Integrating attribute and status constraint into the RBAC model for access control in ubiquitous systems

Deqing Zou; Jong Hyuk Park; Tai Hoon Kim; Xueguang Chen

doi:10.1109/fgcn.2007.152

Integrating attribute and status constraint into the RBAC model for access control in ubiquitous systems

Deqing Zou, Jong Hyuk Park, Tai Hoon Kim, Xueguang Chen

Dept. of Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

It now becomes a trend to implement the interconnections between resources as well as services in ubiquitous systems. Attribute-based authorization mechanisms, protocols and systems are gaining in popularity, such as SAML, XACML, Shibboleth, etc. However, their management efficiency could be further improved. The Role-based Access Control (RBAC) mechanism is widely accepted as a general mechanism for authorization management. However, RBAC is still not flexible enough to address various application scenarios in ubiquitous systems. We propose a new architecture for access control in ubiquitous systems that impose attribute and status constraints on the RBAC model, which can significantly enhance the generality and flexibility of authorization by integrating the advantages of RBAC and attributed-based access control models. Moreover, the state mechanism proposed in this architecture captures the states of the authorization elements so as to reflect the outcomes of the authorization control. Finally, we analyze the flexibility and generality of this architecture in ubiquitous systems.

Original language	English
Title of host publication	Proceedings of Future Generation Communication and Networking, FGCN 2007
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	71-75
Number of pages	5
ISBN (Print)	0769530486, 9780769530482
DOIs	https://doi.org/10.1109/fgcn.2007.152
State	Published - 2007
Event	2007 International Conference on Future Generation Communication and Networking, FGCN 2007 - Jeju Island, Korea, Republic of Duration: 6 Dec 2007 → 8 Dec 2007

Publication series

Name	Proceedings of Future Generation Communication and Networking, FGCN 2007
Volume	2

Conference

Conference	2007 International Conference on Future Generation Communication and Networking, FGCN 2007
Country/Territory	Korea, Republic of
City	Jeju Island
Period	6/12/07 → 8/12/07

Access to Document

10.1109/fgcn.2007.152

Cite this

Zou, D., Park, J. H., Kim, T. H., & Chen, X. (2007). Integrating attribute and status constraint into the RBAC model for access control in ubiquitous systems. In Proceedings of Future Generation Communication and Networking, FGCN 2007 (pp. 71-75). Article 4426206 (Proceedings of Future Generation Communication and Networking, FGCN 2007; Vol. 2). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/fgcn.2007.152

Zou, Deqing ; Park, Jong Hyuk ; Kim, Tai Hoon et al. / Integrating attribute and status constraint into the RBAC model for access control in ubiquitous systems. Proceedings of Future Generation Communication and Networking, FGCN 2007. Institute of Electrical and Electronics Engineers Inc., 2007. pp. 71-75 (Proceedings of Future Generation Communication and Networking, FGCN 2007).

@inproceedings{ca6801d16c7f4a709ca8df9912f7aa48,

title = "Integrating attribute and status constraint into the RBAC model for access control in ubiquitous systems",

abstract = "It now becomes a trend to implement the interconnections between resources as well as services in ubiquitous systems. Attribute-based authorization mechanisms, protocols and systems are gaining in popularity, such as SAML, XACML, Shibboleth, etc. However, their management efficiency could be further improved. The Role-based Access Control (RBAC) mechanism is widely accepted as a general mechanism for authorization management. However, RBAC is still not flexible enough to address various application scenarios in ubiquitous systems. We propose a new architecture for access control in ubiquitous systems that impose attribute and status constraints on the RBAC model, which can significantly enhance the generality and flexibility of authorization by integrating the advantages of RBAC and attributed-based access control models. Moreover, the state mechanism proposed in this architecture captures the states of the authorization elements so as to reflect the outcomes of the authorization control. Finally, we analyze the flexibility and generality of this architecture in ubiquitous systems.",

author = "Deqing Zou and Park, \{Jong Hyuk\} and Kim, \{Tai Hoon\} and Xueguang Chen",

year = "2007",

doi = "10.1109/fgcn.2007.152",

language = "English",

isbn = "0769530486",

series = "Proceedings of Future Generation Communication and Networking, FGCN 2007",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "71--75",

booktitle = "Proceedings of Future Generation Communication and Networking, FGCN 2007",

note = "2007 International Conference on Future Generation Communication and Networking, FGCN 2007 ; Conference date: 06-12-2007 Through 08-12-2007",

