Securing access to data in location- based services and mobile applications requires the definition of spatially aware access- control systems. Even if some approaches have already been proposed either in the context ...
详细信息
ISBN:
(纸本)9781595930453
Securing access to data in location- based services and mobile applications requires the definition of spatially aware access- control systems. Even if some approaches have already been proposed either in the context of geographic database systems or context- aware applications, a comprehensive framework, general and flexible enough to deal with spatial aspects in real mobile applications, is still missing. In this paper, we make one step toward this direction and present GEO- RBAC, an extension of the RBAC model enhanced with spatial- and location- based information. In GEOR-BAC, spatial entities are used to model objects, user positions, and geographically bounded roles. Roles are activated based on the position of the user. Besides a physical position, obtained from a given mobile terminal or a cellular phone, users are also assigned a logical and device- independent position, representing the feature ( the road, the town, the region) in which they are located. To enhance flexibility and reusability, we also introduce the concept of role schema, specifying the name of the role, as well as the type of the role spatial boundary and the granularity of the logical position. We then extend GEO- RBAC to support hierarchies, modeling permission, user, and activation inheritance, and separation of duty constraints. the proposed classes of constraints extend the conventional ones to deal with different granularities ( schema/ instance level) and spatial information. We conclude the paper with an analysis of several properties concerning the resulting model.
Integration of version and accesscontrol of XML documents has the benefit of regulating access to rapidly growing archives of XML documents. Versioned XML documents provide us with valuable information on dependencie...
详细信息
Integration of version and accesscontrol of XML documents has the benefit of regulating access to rapidly growing archives of XML documents. Versioned XML documents provide us with valuable information on dependencies between document nodes, but, at the same time, presenting the risk of undesirable data disclosure. In this article, we introduce the notion of relevancy- based accesscontrol, which realizes protection of versioned XML documents by various types of relevancy, such as version dependencies, schema similarities, and temporal proximity. We define a new path query language XVerPath over XML document versions, which can be utilized for specifying relevancy-based access- control policies. We also introduce the notion of relevancy class, for collectively and compactly specifying relevancy- based policies. Regarding efficient processing of access requests, we propose the packed version model, which realizes space- efficient difference- based archives of versioned XML documents and, at the same time, providing efficient evaluation of XVerPath queries. Experimental results show reasonable performance superiority over conventional methods, which do not utilize version differences.
the proceedings contain 25 papers. the topics discussed include: key management for non-tree access hierarchies;PRIMA: policy-reduced integrity measurement architecture;on classifying accesscontrol implementations fo...
详细信息
ISBN:
(纸本)1595933549
the proceedings contain 25 papers. the topics discussed include: key management for non-tree access hierarchies;PRIMA: policy-reduced integrity measurement architecture;on classifying accesscontrol implementations for distributed systems;integrating presence inference into trust management for ubiquitous systems;trust management with delegation in grouped peer-to-peer communities;fine-grained role-based delegation in presence of the hybrid role hierarchy;systematic control and management of data integrity;the secondary and approximate authorization model and its application to Bell-LaPadula policies;secure resource description framework: an accesscontrol model;a model-checking approach to analyzing organizational controls in a loan origination process;towards reasonability properties for access-control policy languages;and semantic accesscontrol for information interpolation.
IEEE 802.15.4 was developed to meet the needs for low-rate wireless communication. However, due to its low power, IEEE 802.15.4 is potentially vulnerable to interference by other wireless technologies having much high...
详细信息
IEEE 802.15.4 was developed to meet the needs for low-rate wireless communication. However, due to its low power, IEEE 802.15.4 is potentially vulnerable to interference by other wireless technologies having much higher power and working in the same industrial, scientific, and medical (ISM) band such as IEEE 802.11 b/g. the paper therefore focuses on the coexistence impact of IEEE 802.11 b/g on the IEEE 802.15.4. In this paper, we present a coexistence model of IEEE 802.15.4 and IEEE 802.11 b/g, which exposes the interactive behavior between these two standards and therefore accurately explains their coexistence performance. the model focuses on two aspects, namely power and timing. these two aspects jointly impose different impacts on the performance of IEEE 802.15.4 networks, depending on coexistence situations. To classify the coexistence situations, we introduce a concept of coexistence range, by extending the concept of sensing and interference ranges across different wireless standards. We characterize the coexistence behavior in each coexistence range and identify for each range the underlying coexistence mechanism and protocol interactions. Analytical models are proposed for the case of saturated traffic and simulation results are presented to validate the model.
this paper explores the attributes, layering models and objective functions in cross layer designs for mobile ad hoc wireless networks by taking all the statistical characteristics and constraints from the physical (P...
详细信息
this paper explores the attributes, layering models and objective functions in cross layer designs for mobile ad hoc wireless networks by taking all the statistical characteristics and constraints from the physical (PHY) layer, media accesscontrol (MAC) layer and network (NET) layer into consideration. this paper reviews the entire network optimization across all the PHY/MAC/NET layers. At the PHY layer, the adaptive modulation, adaptive channel allocation and adaptive power control are employed according to the channel conditions and different quality of service (QoS) requirements of different services. the PHY layer constraint is specified in terms of target signal to noise and interference ratio (SINR) or target bit-error-ratio (BER). At the MAC layer, a feasible scheduling policy that maximizes the overall system performance for given fairness/QoS requirements is explored through the utility functions that build a bridge between the PHY layer and MAC layer to balance the efficiency and fairness. At the NET layer, the QoS requirements include call blocking probabilities, call connection delays, packet congestion probabilities and packet loss rates. By interacting with PHY layer and MAC layer constraints, a long-term network performance is investigated at the NET layer subject to both call-level and packet-level QoS requirements.
In this paper we have addressed confidentiality and privacy for video surveillance databases. First we discussed our overall approach for suspicious event detection. Next we discussed an accesscontrol model and acced...
详细信息
ISBN:
(纸本)1595933549
In this paper we have addressed confidentiality and privacy for video surveillance databases. First we discussed our overall approach for suspicious event detection. Next we discussed an accesscontrol model and accedes control algorithms for confidentiality. Finally we discuss privacy preserving video surveillance. Our goal is build a comprehensive system that can detect suspicious events, ensure confidentiality as well as privacy. Copyright 2006 acm.
暂无评论