LTAM: A Location-Temporal Authorization Model

This paper describes an authorization model for specifying access privileges of users who make requests to access a set of locations in a building or more generally a physical or virtual infrastructure. In the model, primitive locations can be grouped into composite locations and the connectivities...

Full description

Saved in:
Bibliographic Details
Main Authors: YU, Hai, LIM, Ee Peng
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2004
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/1022
https://ink.library.smu.edu.sg/context/sis_research/article/2021/viewcontent/Yu_Lim2004_Chapter_LTAMALocation_TemporalAuthoriz.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:This paper describes an authorization model for specifying access privileges of users who make requests to access a set of locations in a building or more generally a physical or virtual infrastructure. In the model, primitive locations can be grouped into composite locations and the connectivities among locations are represented in a multilevel location graph. Authorizations are defined with temporal constraints on the time to enter and leave a location and constraints on the number of times users can access a location. Access control enforcement is conducted by monitoring user movement and checking access requests against an authorization database. The authorization model also includes rules that define the relationships among authorizations. We also describe the problem of finding inaccessible locations given a set of user specified authorizations and a multilevel location graph, and outline a solution algorithm.