GEO-RBAC : a spatially aware RBAC

Securing access to data in location-based services and mobile applications requires the definition of spatially aware access control systems. Even if some approaches have already been proposed either in the context of geographic database systems or contextaware applications, a comprehensive framework, general and flexible enough to cope with spatial aspects in real mobile applications, is still missing. In this paper, we make one step towards this direction and we present GEO-RBAC, an extension of the RBAC model to deal with spatial and location-based information. In GEORBAC, spatial entities are used to model objects, user positions, and geographically bounded roles. Roles are activated based on the position of the user. Besides a physical position, obtained from a given mobile terminal or a cellular phone, users are also assigned a logical and device independent position, representing the feature (the road, the town, the region) in which they are located. To make the model more flexible and re-usable, we also introduce the concept of role schema, specifying the name of the role as well as the type of the role spatial boundary and the granularity of the logical position. We then extend GEO-RBAC to cope with hierarchies, modeling permission, user, and activation inheritance

Access control systems for geo-spatial data and applications

Data security is today an important requirement in various applications because of the stringent need to ensure confidentiality, integrity, and availability of information. Comprehensive solutions to data security are quite complicated and require the integration of different tools and techniques as well as specific organizational processes. In such a context, a fundamental role is played by the access control system (ACS) that establishes which subjects are authorized to perform which operations on which objects. Subjects are individuals or programs or other entities requiring access to the protected resources. When dealing with protection of information, the resources of interest are typically objects that record information, such as files in an operating system, tuples in a relational database, or a complex object in an object database. Because of its relevance in the context of solutions for information security, access control has been extensively investigated for database management systems (DBMSs) [6], digital libraries [3, 14], and multimedia applications [24]. Yet, the importance of the spatial dimension in access control has been highlighted only recently. We say that access control has a spatial dimension when the authorization to access a resource depends on position information.We broadly categorize spatially aware access control as object-driven, subject-driven, and hybrid based on whether the position information concerns objects, subjects, or both, respectively. In the former case, the spatial dimension is introduced because of the spatial nature of resources. For example, if the resources are georeferenced Earth images, then we can envisage an individual be allowed to only display images covering a certain region. The spatial dimension may also be required because of the spatial nature of subjects. This is the case of mobile individuals allowed to access a resource when located in a given area. For example, an individual may be authorized to view secret information only within a military base. Finally, position information may concern both objects and subjects like in the case of an individual authorized to display images of a region only within a military office. There is a wide range of applications which motivate spatially aware access control. The two challenging and contrasting applications we propose as examples 190 Maria Luisa Damiani and Elisa Bertino are the spatial data infrastructures (SDI) and location-based services (LBS). An SDI consists of the technological and organizational infrastructure which enables the sharing and coordinated maintenance of spatial data among multiple heterogeneous organizations, primarily public administrations, and government agencies. On the other side, LBS enable mobile users equipped with location-aware terminals to access information based on the position of terminals. These applications have different requirements on access control. In an SDI, typically, there is the need to account for various complex structured spatial data that may have multiple representations across different organizations. In an SDI, the access control is thus object-driven. Conversely, in LBS, there is the need to account for a dynamic and mobile user population which may request diversified services based on position. Access control is thus subject-driven or hybrid. However, despite the variety of requirements and the importance of spatial data protection in these and other applications, very few efforts have been devoted to the investigation of spatially aware access control models and systems. In this chapter, we pursue two main goals: the first is to present an overview of this emerging research area and in particular of requirements and research directions; the second is to analyze in more detail some research issues, focusing in particular on access control in LBS. We can expect LBS to be widely deployed in the near future when advanced wireless networks, such as mobile geosensor networks, and new positioning technologies, such as the Galileo satellite system will come into operation. In this perspective, access control will become increasingly important, especially for enabling selective access to services such as Enterprise LBS, which provide information services to mobile organizations, such as health care and fleet management enterprises. An access control model targeting mobile organizations is GEO-RBAC [4]. Such a model is based on the RBAC (role-based access control) standard and is compliant with Open Geospatial Consortium (OGC) standards with respect to the representation of the spatial dimension of the model. The main contributions of the chapter can be summarized as follows: \u2022 We provide an overview of the ongoing research in the field of spatially aware access control. \u2022 We show how the spatial dimension is interconnected with the security aspects in a specific access control model, that is, GEO-RBAC. \u2022 We outline relevant architectural issues related to the implementation of an ACS based on the GEO-RBAC model. In particular, we present possible strategies for security enforcement and the architecture of a decentralized ACS for large-scale LBS applications. The chapter is organized as follows. The next section provides some background knowledge on data security and in particular access control models. The subsequent section presents requirements for geospatial data security and then the state of the art. Afterward the GEO-RBAC model is introduced. In particular, we present the main concepts of the model defined in the basic layer of the model, the Core GEO-RBAC. Hence, architectural approaches supporting GEO-RBAC are presented. Open issues are finally reported in the concluding section along with directions for future work

Benefits of Location-Based Access Control:A Literature Study

Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, \ud attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been investigated thoroughly. To this end, we perform a structured literature review, and examine the goals that LBAC can potentially fulfill, \ud the specific LBAC systems that realize these goals and the context on which LBAC depends. Our paper has four main contributions:\ud first we propose a theoretical framework for LBAC evaluation, based on goals, systems and context. Second, we formulate and apply criteria for evaluating the usefulness of an LBAC system. Third, we identify four usage scenarios for LBAC: open areas and systems, hospitals, enterprises, and finally data centers and military facilities. Fourth, we propose directions for future research:\ud (i) assessing the tradeoffs between location-based, physical and logical access control, (ii) improving the transparency of LBAC decision making, and \ud (iii) formulating design criteria for facilities and working environments for optimal LBAC usage

