Originator Control is an access control policy that requires recipients to gain originator’s approval for redissemination of disseminated digital object. Originator control policies are one of the generic and key concerns of usage control. Usage control is an emerging concept which encompasses traditional access control and digital rights management solutions. However, current commercial Digita...

The Generalized Temporal Role Based Access Control (GTRBAC) model introduces a large set oftemporal constraint expressions that facilitates the specification of a comprehensive accesscontrol policy. However, the issue of its expressiveness has not been investigated earlier. In thispaper, we present an exhaustive analysis of the expressiveness of the constructs provided byGTRBAC ...

Enterprises collect and use private information for various purposes. Access control can limit who can obtain such data. However, the purpose of their use is not clear. In this paper we focus on the purpose of data access and demonstrate that dynamic role-based access control (RBAC) mechanism is not sufficient for enforcement of privacy requirements. To achieve this we extend RBAC with monitori...

Problem statement: An emergency system of sharing and exchanging user’s personal information is demanded in medical treatment and disaster situations. Approach: In such a system, personal information access control depending on user situations is greatly necessary. However, it is complicated to manage personal information access control directly, because the existing access control methods onl...

We previously developed an enhanced Role-Based Access Control (RBAC) model to support information access management in the context of team collaboration and workflow. We report in this paper a generic system framework to implement the enhanced RBAC with three functional layers: (1) encoding of access control policies; (2) interpretation of the encoded policies; and (3) application of policies t...

Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general enough to simulate the traditional methods. In this paper we provide systematic constructions for various common forms of both of the tradition...

The development of geography-based services and systems has created the demands in which access control is the primary concern for geospatial data security. Although there are a variety of models to manage geospatial data access, none of them can fulfil the access control requirements. The objective of this paper is to propose a model that can support both spatio-temporal aspects and other cont...

Mobile agent systems provide new perspectives for distributed e-commerce applications. These applications may present specific restrictions, making mobile agent systems a feasible solution. Even so, mobile agents present some security related problems. An important one is resource access control. The ability for mobile agents to provide a simple, scalable, flexible, and secure access control sy...

The increasing need to share information in dynamic environments has created a requirement for risk-aware access control systems. The standard RBAC model is designed to operate in a relatively stable, closed environment and does not include any support for risk. In this paper, we explore a number of ways in which the RBAC model can be extended to incorporate notions of risk. In particular, we d...

Role-Based Access Control (RBAC) has become the de facto standard for realizing authorization requirements in a wide range of organizations. Existing RBAC models suffer from two main shortcomings; lack of expressiveness of roles/permissions and ambiguities of their hierarchies. Roles/permissions expressiveness is limited since roles do not have the ability to express behaviour and state, while ...