Research Article
Mandatory and Location-Aware Access Control for Relational Databases
@INPROCEEDINGS{10.1007/978-3-642-11284-3_23, author={Michael Decker}, title={Mandatory and Location-Aware Access Control for Relational Databases}, proceedings={Communications Infrastructure. Systems and Applications in Europe. First International ICST Conference, EuropeComm 2009, London, UK, August 11-13, 2009, Revised Selected Papers}, proceedings_a={EUROPECOMM}, year={2012}, month={5}, keywords={Location-based Services Database Management Systems (DBMS) Mandatory Access Control (MAC) Mobile Computing Security Models}, doi={10.1007/978-3-642-11284-3_23} }
- Michael Decker
Year: 2012
Mandatory and Location-Aware Access Control for Relational Databases
EUROPECOMM
Springer
DOI: 10.1007/978-3-642-11284-3_23
Abstract
Access control is concerned with determining which operations a particular user is allowed to perform on a particular electronic resource. For example, an access control decision could say that user is allowed to perform the operation (but not ) on the resource . With conventional access control this decision is based on the user’s identity whereas the basic idea of Location-Aware Access Control (LAAC) is to evaluate also a user’s current location when making the decision if a particular request should be granted or denied. LAAC is an interesting approach for mobile information systems because these systems are exposed to specific security threads like the loss of a device. Some data models for LAAC can be found in literature, but almost all of them are based on RBAC and none of them is designed especially for Database Management Systems (DBMS). In this paper we therefore propose a LAAC-approach for DMBS and describe a prototypical implementation of that approach that is based on database triggers.