Article

Multimedia-based authorization and access control policy specification

Authors:

Béchara Al Bouna,

Richard ChbeirAuthors Info & Claims

SWS '06: Proceedings of the 3rd ACM workshop on Secure web services

Pages 61 - 68

https://doi.org/10.1145/1180367.1180379

Published: 03 November 2006 Publication History

Abstract

Exchanging multimedia objects between wide ranges of distributed applications, web services, and end-users is rapidly increasing in several application domains (medicine, surveillance, e-learning, etc.). In confidential applications, one of the emergent problems to deal with is data authorization and access control. Several textual-oriented authorization models have been provided in the literature. However, multimedia data are more complex in structure and content than textual ones, and thus require new relevant models to provide full multimedia-oriented components specification. In this paper, we address this problem and present a new approach able to improve authorization and access control policies by combining multimedia objects features (shape, color, texture, etc.) with textual descriptors. We also extend the widely used Role Based Access Control (RBAC) model by considering additional concepts useful to improve authorization control, and by integrating different types of possible links between users of different roles to avoid security breaches.

References

[1]

A. Gabillon and E. Bruno. Regulating access to XML documents. In Proc. of the 15th Annual IFIP WG 11.3 Working Conference on Database and Application Security, Niagara on the Lake, Ontario, Canada, July 2001: 299--314.]]

Digital Library

[2]

Yoshitaka and T. Ichikawa, A Survey On Content-Based Retrieval for Multimedia Databases. IEEE Transactions on Knowledge and Data Engineering, 11(1), 1999:81--93.]]

Digital Library

[3]

CC/PP: Composite Capability/Preference Profiles, http://www.w3.org/Mobile/CCPP (10/05/2005)]]

[4]

C.E. Landwehr, "Formal models of computer security," ACM Comput. Surv., 13(3), Sept. 1981: 247--278.]]

Digital Library

[5]

Elisa Bertino, Elena Ferrari, Andrea Perego: MaX: An Access Control System for Digital Libraries and the Web. COMPSAC 2002: 945--950.]]

Digital Library

[6]

Elisa Bertino, Silvana Castano, Elena Ferrari: Securing XML Documents with Author-X. IEEE Internet Computing 5(3), 2001: 21--31.]]

Digital Library

[7]

Elisa Bertino, Moustafa A. Hammad, Walid G. Aref and Ahmed K. Elmagarmid. Access Control Model for Video Database Systems. In Proceedings of the 9th International Conference on Information Knowledge Management, CIKM, 2000: 336--343.]]

Digital Library

[8]

E. Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, Pierangela Samarati: Securing XML Documents. EDBT 2000: 121--135.]]

Digital Library

[9]

E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, and P. Samarati. A fine-grained access control system for XML documents. ACM Transactions on Information and System Security (TISSEC), 5(2), 2002:169--202.]]

Digital Library

[10]

E. Damiani, Sabrina De Capitani di Vimercati, Eduardo Fernández-Medina, Pierangela Samarati: Access Control of SVG Documents. DBSec 2002: 219--230.]]

[11]

Ernesto Damiani, Sabrina De Capitani di Vimercati, Cristiano Fugazza, Pierangela Samarati: Extending Policy Languages to the Semantic Web. ICWE 2004: 330--343.]]

[12]

Ferraiolo, D.F., Barkley, J.F., Kuhn, D.R., A role-based access control model and reference implementation within a corporate intranet, ACM Transactions on Information and System Security, 2(1), February 1999: 34--64.]]

Digital Library

[13]

Georges Chalhoub, Samir Saad, Richard Chbeir, Kokou Yétongnon, Towards Fully Functional Distributed MultiMedia DBMS, Journal Of Digital Information Management (JDIM), 2(3), September 2004:116--121.]]

[14]

Ian Burnett, Rik Van de Walle, Keith Hill, Jan Bormans, Fernando Pereira: MPEG-21: Goals and Achievements. IEEE MultiMedia, 10 (4), 2003:60--70.]]

Digital Library

[15]

James Joshi, Rafae Bhatti, Elisa Bertino, Arif Ghafoor: Access-Control Language for Multidomain Environments. IEEE Internet Computing, 8(6), 2004: 40--50.]]

Digital Library

[16]

James B.D. Joshi, Kevin Li, Husni Fahmi, Basit Shafiq, Arif Ghafoor, A Model for Secure Multimedia Document Database System in a Distributed Environment, IEEE Transactions on Multimedia: Special Issue of on Multimedia Datbases, 4(2), June 2002: 215--234.]]

Digital Library

[17]

Jingzhu Wang, Sylvia L. Osborn: A role-based approach to access control for XML databases. SACMAT 2004: 70--77.]]

Digital Library

[18]

K. Jensen, Colored Petri-Nets-Basic Concepts, Analysis Methods, and Practical Use, 2nd ed. New York: Springer-Verlag, vol. 1, 1996.]]

Digital Library

[19]

Marshall D. Abrams, Sushil Jajodia, Harold J. Podell, Information Security: An Integrated Collection of Essays, ISBN: 0-8186-3662-9.]]

