6533b853fe1ef96bd12acb0a

RESEARCH PRODUCT

Enforcing role based access control model with multimedia signatures.

Richard ChbeirBechara Al BounaStefania Marrara

subject

[ INFO.INFO-IR ] Computer Science [cs]/Information Retrieval [cs.IR][INFO.INFO-WB] Computer Science [cs]/WebComputer access controlComputer science[ INFO.INFO-WB ] Computer Science [cs]/Web[SCCO.COMP]Cognitive science/Computer scienceXACMLAccess control02 engineering and technologycomputer.software_genreWorld Wide Web[SCCO.COMP] Cognitive science/Computer science020204 information systems0202 electrical engineering electronic engineering information engineeringRole-based access control[INFO.INFO-DB] Computer Science [cs]/Databases [cs.DB]Intelligent environmentcomputer.programming_language[ INFO.INFO-MM ] Computer Science [cs]/Multimedia [cs.MM][INFO.INFO-MM] Computer Science [cs]/Multimedia [cs.MM][INFO.INFO-DB]Computer Science [cs]/Databases [cs.DB]Ambient intelligenceMultimediabusiness.industry[INFO.INFO-WB]Computer Science [cs]/Web[INFO.INFO-MM]Computer Science [cs]/Multimedia [cs.MM]Computer security model[ INFO.INFO-DB ] Computer Science [cs]/Databases [cs.DB]Hardware and Architecture[INFO.INFO-IR]Computer Science [cs]/Information Retrieval [cs.IR][ SCCO.COMP ] Cognitive science/Computer science020201 artificial intelligence & image processing[INFO.INFO-IR] Computer Science [cs]/Information Retrieval [cs.IR]Web servicebusinesscomputerSoftware

description

International audience; Recently ubiquitous technology has invaded almost every aspect of the modern life. Several application domains, have integrated ubiquitous technology to make the management of resources a dynamic task. However, the need for adequate and enforced authentication and access control models to provide safe access to sensitive information remains a critical matter to address in such environments. Many security models were proposed in the literature thus few were able to provide adaptive access decisions based on the environmental changes. In this paper, we propose an approach based on our previous work [B.A. Bouna, R. Chbeir, S. Marrara, A multimedia access control language for virtual and ambient intelligence environments, In Secure Web Services (2007) 111-120] to enforce current role based access control models [M.J. Moyer, M. Ahama, Generalized role-based access control, in: Proceedings of International Conference on Distributed Computing Systems (ICDCS), Phoenix, Arizona, USA, 2001, pp. 391-398] using multimedia objects in a dynamic environment. In essence, multimedia objects tend to be complex, memory and time consuming nevertheless they provide interesting information about users and their context (user surrounding, his moves and gesture, people nearby, etc.). The idea behind our approach is to attribute to roles and permissions, multimedia signatures in which we integrate conditions based on users' context information described using multimedia objects in order to limit role activation and the abuse of permissions in a given environment. We also describe our architecture which extends the known XACML [XACML, XACML Profile for Role Based Access Control (RBAC), , 2008] terminology to incorporate multimedia signatures. We provide an overview of a possible implementation of the model to illustrate how it could be valuable once integrated in an intelligent environment.

https://hal.archives-ouvertes.fr/hal-00651322