}

Zou, D, Park, JH, Kim, TH & Chen, X 2007, Integrating attribute and status constraint into the RBAC model for access control in ubiquitous systems. in Proceedings of Future Generation Communication and Networking, FGCN 2007., 4426206, Proceedings of Future Generation Communication and Networking, FGCN 2007, vol. 2, Institute of Electrical and Electronics Engineers Inc., pp. 71-75, 2007 International Conference on Future Generation Communication and Networking, FGCN 2007, Jeju Island, Korea, Republic of, 6/12/07. https://doi.org/10.1109/fgcn.2007.152

Integrating attribute and status constraint into the RBAC model for access control in ubiquitous systems. / Zou, Deqing; Park, Jong Hyuk; Kim, Tai Hoon et al.
Proceedings of Future Generation Communication and Networking, FGCN 2007. Institute of Electrical and Electronics Engineers Inc., 2007. p. 71-75 4426206 (Proceedings of Future Generation Communication and Networking, FGCN 2007; Vol. 2).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Integrating attribute and status constraint into the RBAC model for access control in ubiquitous systems

AU - Zou, Deqing

AU - Park, Jong Hyuk

AU - Kim, Tai Hoon

AU - Chen, Xueguang

PY - 2007

Y1 - 2007

N2 - It now becomes a trend to implement the interconnections between resources as well as services in ubiquitous systems. Attribute-based authorization mechanisms, protocols and systems are gaining in popularity, such as SAML, XACML, Shibboleth, etc. However, their management efficiency could be further improved. The Role-based Access Control (RBAC) mechanism is widely accepted as a general mechanism for authorization management. However, RBAC is still not flexible enough to address various application scenarios in ubiquitous systems. We propose a new architecture for access control in ubiquitous systems that impose attribute and status constraints on the RBAC model, which can significantly enhance the generality and flexibility of authorization by integrating the advantages of RBAC and attributed-based access control models. Moreover, the state mechanism proposed in this architecture captures the states of the authorization elements so as to reflect the outcomes of the authorization control. Finally, we analyze the flexibility and generality of this architecture in ubiquitous systems.

AB - It now becomes a trend to implement the interconnections between resources as well as services in ubiquitous systems. Attribute-based authorization mechanisms, protocols and systems are gaining in popularity, such as SAML, XACML, Shibboleth, etc. However, their management efficiency could be further improved. The Role-based Access Control (RBAC) mechanism is widely accepted as a general mechanism for authorization management. However, RBAC is still not flexible enough to address various application scenarios in ubiquitous systems. We propose a new architecture for access control in ubiquitous systems that impose attribute and status constraints on the RBAC model, which can significantly enhance the generality and flexibility of authorization by integrating the advantages of RBAC and attributed-based access control models. Moreover, the state mechanism proposed in this architecture captures the states of the authorization elements so as to reflect the outcomes of the authorization control. Finally, we analyze the flexibility and generality of this architecture in ubiquitous systems.

UR - http://www.scopus.com/inward/record.url?scp=52249088695&partnerID=8YFLogxK

U2 - 10.1109/fgcn.2007.152

DO - 10.1109/fgcn.2007.152

M3 - Conference contribution

AN - SCOPUS:52249088695

SN - 0769530486

SN - 9780769530482

T3 - Proceedings of Future Generation Communication and Networking, FGCN 2007

SP - 71

EP - 75

BT - Proceedings of Future Generation Communication and Networking, FGCN 2007

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2007 International Conference on Future Generation Communication and Networking, FGCN 2007

Y2 - 6 December 2007 through 8 December 2007

ER -

Zou D, Park JH, Kim TH, Chen X. Integrating attribute and status constraint into the RBAC model for access control in ubiquitous systems. In Proceedings of Future Generation Communication and Networking, FGCN 2007. Institute of Electrical and Electronics Engineers Inc. 2007. p. 71-75. 4426206. (Proceedings of Future Generation Communication and Networking, FGCN 2007). doi: 10.1109/fgcn.2007.152

Integrating attribute and status constraint into the RBAC model for access control in ubiquitous systems

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this