Article

Flexible team-based access control using contexts

Authors:

Christos K. Georgiadis,

Ioannis Mavridis,

George Pangalos, and

Roshan K. ThomasAuthors Info & Claims

SACMAT '01: Proceedings of the sixth ACM symposium on Access control models and technologies

May 2001

Pages 21 - 27

https://doi.org/10.1145/373256.373259

Published: 01 May 2001 Publication History

Get Access

Abstract

We discuss the integration of contextual information with team-based access control. The TMAC model was formulated by Thomas in [1] to provide access control for collaborative activity best accomplished by teams of users. In TMAC, access control revolves around teams, where a "team" is an abstraction that encapsulates a collection of users in specific roles and collaborating with the objective of accomplishing a specific task or goal. Users who belong to a team are given access to resources used by a team. However, the effective permissions of a user are always derived from permission types defined for roles that the user belongs to. TMAC is an example of what we call "active security models". These models are aware of the context associated with an ongoing activity in providing access control and thus distinguish the passive concept of permission assignment from the active concept of context-based permission activation. The ability to integrate contextual information allows models such as TMAC to be flexible and express a variety of access policies that can provide tight and just-in-time permission activation.

References

[1]

Thomas R.K. Team-Based Access Control (TMAC): A Primitive for Applying Role-Based Access Controls in Collaborative Environments, Proceedings of the Second ACM workshop on Role-based Access Control, Fairfax, VA USA, 1997.

Digital Library

Google Scholar

[2]

NIST. Role Based Access Control, National Institute of Standards and Technology, 1999, available in URL: http://hissa.ncsl.nist.gov/rbac

Google Scholar

[3]

NIST. An Introduction to Role-based Access Control, NIST CSL Bulletin on RBAC, National Institute of Standards and Technology, 1995, available in URL: http://csrc.nist.gov/nistbul/csl95-12.txt

Google Scholar

[4]

Sandhu R. Role-Based Access Control, Advances in Computers, Vol.46, Academic Press, 1998.

Google Scholar

[5]

ISO. ISO / IEC 10181-3 Model of Access Control, X/ Open Guide Basic Security Facilities - Authorization in Distributed Security Framework, 1994.

Google Scholar

[6]

Beznosov K. Requirements for Access Control: US Healthcare domain, Proceedings of the Third ACM Workshop on Role-Based Access Control, October 1998, Fairfax, VA, USA, 1998.

Digital Library

Google Scholar

[7]

Lupu E. and Sloman M. Reconciling Role Based Management and Role-based Access Control, Proceedings of the Second ACM Workshop on RBAC, Fairfax, VA, USA, 1997.

Digital Library

Google Scholar

[8]

Giuri L. and Iglio P. Role Templates for Content-Based Access Control, Proceedings of the Second ACM Workshop on RBAC, Fairfax, VA, USA, 1997.

Digital Library

Google Scholar

[9]

Farrel S. and Housley R. An Internet Attribute Certificate Profile for Authorization, Internet Draft: draft.ietf.pkix.ac509prof-03.txt, work in progress, May 2000.

Digital Library

Google Scholar

[10]

Mavridis I., Georgiadis C., Pangalos G. and Khair M. Using Digital Certificates for Access Control in Clinical Intranet Applications. Journal Technology and Health Care, Vol. 8, Nos. 3, 4 (2000), ISSN 0928-7329, p. 173-174, IOS Press, 2000.

Digital Library

Google Scholar

[11]

Pernul G. Database Security, Advances in Computers, Vol.38, M.C. Yovits (Ed.), Academic Press, 1994.

Google Scholar

[12]

Pangalos G. and Khair M. Design of a Secure Medical Database Systems, in IFIP/SEC'96, 12th international information security conference, 1996.

Digital Library

Google Scholar

[13]

Mavridis I., Pangalos G. and Khair M. eMEDAC: Rolebased Access Control Supporting Discretionary and Mandatory Features, Proceedings of 13th IFIP WG 11.3 Working Conference on Database Security, Seattle, Washington, USA, 1999.

Digital Library

Google Scholar

Cited By

View all

Brachmann MPhillips GGülen UTudor V(2023)Toward Privacy-Preserving Localization and Mapping in eXtended Reality: A Privacy Threat Model2023 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit)10.1109/EuCNC/6GSummit58263.2023.10188227(635-640)Online publication date: 6-Jun-2023
https://doi.org/10.1109/EuCNC/6GSummit58263.2023.10188227
Barhoun REd-daibouni MNamir A(2022)An Extended Attribute-Based Access Control (ABAC) Model for Distributed Collaborative Healthcare SystemResearch Anthology on Securing Medical Systems and Records10.4018/978-1-6684-6311-6.ch046(955-969)Online publication date: 3-Jun-2022
https://doi.org/10.4018/978-1-6684-6311-6.ch046
Sherazi SZahoor EAkhtar SPerrin O(2022)A blockchain based approach for the authorization policies delegation in emergency situationsTransactions on Emerging Telecommunications Technologies10.1002/ett.446133:5Online publication date: 27-May-2022
https://dl.acm.org/doi/10.1002/ett.4461
Show More Cited By

Index Terms

Flexible team-based access control using contexts

Recommendations

An Evaluation of Role Based Access Control Towards Easier Management Compared to Tight Security
ICFNDS '17: Proceedings of the International Conference on Future Networks and Distributed Systems

Role-based access control (RBAC) is a widely-used protocol to design and build an access control for providing the system security regarding authorization. Even though in the context of internet resources access, the authentication and access control ...
Read More
Domain Administration of Task-role Based Access Control for Process Collaboration Environments
IAS '09: Proceedings of the 2009 Fifth International Conference on Information Assurance and Security - Volume 01

The fast evolving workflow technologies facilitate organizations to interact and cooperate with each other to achieve their business goals by process collaborations. Task-role based access control is an important security mechanism to protect data and ...
Read More
Constraints-based access control
Das'01: Proceedings of the fifteenth annual working conference on Database and application security

The most important aspect of security in a database after establishing the authenticity of the user is its access control mechanism. The ability of this access control mechanism to express the security policy can make or break the system.This paper ...
Read More

Comments

Information & Contributors

Information

Published In

SACMAT '01: Proceedings of the sixth ACM symposium on Access control models and technologies

May 2001

181 pages

ISBN:1581133502

DOI:10.1145/373256

Chairmen:
Ravi Sandhu
George Mason Univ., Fairfax, VA
,
Trent Jaeger
IBM

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 May 2001

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SACMAT01

Sponsor:

SIGSAC

SACMAT01: 6th ACM Symposium on Access Control Models and Technologies

Virginia, Chantilly, USA

Acceptance Rates

Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

138
Total Citations
View Citations
1,863
Total Downloads

Downloads (Last 12 months)16
Downloads (Last 6 weeks)0

Other Metrics

View Author Metrics

Citations

Cited By

View all

Brachmann MPhillips GGülen UTudor V(2023)Toward Privacy-Preserving Localization and Mapping in eXtended Reality: A Privacy Threat Model2023 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit)10.1109/EuCNC/6GSummit58263.2023.10188227(635-640)Online publication date: 6-Jun-2023
https://doi.org/10.1109/EuCNC/6GSummit58263.2023.10188227
Barhoun REd-daibouni MNamir A(2022)An Extended Attribute-Based Access Control (ABAC) Model for Distributed Collaborative Healthcare SystemResearch Anthology on Securing Medical Systems and Records10.4018/978-1-6684-6311-6.ch046(955-969)Online publication date: 3-Jun-2022
https://doi.org/10.4018/978-1-6684-6311-6.ch046
Sherazi SZahoor EAkhtar SPerrin O(2022)A blockchain based approach for the authorization policies delegation in emergency situationsTransactions on Emerging Telecommunications Technologies10.1002/ett.446133:5Online publication date: 27-May-2022
https://dl.acm.org/doi/10.1002/ett.4461
Kang QXue LMorrison ATang YChen ALuo XCapkun SRoesner F(2020)Programmable in-network security for context-aware BYOD policiesProceedings of the 29th USENIX Conference on Security Symposium10.5555/3489212.3489246(595-612)Online publication date: 12-Aug-2020
https://dl.acm.org/doi/10.5555/3489212.3489246
Hurst WBoddy AMerabti MShone N(2020)Patient Privacy Violation Detection in Healthcare Critical Infrastructures: An Investigation Using Density-Based BenchmarkingFuture Internet10.3390/fi1206010012:6(100)Online publication date: 8-Jun-2020
https://doi.org/10.3390/fi12060100
Ghofrani FAmini M(2020)Privacy Preserving Dynamic Access Control Model with Access Delegation for eHealthSignal and Data Processing10.29252/jsdp.17.3.10917:3(109-140)Online publication date: 1-Nov-2020
https://doi.org/10.29252/jsdp.17.3.109
Herrera JBerrocal JMurillo JChen HJulien C(2020)A Privacy-Aware Architecture to Share Device-to-Device Contextual Information2020 IEEE International Conference on Smart Computing (SMARTCOMP)10.1109/SMARTCOMP50058.2020.00044(188-195)Online publication date: Sep-2020
https://doi.org/10.1109/SMARTCOMP50058.2020.00044
Barhoun REd-daibouni MNamir A(2019)An Extended Attribute-Based Access Control (ABAC) Model for Distributed Collaborative Healthcare SystemInternational Journal of Service Science, Management, Engineering, and Technology10.4018/IJSSMET.201910010510:4(81-94)Online publication date: Oct-2019
https://doi.org/10.4018/IJSSMET.2019100105
Benhadj Djilali HTandjaoui D(2019)Dynamic Team Access Control for Collaborative Internet of ThingsMobile, Secure, and Programmable Networking10.1007/978-3-030-03101-5_7(70-85)Online publication date: 13-Jan-2019
https://doi.org/10.1007/978-3-030-03101-5_7
Haguouche SJarir Z(2018)Generic Access Control Model and Semantic Mapping Between Heterogeneous PoliciesInternational Journal of Technology Diffusion10.4018/IJTD.20181001049:4(52-65)Online publication date: 1-Oct-2018
https://dl.acm.org/doi/10.4018/IJTD.2018100104
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

An Evaluation of Role Based Access Control Towards Easier Management Compared to Tight Security

Domain Administration of Task-role Based Access Control for Process Collaboration Environments

Constraints-based access control