An Administrative Model for Spatio-Temporal Role Based Access Control

In the present computing environment, access control decisions are often based on contextual information like the location of users and objects as well as the time of making an access request. Several variants of Role based Access Control (RBAC) have recently been proposed that support spatio-temporal policy specifications. However, unlike the administrative models available for RBAC, there is no reported literature on complete administrative models for spatio-temporal role based access control. In this paper, we introduce an administrative model for the recently proposed ESTARBAC (Enhanced Spatio-temporal Role based Access Control) model and name it as ADMINESTAR (Administrative model for Enhanced Spatio-Temporal Role based Access Control). ADMINESTAR defines a broad range of administrative rules and administrative operations. An instance of the set of administrative rules frames the currently effective administrative policy for the system. Administrative rules specify which administrative role can change which ESTARBAC entity. These ESTARBAC entities together define the system state which can be changed by administrative operations upon their successful execution under the control of defined administrative policies. ADMINESTAR would help in practical deployment of spatio-temporal role based access control systems and also provide a means for their formal