{"title":"基于时空角色的物理访问控制系统访问控制","authors":"Emsaieb Geepalla, B. Bordbar, Xiaofeng Du","doi":"10.1109/EST.2013.13","DOIUrl":null,"url":null,"abstract":"Due to the large size of the global enterprise and the complexity of job's functions within organisations, managing Physical Access Control (PAC) policies has become a challenging problem. It is therefore, very important to develop Access Control mechanisms that can be deployed by organizations to meet their information security needs. In this paper we first demonstrate that current Access Control models such as Spatio-Temporal Role Based Access Control (STRBAC) are not adequate for representing PAC specifications. We then discuss some of the limitations of the current models, which we highlight by conducting a case study involving the modelling of an Access Control mechanism used by a leading telecommunications company. To overcome such limitations, we present an extension of the STRBAC model which considers the physical aspects of Access Control systems. The second contribution in this paper is using our earlier method AC2Alloy to analyse PAC specifications using Alloy analyser to ensure the consistency of the specifications.","PeriodicalId":213735,"journal":{"name":"2013 Fourth International Conference on Emerging Security Technologies","volume":"206 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Spatio-temporal Role Based Access Control for Physical Access Control Systems\",\"authors\":\"Emsaieb Geepalla, B. Bordbar, Xiaofeng Du\",\"doi\":\"10.1109/EST.2013.13\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Due to the large size of the global enterprise and the complexity of job's functions within organisations, managing Physical Access Control (PAC) policies has become a challenging problem. It is therefore, very important to develop Access Control mechanisms that can be deployed by organizations to meet their information security needs. In this paper we first demonstrate that current Access Control models such as Spatio-Temporal Role Based Access Control (STRBAC) are not adequate for representing PAC specifications. We then discuss some of the limitations of the current models, which we highlight by conducting a case study involving the modelling of an Access Control mechanism used by a leading telecommunications company. To overcome such limitations, we present an extension of the STRBAC model which considers the physical aspects of Access Control systems. The second contribution in this paper is using our earlier method AC2Alloy to analyse PAC specifications using Alloy analyser to ensure the consistency of the specifications.\",\"PeriodicalId\":213735,\"journal\":{\"name\":\"2013 Fourth International Conference on Emerging Security Technologies\",\"volume\":\"206 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-09-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 Fourth International Conference on Emerging Security Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EST.2013.13\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 Fourth International Conference on Emerging Security Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EST.2013.13","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Spatio-temporal Role Based Access Control for Physical Access Control Systems
Due to the large size of the global enterprise and the complexity of job's functions within organisations, managing Physical Access Control (PAC) policies has become a challenging problem. It is therefore, very important to develop Access Control mechanisms that can be deployed by organizations to meet their information security needs. In this paper we first demonstrate that current Access Control models such as Spatio-Temporal Role Based Access Control (STRBAC) are not adequate for representing PAC specifications. We then discuss some of the limitations of the current models, which we highlight by conducting a case study involving the modelling of an Access Control mechanism used by a leading telecommunications company. To overcome such limitations, we present an extension of the STRBAC model which considers the physical aspects of Access Control systems. The second contribution in this paper is using our earlier method AC2Alloy to analyse PAC specifications using Alloy analyser to ensure the consistency of the specifications.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
