Unified index for mobile object data and authorizations

Often, enforcing security incurs overhead, and as a result may degrade the performance of a system. In this paper, we attempt to address this problem in the context of enforcing access control policies in a mobile data object environment. There are a number of applications that call for fine-grained specification of security policies in guaranteeing the confidentiality of data or privacy of individuals in a mobile environment. In particular, the security policies state the rules for providing controlled access to the mobile user profiles, to their current location and movement trajectories, to mobile resources, and stationary resources based on the mobile user location. Either a subject or an object in an authorization specification can be a moving object. The access requests in such an environment can typically be based on past, present and future status of the moving objects. To effectively serve such access requests, one must efficiently organize the mobile objects as well as authorizations. Although implementation of authorizations as access control list, capability list or access matrix is suitable for traditional data, it is not suitable to search mobil