Dynamic deployment of context-aware access control policies for constrained security devices

Securing the access to a server, guaranteeing a certain level of protection over an encrypted communication channel, executing particular counter measures when attacks are detected are examples of security requirements. Such requirements are identi ed based on organizational purposes and expectations in terms of resource access and availability and also on system vulnerabilities and threats. All these requirements belong to the so-called security policy. Deploying the policy means enforcing, i.e., con guring, those security components and mechanisms so that the system behavior be nally the one speci ed by the policy. The deployment issue becomes more di cult as the growing organizational requirements and expectations generally leave behind the integration of new security functionalities in the information system: the information system will not always embed the necessary security functionalities for the proper deployment of contextual security requirements. To overcome this issue, our solution is based on a central entity approach which takes in charge unmanaged contextual requirements and dynamically redeploys the policy when context changes are detected by this central entity. We also present an improvement over the OrBAC (Organization-Based Access Control) model. Up to now, a controller based on a contextual OrBAC policy is passive, in the sense that it assumes policy evaluation triggered by access requests. Therefore, it does not allow reasoning about policy state evolution when actions occur. The modi cations introduced by our work overcome this limitation and provide a proactive version of the model by integrating concepts from action speci cation languages

Dorsal-CA1 hippocampal neuronal ensembles encode nicotine-reward contextual associations

Natural and drug rewards increase the motivational valence of stimuli in the environment that, through Pavlovian learning mechanisms, become conditioned stimuli that directly motivate behavior in the absence of the original unconditioned stimulus. While the hippocampus has received extensive attention for its role in learning and memory processes, less is known regarding its role in drug-reward associations. We used in vivo Ca2+ imaging in freely moving mice during the formation of nicotine preference behavior to examine the role of the dorsal-CA1 region of the hippocampus in encoding contextual reward-seeking behavior. We show the development of specific neuronal ensembles whose activity encodes nicotine-reward contextual memories and that are necessary for the expression of place preference. Our findings increase our understanding of CA1 hippocampal function in general and as it relates to reward processing by identifying a critical role for CA1 neuronal ensembles in nicotine place preference

The potential of public participation geographic information systems in UK environmental planning: Appraisals by active publics

The paper draws on an empirical study of two workshops in which the issues that arise from the use of geographic information systems (GIS) as a planning tool in public participation settings were explored by local residents who take an active interest in local planning matters in their London borough. The paper demonstrates how issues concerned with the democratization of GIS and public participation GIS (PPGIS) informed the structure and conduct of the workshops and the qualitative analysis of the workshop discussions. Key themes raised by participants included: the potential of PPGIS as a means of extending knowledge networks; issues of data ownership and the responsiveness of data providers to public concerns; and the role that institutional norms and practices play in democratizing information availability and the transparency of the decision-making process. The paper concludes that the potential of PPGIS as a planning tool cannot be separated from public concerns about the legitimacy of the planning process or local government

The design-by-adaptation approach to universal access: learning from videogame technology

This paper proposes an alternative approach to the design of universally accessible interfaces to that provided by formal design frameworks applied ab initio to the development of new software. This approach, design-byadaptation, involves the transfer of interface technology and/or design principles from one application domain to another, in situations where the recipient domain is similar to the host domain in terms of modelled systems, tasks and users. Using the example of interaction in 3D virtual environments, the paper explores how principles underlying the design of videogame interfaces may be applied to a broad family of visualization and analysis software which handles geographical data (virtual geographic environments, or VGEs). One of the motivations behind the current study is that VGE technology lags some way behind videogame technology in the modelling of 3D environments, and has a less-developed track record in providing the variety of interaction methods needed to undertake varied tasks in 3D virtual worlds by users with varied levels of experience. The current analysis extracted a set of interaction principles from videogames which were used to devise a set of 3D task interfaces that have been implemented in a prototype VGE for formal evaluation

The City is the Factory: New Solidarities and Spatial Strategies in an Urban Age

[Excerpt] Urban public spaces, from the streets and squares of Buenos Aires to Zuccotti Park in New York City, have become the emblematic sites of contentious politics in the twenty-first century. As the contributors to The City Is the Factory argue, this resurgent politics of the square is itself part of a broader shift in the primary locations and targets of popular protest from the workplace to the city. This shift is due to an array of intersecting developments: the concentration of people, profit, and social inequality in growing urban areas; the attacks on and precarity faced by unions and workers\u27 movements; and the sense of possibility and actual leverage afforded by local politics and the tactical use of urban space. Thus, the city —from the town square to the banlieu—is becoming like the factory of old: a site of production and profit-making as well as new forms of solidarity, resistance, and social reimagining.We see examples of the city as factory in new place-based political alliances, as workers and the unemployed find common cause with right to the city struggles. Demands for jobs with justice are linked with demands for the urban commons—from affordable housing to a healthy environment, from immigrant rights to urban citizenship and the right to streets free from both violence and racially biased policing. The case studies and essays in The City Is the Factory provide descriptions and analysis of the form, substance, limits, and possibilities of these timely struggles