Abstract
Due to the proliferation of data and services in everyday life, we face challenges to ascertain all the necessary contexts and associated contextual conditions and enable applications to utilize relevant information about the contexts. The ability to control context-sensitive access to data resources has become ever more important as the form of the data varies and evolves rapidly, particularly with the development of smart Internet of Things (IoTs). This frequently results in dynamically evolving contexts. An effective way of addressing these issues is to model the dynamically changing nature of the contextual conditions and the transitions between these different dynamically evolving contexts. These contexts can be considered as different states and the transitions represented as state transitions. In this paper, we present a new framework for context-sensitive access control, to represent the dynamic changes to the contexts in real time. We introduce a state transition mechanism to model context changes that lead the transitions from initial states to target states. The mechanism is used to decide whether an access control decision is granted or denied according to the associated contextual conditions and controls data access accordingly. We introduce a Petri net model to specify the control flows for the transitions of states according to the contextual changes. A software prototype has been implemented employing our Petri net model for detection of such changes and making access control decisions accordingly. The advantages of our context-sensitive access control framework along with a Petri net model have been evaluated through two sets of experiments, especially by looking for re-evaluation of access control decisions when context changes. The experimental results show that having a state transition mechanism alongside the context-sensitive access control increases the efficiency of decision making capabilities compared to earlier approaches.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Weiser, M.: Some computer science issues in ubiquitous computing. Commun. ACM 36(7), 75–84 (1993)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE. Computer 29, 38–47 (1996)
Wang, H., Cao, J., Zhang, Y.: A flexible payment scheme and its role-based access control. IEEE TKDE 17(3), 425–436 (2005)
Servos, D., Osborn, S.L.: Current research and open problems in attribute-based access control. ACM Comput. Surv. 49(4), 65:1–65:45 (2017)
Joshi, J.B., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE TKDE 17(1), 4–23 (2005)
Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: GEO-RBAC: a spatially aware RBAC. ACM TISSEC 10(1), 2 (2007)
Kayes, A.S.M., Han, J., Colman, A.: OntCAAC: an ontology-based approach to context-aware access control for software services. Comput. J. 58(11), 3000–3034 (2015)
Hosseinzadeh, S., Virtanen, S., Rodríguez, N.D., Lilius, J.: A semantic security framework and context-aware role-based access control ontology for smart spaces. In: SBD@SIGMOD, pp. 1–6 (2016)
Kayes, A., Rahayu, W., Dillon, T., Chang, E., Han, J.: Context-aware access control with imprecise context characterization through a combined fuzzy logic and ontology-based approach. In: CoopIS 2017, vol. 10573. LNCS, pp. 132–153. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69462-7_10
Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The ponder policy specification language. In: Sloman, M., Lupu, E.C., Lobo, J. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–38. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44569-2_2
Kulkarni, D., Tripathi, A.: Context-aware role-based access control in pervasive computing systems. In: SACMAT, pp. 113–122 (2008)
Schefer-Wenzl, S., Strembeck, M.: Modelling context-aware rbac models for mobile business processes. IJWMC 6(5), 448–462 (2013)
Sloman, M.: Policy driven management for distributed systems. Journal of network and Systems Management 2(4), 333–360 (1994)
Chang, E., Gautama, E., Dillon, T.S.: Extended activity diagrams for adaptive workflow modelling. In: IEEE ISORC-2001, pp. 413–419 (2001)
Dey, A.K.: Understanding and using context. Pers. Ubiquitous Comput. 5(1), 4–7 (2001)
CPNTools: A tool for editing, simulating, and analyzing colored petri nets (2018). http://cpntools.org/
Android-Studio-IDE: Android studio for building apps (2018). https://developer.android.com/studio/
SQLite: It is a self-contained and mostly used SQL database engine in the world (2018). https://www.sqlite.org/index.html
PNML: The petri net markup language (PNML) is a proposal of an XML-based interchange format for petri nets (2018). http://www.pnml.org/
Rissanen, E.: XACML v3.0 core and hierarchical role based access control (RBAC) profile version 1.0. In: OASIS Standard (2014). http://docs.oasis-open.org/xacml/3.0/rbac/v1.0/xacml-3.0-rbac-v1.0.html
Colombo, P., Ferrari, E.: Towards virtual private NoSQL datastores. In: ICDE, pp. 193–204. IEEE (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Kayes, A.S.M., Rahayu, W., Dillon, T., Mahbub, S., Pardede, E., Chang, E. (2018). Dynamic Transitions of States for Context-Sensitive Access Control Decision. In: Hacid, H., Cellary, W., Wang, H., Paik, HY., Zhou, R. (eds) Web Information Systems Engineering – WISE 2018. WISE 2018. Lecture Notes in Computer Science(), vol 11233. Springer, Cham. https://doi.org/10.1007/978-3-030-02922-7_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-02922-7_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02921-0
Online ISBN: 978-3-030-02922-7
eBook Packages: Computer ScienceComputer Science (R0)