Data di Pubblicazione:
2007
Citazione:
Access control systems for geo-spatial data and applications / M.L. Damiani, E. Bertino - In: Spatial data on the Web : modeling and management / [a cura di] E. Ferrari, A. Belussi, B. Catania, E. Clementini. - Berlin : Springer, 2007. - ISBN 9783540698777. - pp. 189-214 [10.1007/978-3-540-69878-4_9]
Abstract:
Data security is today an important requirement in various applications because of the stringent need to ensure confidentiality, integrity, and availability of information. Comprehensive solutions to data security are quite complicated and require the integration of different tools and techniques as well as specific organizational processes. In such a context, a fundamental role is played by the access control system (ACS) that establishes which subjects are authorized to perform which operations on which objects. Subjects are individuals or programs or other entities requiring access to the protected resources. When dealing with protection of information, the resources of interest are typically objects that record information, such as files in an operating system, tuples in a relational database, or a complex object in an object database. Because of its relevance in the context of solutions for information security, access control has been extensively investigated for database management systems (DBMSs) [6], digital libraries [3, 14], and multimedia applications [24]. Yet, the importance of the spatial dimension in access control has been highlighted only recently. We say that access control has a spatial dimension when the authorization to access a resource depends on position information.We broadly categorize spatially aware access control as object-driven, subject-driven, and hybrid based on whether the position information concerns objects, subjects, or both, respectively. In the former case, the spatial dimension is introduced because of the spatial nature of resources. For example, if the resources are georeferenced Earth images, then we can envisage an individual be allowed to only display images covering a certain region. The spatial dimension may also be required because of the spatial nature of subjects. This is the case of mobile individuals allowed to access a resource when located in a given area. For example, an individual may be authorized to view secret information only within a military base. Finally, position information may concern both objects and subjects like in the case of an individual authorized to display images of a region only within a military office. There is a wide range of applications which motivate spatially aware access control. The two challenging and contrasting applications we propose as examples 190 Maria Luisa Damiani and Elisa Bertino are the spatial data infrastructures (SDI) and location-based services (LBS). An SDI consists of the technological and organizational infrastructure which enables the sharing and coordinated maintenance of spatial data among multiple heterogeneous organizations, primarily public administrations, and government agencies. On the other side, LBS enable mobile users equipped with location-aware terminals to access information based on the position of terminals. These applications have different requirements on access control. In an SDI, typically, there is the need to account for various complex structured spatial data that may have multiple representations across different organizations. In an SDI, the access control is thus object-driven. Conversely, in LBS, there is the need to account for a dynamic and mobile user population which may request diversified services based on position. Access control is thus subject-driven or hybrid. However, despite the variety of requirements and the importance of spatial data protection in these and other applications, very few efforts have been devoted to the investigation of spatially aware access control models and systems. In this chapter, we pursue two main goals: the first is to present an overview of this emerging research area and in particular of requirements and research directions; the second is to analyze in more d
Tipologia IRIS:
03 - Contributo in volume
Keywords:
Access control ; security ; spatial data ; location-based services
Elenco autori:
M.L. Damiani, E. Bertino
Link alla scheda completa:
Link al Full Text:
Titolo del libro:
Spatial data on the Web : modeling and management