• Title/Summary/Keyword: Context-Based Role Model

Search Result 182, Processing Time 0.026 seconds

Extended Role-Based Access Control with Context-Based Role Filtering

  • Liu, Gang;Zhang, Runnan;Wan, Bo;Ji, Shaomin;Tian, Yumin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.3
    • /
    • pp.1263-1279
    • /
    • 2020
  • Activating appropriate roles for a session in the role-based access control (RBAC) model has become challenging because of the so-called role explosion. In this paper, factors and issues related to user-driven role management are analysed, and a session role activation (SRA) problem based on reasonable assumptions is proposed to describe the problem of such role management. To solve the SRA problem, we propose an extended RBAC model with context-based role filtering. When a session is created, context conditions are used to filter roles that do not need to be activated for the session. This significantly reduces the candidate roles that need to be reviewed by the user, and aids the user in rapidly activating the appropriate roles. Simulations are carried out, and the results show that the extended RBAC model is effective in filtering the roles that are unnecessary for a session by using predefined context conditions. The extended RBAC model is also implemented in the Apache Shiro framework, and the modifications to Shiro are described in detail.

Context Conflicts of Role-Based Access Control in Ubiquitous Computing Environment (유비쿼터스 컴퓨팅 환경의 역할 기반 접근제어에서 발생하는 상황 충돌)

  • Nam Seung-Jwa;Park Seog
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.2
    • /
    • pp.37-52
    • /
    • 2005
  • Traditional access control models like role-based access control model are insufficient in security needs in ubiquitous computing environment because they take no thought of access control based on user's context or environment condition. In these days, although researches on context-aware access control using user's context or environment conditions based on role-based access control are emerged, they are on the primary stage. We present context definitions md an access control model to provide more flexible and dynamic context-aware access control based on role-based access control. Specially, we describe the conflict problems occurred in the middle of making an access decision. After classifying the conflict problems, we show some resolutions to solve them. In conclusion, we will lay the foundations of the development of security policy and model assuring right user of right object(or resource) and application service through pre-defined context and context classification in ubiquitous computing environments. Beyond the simplicity of access to objects by authorized users, we assure that user can access to the object, resource, or service anywhere and anytime according to right context.

Context Access Control in Ubiquitous Computing Environment (유비쿼터스 컴퓨팅 환경에서의 컨텍스트 접근 제어 고찰)

  • Jung Heon-Man;Lee Se-Hoon
    • KSCI Review
    • /
    • v.14 no.1
    • /
    • pp.175-184
    • /
    • 2006
  • In this paper, we study to two research direction about information security in ubiquitous computing environment. First, researches on context-aware access control using user's context or environment conditions based on role-based control. Second, researches on model for access control about context information in ubiquitous computing utilizing role base access control model. Two research directions are the one of the most important point technology in that embody ubiquitous environment in the actual world.

  • PDF

Design of U-Healthcare Access Authority Control Model Using Context Constrain RBAC Model (상황제한 RBAC 모델을 이용한 U-헬스케어 접근권한 제어모델 설계)

  • Kim, Chang-Bok;Kim, Nam-Il;Park, Seong-Hwan
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.9 no.5
    • /
    • pp.233-242
    • /
    • 2009
  • The security of medical information need continued research about steady and flexible security model because of privacy of patient's as well as directly relation in the patient's life. In particular, u-healthcare environment is need flexible and detailed access control by variety changes of context. Control model analyzed relation of resource and authority, and analyzed authority about all accessible resource from access point using K2BASE. The context-based access control model can change flexibly authority change and role, and can obtain resource of authority granted and meaningly connected resource. As a result, this thesis can apply flexible and adaptive access control model at u-healthcare domain which context change various.

  • PDF

Role based access control of healthcare information system for Mobile environments (모바일 환경에 적합한 헬스 케어 정보 시스템에서의 역할기반 접근제어)

  • Lee You-Ri;Park Dong-Gue
    • Journal of the Korea Society of Computer and Information
    • /
    • v.10 no.3 s.35
    • /
    • pp.119-132
    • /
    • 2005
  • The health care system revolutionized by the use of information and communication technologies. Computer information processing and electronic communication technologies play an increasingly important role in the area of health care. We propose a new role based access control model for pervasive health care systems, which changed location, time, environment information. Also our model can be solved the occurrence of an reduction authority problem to pervasive health care system at emergency environment. We propose a new role based access control model for pervasive health care systems, which combines role-to-role delegations, negative permission, context concept and dynamic context aware access control. With out approach we aim to preserver the advantages of RBAC and offer groat flexibility and fine-grained access control in pervasive healthcare information systems.

