Skip to main content
SpringerLink
Log in

A Map-Layer-Based Access Control Model

  • Conference paper
Information Security Applications (WISA 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7115))

Included in the following conference series:

  • 671 Accesses

Abstract

Access control is very important for database management systems. Although several access control models have been proposed for geographical maps, most of them are based on the concept of authorization window. If there are many complex authorizations, we have to define many windows and the processing of evaluation will be time-consuming. This paper presents a new access control model, which supports authorization on map layers. This model also supports both positive and negative authorizations, time constraint and so on. In order to compose a role’s authorizations in several layers, Multicolor Combination Theory is defined here. Then we can overlay the authorization layers to map layers in authorization evaluation, which is more efficient. At last some propagation rules are defined to makes authorization simpler and more flexible. abstract environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Google Earth accused of aiding terrorists (December 2008), http://www.cnbeta.com/articles/71154.htm

  2. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29, 38–47 (1996)

    Article  Google Scholar 

  3. Chun, S.A., Atluri, V.: Protecting privacy from continuous high-resolution satellite surveillance. In: Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions (2000)

    Google Scholar 

  4. Atluri, V., Chun, S.A.: An authorization model for geospatial data. IEEE Transactions on Dependable and Secure Computing 1, 238–254 (2004)

    Article  Google Scholar 

  5. Atluri, V., Mazzoleni, P.: A uniform indexing scheme for geo-spatial data and authorizations. In: Proceedings of the 16th IFIP WG 11.3 Conference on Data and Application Security, pp. 207–218 (2002)

    Google Scholar 

  6. Atluri, V., Guo, Q.: STAR-Tree: An index structure for efficient evaluation of spatiotemporal authorizations. IFIP, vol. 144, pp. 31–47 (2004)

    Google Scholar 

  7. Atluri, V., Guo, Q.: Unified Index for Mobile Object Data and Authorizations. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 80–97. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  8. Atluri, V., Shin, H., Vaidya, J.: Efficient security policy enforcement for the mobile environment. Journal of Computer Security 16(4), 439–475 (2008)

    Article  Google Scholar 

  9. Chandran, S.M., Joshi, J.B.D.: loT-RBAC: A location and time-based RBAC model. In: Ngu, A.H.H., Kitsuregawa, M., Neuhold, E.J., Chung, J.-Y., Sheng, Q.Z. (eds.) WISE 2005. LNCS, vol. 3806, pp. 361–375. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  10. Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: GEO-RBAC: a spatially aware RBAC. ACM Transactions on Information and System Security 10 (2007)

    Google Scholar 

  11. Kumar, M., Newman, R.E.: STRBAC-An approach towards spatio-temporal role-based access control. Communication, Network, and Information Security, 150–155 (2006)

    Google Scholar 

  12. Aich, S., Sural, S., Majumdar, A.K.: STARBAC: Spatiotemporal Role Based Access Control. In: OTM Conferences (2007)

    Google Scholar 

  13. Atluri, V., Chun, S.A.: A geotemporal role-based authorisation system. International Journal of Information and Computer Security 1, 143–168 (2007)

    Article  Google Scholar 

  14. Damiani, M.L., Bertino, E., Perlasca, P.: Data security in location-aware applications: an approach based on RBAC. International Journal of Information and Computer Security 1, 5–38 (2007)

    Article  Google Scholar 

  15. Ray, I., Toahchoodee, M.: A Spatio-Temporal Role-Based Access Control Model. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 211–226. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  16. Damiani, M.L., Silvestri, C.: Towards movement-aware access control. In: Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS (2008)

    Google Scholar 

  17. Bertino, E., Damiani, M.L., Momini, D.: An access control system for a web map management service. In: RIDE 2004 Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and E-Government Applications (2004)

    Google Scholar 

  18. Belussi, A., Bertino, E., Catania, B., Damiani, M.L., Nucita, A.: An authorization model for geographical maps. In: GIS 2004 Proceedings of the 12th Annual ACM International Workshop on Geographic Information Systems (2004)

    Google Scholar 

  19. Belussi, A., Catania, B., Bertino, E.: A reference framework for integrating multiple representations of geographical maps. In: GIS 2003 Proceedings of the 11th ACM International Symposium on Advances in Geographic Information Systems (2003)

    Google Scholar 

  20. Matheus, A.: Declaration and enforcement of fine-grained access restrictions for a service-based geospatial data infrastructure. In: SACMAT 2005 Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies (2005)

    Google Scholar 

  21. van Velden, B.J., Voorbij, J.B., Breure, L.: Authorized access to dynamic spatial-temporal data using the Truman Model. Department of Information and Computing Sciences. Utrecht University, Utrecht (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Software, Chinese Academy of Sciences, Beijing, 100190, China

    Yingjun Zhang, Yang Zhang & Kai Chen

Authors
  1. Yingjun Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yang Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kai Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Electronic Engineering, Soongsil University, Hyungnam Memorial Engineering Building 1105, Sangdo-Dong, 156-743, Seoul, Dongjak-Gu, Korea

    Souhwan Jung

  2. Google Inc. and Computer Science Department, Columbia University, 1214 Amsterdam Ave, 10025, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhang, Y., Zhang, Y., Chen, K. (2012). A Map-Layer-Based Access Control Model. In: Jung, S., Yung, M. (eds) Information Security Applications. WISA 2011. Lecture Notes in Computer Science, vol 7115. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27890-7_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-27890-7_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-27889-1

  • Online ISBN: 978-3-642-27890-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation