped into composite locations and the connectivities among locations are represented in a multilevel location graph. Authorizations are defined with temporal constraints on the time to enter and leave a location and constraints on the number of times users can access a location. Access control enforcement is conducted by monitoring user movement and checking access requests against an authorization database. The authorization model also includes rules that define the relationships among authorizations. We also describe the problem of finding inaccessible locations given a set of user specified authorizations and a multilevel location graph, and outline a solution algorithm.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Hightower, J., Borriello, G.: A survey and taxonomy of location systems for ubiquitous computing. IEEE Computer 34, 57–66 (2001)
Pitoura, E., Samaras, G.: Locating objects in mobile computing. Knowledge and Data Engineering 13, 571–592 (2001)
Awerbuch, B., Peleg, D.: Online tracking of mobile users. In: Proceedings of the ACM SIGCOMM Symposium on Communication Architectures and Protocols (1991)
RFiD Journal: Singapore fights SARS with RFID. RFiD Journal (2003), http://www.rfidjournal.com/article/articleview/446/1/1/
Beresford, A.R., Stajano, F.: Location privacy in pervasive computing. IEEE Pervasive Computing 2, 46–55 (2003)
Bertino, E., Bettini, C., Samarati, P.: A temporal authorization model. In: Proceedings of the 2nd ACM Conference on Computer and Communications Security (CCS 1994), pp. 126–135 (1994)
Gal, A., Atluri, V.: An authorization model for temporal data. In: Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS 2000), pp. 144–153 (2000)
Atluri, V., Mazzoleni, P.: A uniform indexing scheme for geospatial data and authorizations. In: IFIP WG 11.3 Sixteenth International Conference on Data and Applications Security, DBSec 2002 (2002)
Zhang, G., Parashar, M.: Context-aware dynamic access control for pervasive applications. In: Proceedings of the Communication Networks and Distributed Systems Modeling and Simulation Conference, CNDS 2004 (2004)
Jiang, X., Landay, J.A.: Modeling privacy control in context-aware systems. IEEE Pervasive Computing 1, 59–63 (2002)
Michalakis, N.: PAC: Location aware access control for pervasive computing environments. In: MIT Student Oxygen Workshop (2002)
Pradhan, S.: Semantic location. HP (2002), http://cooltown.hp.com/dev/wpapers/semantic/sematnic.asp
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yu, H., Lim, EP. (2004). LTAM: A Location-Temporal Authorization Model. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2004. Lecture Notes in Computer Science, vol 3178. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30073-1_13
Download citation
DOI: https://doi.org/10.1007/978-3-540-30073-1_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22983-4
Online ISBN: 978-3-540-30073-1
eBook Packages: Springer Book Archive