Digital Library

[20]

N.R. Adam, V. Atluri, E. Bertino and E. Ferrari, A Content-based Authorization Model for Digital Librarie' IEEE Transactions Knowledge and Data Engineering, 14(2), 2002: 296--315.]]

Digital Library

[21]

N.B. Kodali, C. Farkas and D. Wijesekera, An Authorization Model for Multimedia Digital Libraries, Journal of Digital Libraries, Special Issue on Security, 4(3), 2004:139--155.]]

Digital Library

[22]

N.B. Kodali, C. Farkas and D. Wijesekera, Specifying Multimedia Access Control Using RDF, International Journal of Computer Systems, Science and Engineering, special issue on trends in XML Technology, 19(3), 2004:129--141.]]

[23]

Platform for Internet Content Selection (PICS): http://www.w3.org/pics/ (15/06/2005).]]

[24]

S. De Capitani di Vimercati, P. Samarati, New Directions in Access Control, in Cyberspace Security and Defense: Research Issues, Kluwer Academic Publisher (to appear).]]

[25]

Sven Buchholz, Thomas Hamann, Gerald Hübsch: Comprehensive Structured Context Profiles (CSCP): Design and Experiences. PerCom Workshops 2004: 43--47.]]

Digital Library

[26]

XACML: eXtensible Access Control Markup Language http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml (20/07/2005).]]

Cited By

Koukopoulos DStyliaras G(2013)Design of trustworthy smartphone-based multimedia services in cultural environmentsElectronic Commerce Research10.1007/s10660-013-9112-513:2(129-150)Online publication date: 1-May-2013
https://dl.acm.org/doi/10.1007/s10660-013-9112-5
Koukopoulos DStyliaras G(2011)Secure Smartphone-Based Multimedia Guiding Services in Cultural EnvironmentsProceedings of the 2011 Third International Conference on Multimedia Information Networking and Security10.1109/MINES.2011.45(604-608)Online publication date: 4-Nov-2011
https://dl.acm.org/doi/10.1109/MINES.2011.45
Campi A(2011)Roles in SQLEncyclopedia of Cryptography and Security10.1007/978-1-4419-5906-5_685(1055-1057)Online publication date: 2011
https://doi.org/10.1007/978-1-4419-5906-5_685
Show More Cited By

Index Terms

Multimedia-based authorization and access control policy specification

Recommendations

Practical Role-Based Access Control

This article presents access control from a general and a role-based perspective. The article's focus is role based Access Control from a practical vice a theoretical perspective. The article starts with some access control definitions and two secure ...
Homonymous role in role-based discretionary access control

The access control model is a core aspect of trusted information systems. Based on the role based access control (RBAC) model, we put forward the concept of the homonymous role, which extends the role control categories in RBAC, balances the control ...
Dynamic delegation framework for role based access control in distributed data management systems

This paper proposes a logic based framework that extends role based access control systems with dynamic delegation in a decentralised environment. It allows delegation of administrative privileges for both roles and access rights between roles. We have ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SWS '06: Proceedings of the 3rd ACM workshop on Secure web services

November 2006

120 pages

ISBN:1595935460

DOI:10.1145/1180367

General Chair:
Ari Juels
RSA Laboratories
,
Program Chairs:
Ernesto Damiani
University of Milan, Italy
,
Alban Gabillon
University of Pau, France

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS06

Sponsor:

CCS06: 13th ACM Conference on Computer and Communications Security 2006

November 3, 2006

Virginia, Alexandria, USA

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
561
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Koukopoulos DStyliaras G(2013)Design of trustworthy smartphone-based multimedia services in cultural environmentsElectronic Commerce Research10.1007/s10660-013-9112-513:2(129-150)Online publication date: 1-May-2013
https://dl.acm.org/doi/10.1007/s10660-013-9112-5
Koukopoulos DStyliaras G(2011)Secure Smartphone-Based Multimedia Guiding Services in Cultural EnvironmentsProceedings of the 2011 Third International Conference on Multimedia Information Networking and Security10.1109/MINES.2011.45(604-608)Online publication date: 4-Nov-2011
https://dl.acm.org/doi/10.1109/MINES.2011.45
Campi A(2011)Roles in SQLEncyclopedia of Cryptography and Security10.1007/978-1-4419-5906-5_685(1055-1057)Online publication date: 2011
https://doi.org/10.1007/978-1-4419-5906-5_685
Koukopoulos DStyliaras GSvitek MZelinka T(2009)Security in collaborative multimedia art communitiesProceedings of the 2009 Euro American Conference on Telematics and Information Systems: New Opportunities to increase Digital Citizenship10.1145/1551722.1551731(1-8)Online publication date: 3-Jun-2009
https://dl.acm.org/doi/10.1145/1551722.1551731
Christodoulou SStyliaras GTsekeridou SCheok AGiannakis KKarigiannis J(2008)Digital art 2.0Proceedings of the 3rd international conference on Digital Interactive Media in Entertainment and Arts10.1145/1413634.1413667(158-165)Online publication date: 10-Sep-2008
https://dl.acm.org/doi/10.1145/1413634.1413667

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents