SACM: Stateful Access Control Model

Abstract: Access control mechanisms are a fundamental building block in the construction of secure computing environments; however, most of the research in this area has been spent on traditional access control needs. These models were sufficient in classical computing systems such as databases and file systems, but as we continue to find new and innovative ways to utilize mobile computing systems these approaches are becoming inadequate. The primary difference between many of these new policies and traditional policies… Show more

“…The interface of the epidemic marketplace, for managing access control permissions to a resource users expose explicit relations with each other to better portray the collaborative nature of the repository (Carminati, Ferrari, & Perego, 2006, 2009Carminati & Ferrari, 2008). One strategy to approximate our access control model to a social network collaborative environment is to use dynamic groups which are based on attributes or relationships in a social network (Santos, 2013), in such a manner that the "friends" of a user can be considered a group, in our model. However, this creates a permission authoring issue where it becomes unclear to the end user who he is giving access to, given the dynamic nature of social network relationships.…”

Group-Based Discretionary Access Control in Health Related Repositories

“…The interface of the epidemic marketplace, for managing access control permissions to a resource users expose explicit relations with each other to better portray the collaborative nature of the repository (Carminati, Ferrari, & Perego, 2006, 2009Carminati & Ferrari, 2008). One strategy to approximate our access control model to a social network collaborative environment is to use dynamic groups which are based on attributes or relationships in a social network (Santos, 2013), in such a manner that the "friends" of a user can be considered a group, in our model. However, this creates a permission authoring issue where it becomes unclear to the end user who he is giving access to, given the dynamic nature of social network relationships.…”

Group-Based Discretionary Access Control in Health Related Repositories

“…As discussed in the papers analyzed, the introduction of context has brought challenges to the attempts in transferring traditional security countermeasures used in distributed systems to a ubicomp environment. A significant number of papers have reported on the extension of access control approaches, such as RBAC models and access policies, with context-specific attributes (Agudo et al, 2013;Damiani et al, 2007;dos Santos et al, 2011;Strembeck and Neumann, 2004;Schefer-Wenzl and Strembeck, 2013). Another group of countermeasures (Pingley et al, 2012;Xie and Knijnenburg, 2014) have reported on context-aware privacy-preserving mechanisms that aim at protecting the user's sensitive information, such as a personal ID or the current location.…”

A decade of security research in ubiquitous computing: results of a systematic literature review