Home |  ENGLISH |  Kontakt |  Impressum |  Anmelden |  KIT

Inproceedings2043

Aus Aifbportal

Wechseln zu: Navigation, Suche

(This page contains COinS metadata)

Mandatory and Location-Aware Access Control for Relational Databases




Published: 2009 August

Buchtitel: Proceedings of the Conference on Communications Infrastructure, Systems and Applications in Europe (EuropeComm 2009)
Erscheinungsort: London, U.K.
Organisation: ICST
Referierte Veröffentlichung
BibTeX

Kurzfassung
Access control is concerned with determining which operations a particular user is allowed to perform on a particular electronic resource. For example, an access control decision could say that user Alice is allowed to perform the operation read (but not write) on the resource research report. With conventional access control this decision is based on the user's identity whereas the basic idea of Location-Aware Access Control (LAAC) is to evaluate also a user's current location when making the decision if a particular request should be granted or denied. LAAC is an interesting approach for mobile information systems because these systems are exposed to specific security threads like the loss of a device. Some data models for LAAC can be found in literature, but almost all of them are based on RBAC and none of them is designed especially for Database Management Systems (DBMS). In this paper we therefore propose a LAAC-approach for DMBS and describe a prototypical implementation of that approach that is based on database triggers.


Projekt

ModiFrame



Forschungsgruppe

Betriebliche Informationssysteme


Forschungsgebiet
Mobile Technologien, M-Business, Datenbanksysteme