C2RBAC: An Extended Capability-Role-Based Access Control with Context Awareness for Dynamic Environments

Mitsuhiro Mabuchi, Koji Hasebe

2021

Abstract

Various working styles, such as remote work, have become more common instead of working in one office. Moreover, to accelerate the development of new technologies, collaborations among multiple companies are increasing. Thus, most development projects are operating in dynamic environments, for example, dynamically changing teams, working from anywhere and at any time. To ensure security in such dynamic environments while maintaining efficiency, flexible and scalable access control is necessary. We previously proposed capability-role-based access control (CRBAC) that allows users to create capabilities for delegating authority across various domains without an administrator’s operation. However, in dynamic environments, a finer control is required based on where and when the authority is delegated or executed. In this paper, we propose an access control model called context-aware CRBAC (C2RBAC). This model is an extension of CRBAC obtained by introducing a mechanism of context-based restrictions on various operations regarding the delegation of authority by capabilities, such as time, place, and device. In this paper, we present a formal definition of C2RBAC and demonstrate its effectiveness using an example of collaborative development.

Download


Paper Citation


in Harvard Style

Mabuchi M. and Hasebe K. (2021). C2RBAC: An Extended Capability-Role-Based Access Control with Context Awareness for Dynamic Environments. In Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT, ISBN 978-989-758-524-1, pages 819-826. DOI: 10.5220/0010601508190826


in Bibtex Style

@conference{secrypt21,
author={Mitsuhiro Mabuchi and Koji Hasebe},
title={C2RBAC: An Extended Capability-Role-Based Access Control with Context Awareness for Dynamic Environments},
booktitle={Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT,},
year={2021},
pages={819-826},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010601508190826},
isbn={978-989-758-524-1},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT,
TI - C2RBAC: An Extended Capability-Role-Based Access Control with Context Awareness for Dynamic Environments
SN - 978-989-758-524-1
AU - Mabuchi M.
AU - Hasebe K.
PY - 2021
SP - 819
EP - 826
DO - 10.5220/0010601508190826