Skip to main content
Springer Nature Link
Log in

A Context-Aware Mandatory Access Control Model for Multilevel Security Environments

  • Conference paper
Computer Safety, Reliability, and Security (SAFECOMP 2008)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 5219))

Included in the following conference series:

Abstract

Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments like military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes may be required in some environments. Moreover, as computing technology becomes more pervasive, flexible access control mechanisms are needed. Unlike traditional approaches for access control, such access decisions depend on the combination of the required credentials of users and the context of the system. Incorporating context-awareness into mandatory access control models results in a model appropriate for handling such context-aware policies and context- sensitive class association mostly needed in multilevel security environments. In this paper, we introduce a context-aware mandatory access control model (CAMAC) capable of dynamic adaptation of access control policies to the context, and handling context-sensitive class association, in addition to preservation of confidentiality and integrity. One of the most significant characteristics of the model is its high expressiveness which allows us to express various mandatory access control models such as Bell-LaPadula, Biba, Dion, and Chinese Wall with it.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
eBook
USD 39.99
Price excludes VAT (USA)
Softcover Book
USD 54.99
Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bell, D.E., LaPadula, L.J.: Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report MTR-2997 Rev. 1. MITRE Corporation (1976)

    Google Scholar 

  2. Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Mathematical Foundations. Technical Report MTR-2547. MITRE Corporation (1976)

    Google Scholar 

  3. Biba, K.: Integrity Considerations for Secure Computer Systems. In: Corporation, M. (ed.): Technical Report MTR-3153, Bedford, MA (1977)

    Google Scholar 

  4. Dion, L.C.: A Complete Protection Model. In: IEEE Symposium on Security and Privacy, Oakland, CA, pp. 49–55 (1981)

    Google Scholar 

  5. Brewer, D.F.C., Nash, M.J.: The Chinese Wall Security Policy. In: IEEE Symposium Research in Security and Privacy, pp. 215–228. IEEE CS Press, Los Alamitos (1989)

    Google Scholar 

  6. Sandhu, R.S.: Lattice-Based Access Control Models. IEEE Computer 26(11), 9–19 (1993)

    Google Scholar 

  7. Sandhu, R.S., Samarati, P.: Access Controls: Principles and Practice. IEEE Communications 32 (9), 40–48 (1994)

    Article  Google Scholar 

  8. Kumar, A., Karnik, N., Chafle, G.: Context Sensitivity in Role Based Access Control. ACM SIGOPS Operating Systems Review, 53–66 (2002)

    Google Scholar 

  9. Al-Kahtani, M.A., Sandhu, R.: A Model for Attribute-Based User-Role Assignment. In: 18th Annual Computer Security Applications Conference, pp. 353–364. IEEE Computer Society Press, Las Vegas (2002)

    Chapter  Google Scholar 

  10. Covington, M., Moyer, M., Ahamad, M.: Generalized role-based access control for securing future applications. In: 23rd National Information Systems Security Conference, Baltimore, MD, USA (2000), http://csrc.nist.gov/nissc/2000/proceedings/toc.pdf

  11. Zhang, G., Parashar, M.: Context-aware dynamic access control for pervasive applications. In: Communication Networks and Distributed Systems Modeling and Simulation conference, San Diego (2000)

    Google Scholar 

  12. Georgiadis, C.K., Mavridis, I., Pangalos, G., Thomas, R.K.: Flexible Team-based Access Control Using Contexts. In: Sixth ACM Symposium on Access Control Models and Technologies, pp. 21–27. ACM Press, Chantilly (2001)

    Chapter  Google Scholar 

  13. Hu, J., Weaver, A.C.: A Dynamic, Context-Aware Security Infrastructure for Distributed Healthcare Applications. In: First Workshop on Pervasive Privacy Security, Privacy, and Trust, Boston, MA, USA (2004), http://www.pspt.org/techprog.html

  14. Ray, I., Kumar, M.: Towards a location-based mandatory access control model. Computers & Security 25, 36–44 (2006)

    Article  Google Scholar 

  15. Baldauf, M., Dustdar, S.: A Survey on Context-aware Systems. Technical report TUV-1841-2004-24. Distributed Systems Group, Technical University of Vienna (2004)

    Google Scholar 

  16. Korpipää, P., Mäntyjärvi, J., Kela, J., Keränen, H., Malm, E.-J.: Managing Context Information in Mobile Devices. IEEE Pervasive Computing 2 (3), 42–51 (2003)

    Article  Google Scholar 

  17. Tao Gu, X.H.W., Pung, H.K., Zhang, D.Q.: A Middleware for Building Context-Aware Mobile Services. In: IEEE Vehicular Technology Conference, Milan, Italy, vol. 5, pp. 2656–2660 (2004)

    Google Scholar 

  18. Fahy, P., Clarke, S.: CASS: Middleware for Mobile, Context-Aware Applications. In: Workshop on Context Awareness at MobiSys., Boston, pp. 304–308 (2004)

    Google Scholar 

  19. Chen, H., Finn, T., Joshi, A.: Using OWL in a Pervasive Computing Broker. In: Workshop on Ontologies in Open Agent Systems, AAMAS 2003, Melbourne, Australia, pp. 9–16 (2003)

    Google Scholar 

  20. Dey, A.K., Salber, D., Abowd, G.D.: A Conceptual Framework and a Toolkit for Supporting the Rapid Prototyping of Context-Aware Applications. Human-Computer Interaction (HCI) Journal 16(2-4), 97–166 (2001)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Sharif University of Technology, Tehran, Iran

    Jafar Haadi Jafarian, Morteza Amini & Rasool Jalili

Authors
  1. Jafar Haadi Jafarian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Morteza Amini
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rasool Jalili
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computing Science, Newcastle University, Claremont Tower, NE1 7RU, Newcastle upon Tyne, UK

    Michael D. Harrison

  2. Health Sciences Research Institute, University of Warwick, Coventry, CV4 7AL, UK

    Mark-Alexander Sujan

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jafarian, J.H., Amini, M., Jalili, R. (2008). A Context-Aware Mandatory Access Control Model for Multilevel Security Environments. In: Harrison, M.D., Sujan, MA. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2008. Lecture Notes in Computer Science, vol 5219. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87698-4_33

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-87698-4_33

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-87697-7

  • Online ISBN: 978-3-540-87698-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation