Towards location-based access control in healthcare emergency response

Vicente, Carmen Ruiz; Kirkpatrick, Michael S.; Ghinita, Gabriel; Bertino, Elisa; Jensen, Christian S.

doi:10.1145/1667502.1667508

Cited by 4 publications

(1 citation statement)

References 8 publications

(5 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For efficient processing of user access requests, Youssef et al [27] propose an index structure that stores authorizations suitable for mobile environment. Recently, Vicente et al [24] identify that current work does not deal with mobility of both subjects and objects and does not support the utilization of complex access control decisions based on spatiotemporal relationships among subjects and objects. However, our work is orthogonal to all of these work because the underlying assumption of these approaches is that the location measure is always accurate, and therefore, evaluating access requests based on the location measures are correct.…”

Section: Efficiency Of the Proposedmentioning

confidence: 99%

Efficiently enforcing spatiotemporal access control under uncertain location information

Shin

Atluri

Cho

2011

JCS

View full text Add to dashboard Cite

In a mobile environment, user's physical location plays an important role in determining access to resources. However, because current moving object databases do not keep the exact location of the moving objects, but rather maintain their approximate location for reasons of minimizing the updates, the access request evaluation cannot always guarantee the intended access control policy requirements. This may be risky to the system's security, especially for highly sensitive resources. In this paper, we introduce an authorization model that takes the uncertainty of location measures into consideration for specifying and evaluating access control policies. An access request is granted only if the confidence level of the location predicate exceeds the predefined uncertainty threshold level specified in the policy. However, this access request evaluation is computationally expensive as it requires to evaluate a location predicate condition and may also require evaluating the entire moving object database. For reducing the cost of evaluation, in this paper, we compute lower and upper bounds (R min and Rmax) on the region that minimize the region to be evaluated, thereby allowing unneeded moving objects to be discarded from evaluation. To further minimize the region of evaluation, we propose to compute R min and R max that have smaller filter size so that filtering more objects out for evaluation. In addition, we extend our approach such that it does not require assumptions on the probability distribution functions. We show how these filters R min , Rmax, R min , and R max can be computed and maintained, and provide algorithms to process access requests.

show abstract

Section: Efficiency Of the Proposedmentioning

confidence: 99%