  • PDF

Context-Driven Framework for High Level Configuration of Virtual Businesses (가상기업의 형성을 위한 컨텍스트 기반 프레임워크)

  • Lee, Kyung-Huy;Oh, Sang-Bong
    • Journal of Information Technology Applications and Management
    • /
    • v.14 no.2
    • /
    • pp.11-26
    • /
    • 2007
  • In this paper we suggest a context-driven configuration model of virtual businesses to form a business network model consisting of role-based, interaction-centered business partners. The model makes use of the subcontext concept which explicitly represents actors and interactions in virtual business (VB) context. We separate actors who have capacities on tasks in a specific kind of role and actor subcontext which models requirements in specific interaction subcontext. Three kinds of actors are defined in virtual service chains, service user, service provider, and external service supporter. Interaction subcontext models a service exchange process between two actor subcontexts with consideration of context dependencies like task and quality dependencies. Each subcontext may be modeled in the form of a situation network which consists of a finite set of situation nodes and transitions. A specific situation is given in a corresponding context network of actors and interactions. It is illustrated with a simple example.

  • PDF

A Usage Control Model based on Context-Awareness for Mobile Devices (휴대 단말기를 위한 상황인식 기반 사용제어 모델)

  • Chang, Hye-Young;Noh, Jin-Uk;Cho, Seong-Je
    • Journal of KIISE:Computing Practices and Letters
    • /
    • v.14 no.1
    • /
    • pp.63-70
    • /
    • 2008
  • As the number of cell phone users become growing, some researchers have presented that the imprudent use of mobile phones exerts harmful influence on electronic devices such as medical appliances, takeoff and landing system of aircraft. In this paper, we propose a usage model based on context-awareness which can be applied to mobile devices. The model controls the usage of both mobile devices themselves and mobile contents according to some context information like location, time, the circumference noise, etc. The proposed usage control model includes a dynamic role-based access control approach. To show the effectiveness of the proposed model, we have implemented a prototype system on an embedded board and PC server, and evaluated the performance of the system.

A Study on Security Model Design of Adaptive Access Control based Context-Aware (상황인식 기반 적응적 접근제어 보안모델 설계에 관한 연구)

  • Kim, Nam-Il;Kim, Chang-Bok
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.8 no.5
    • /
    • pp.211-219
    • /
    • 2008
  • This paper is proposed context-aware based access control, model by extending original access control model. In this paper, we survey the recent researches about security model based context-aware such as xoRBAC and CAAC. For exactly policy evaluation, we make an addition Context Broker and Finder in existing CAAC security model. By this security model, Context information and context decision information is able to be collected easily for more correct policy decision. This paper controlled access of possible every resources that is able to access by user's event and constraint from primitive access resources. In this paper proposed security model can be offer dynamically various security level and access authority method alone with specified policy and constraint adjustment at user's role.

  • PDF

Context-based Dynamic Access Control Model for u-healthcare and its Application (u-헬스케어를 위한 상황기반 동적접근 제어 모델 및 응용)

  • Jeong, Chang-Won;Kim, Dong-Ho;Joo, Su-Chong
    • The KIPS Transactions:PartC
    • /
    • v.15C no.6
    • /
    • pp.493-506
    • /
    • 2008
  • In this paper we suggest dynamic access control model based on context satisfied with requirement of u-healthcare environment through researching the role based access control model. For the dynamic security domain management, we used a distributed object group framework and context information for dynamic access control used the constructed database. We defined decision rule by knowledge reduction in decision making table, and applied this rule in our model as a rough set theory. We showed the executed results of context based dynamic security service through u-healthcare application which is based on distributed object group framework. As a result, our dynamic access control model provides an appropriate security service according to security domain, more flexible access control in u-healthcare environment.

An Extended Role-based Access Control Model with Privacy Enforcement (프라이버시 보호를 갖는 확장된 역할기반 접근제어 모델)

  • 박종화;김동규
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.8C
    • /
    • pp.1076-1085
    • /
    • 2004
  • Privacy enforcement has been one of the most important problems in IT area. Privacy protection can be achieved by enforcing privacy policies within an organization's data processing systems. Traditional security models are more or less inappropriate for enforcing basic privacy requirements, such as privacy binding. This paper proposes an extended role-based access control (RBAC) model for enforcing privacy policies within an organization. For providing privacy protection and context based access control, this model combines RBAC, Domain-Type Enforcement, and privacy policies Privacy policies are to assign privacy levels to user roles according to their tasks and to assign data privacy levels to data according to consented consumer privacy preferences recorded as data usage policies. For application of this model, small hospital model is considered.