1 / 5

OCL Extension of Location Based Access Control

OCL Extension of Location Based Access Control. Presented by Paul Whyman Based on the work of Indrakshi Ray and Mahendra Kumar. Location Based Access Control. Information about Location can strengthen access control policy Not just which subject is accessing what object

yagil
Download Presentation

OCL Extension of Location Based Access Control

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. OCL Extension ofLocation Based Access Control Presented by Paul Whyman Based on the work of Indrakshi Ray and Mahendra Kumar

  2. Location Based Access Control • Information about Location can strengthen access control policy • Not just which subject is accessing what object • Where the subject and object are located • Extension of Mandatory Access Control (MAC) • Enables increased access constraints for critical military applications • GPS & Infrared sensors determine location

  3. Class Diagram • Formall model of LBAC relationships

  4. Contains implies Dominates

  5. OCL Specification • Constraint 1 [ Contains implies Dominates ] -- The security level of a containing location is dominated by the -- security level of a contained location { Context location inv : Location.allInstance() -> forAll ( loc1, loc2 : Location | loc2.containment(loc1) implies dominates )} • Constraint 3 [ Userclearance dominates Userlocation ] -- The security clearance of a user must dominate the location of -- the user { Context User inv : UserLocation -> implies ( User.Clearance dominates User.Location ) }

More Related