Efficient enforcement of security policies based on tracking of mobile users

Vijayalakshmi Atluri, Heechang Shin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

11 Scopus citations

Abstract

Recent advances to mobile communication, Global Positioning System (GPS) and Radio Frequency Identification (RFID) technologies have propelled the growth of a number of mobile services. These require maintaining mobile object's location information and efficiently serving access requests on the past, present and future status of the moving objects. Moreover, these services raise a number of security and privacy challenges. To address this, security policies are specified to ensure controlled access to the mobile user's location and movement trajectories, their profile information, and stationary resources based on the mobile user's spatiotemporal information. Considering the basic authorization specification (subject, object, privilege), in a mobile environment, a moving object can be a subject, an object, or both. Serving an access request requires to search for the desired moving objects that satisfy the query, as well as enforce the security policies. Often, enforcing security incurs overhead, and as a result may degrade the performance of a system. To alleviate this problem, recently Atluri and Guo have proposed an unified index structure, STPR-tree, to organize both the moving objects and authorizations specified over them. However, the STPR-tree is not capable supporting security policies based on tracking of mobile users. In this paper, we present an index structure, called SPPF-tree, which maintains past, present and future positions of the moving objects along with authorizations by employing partial persistent storage. We demonstrate how the SPPF-tree can be constructed and maintained, and provide algorithms to process two types of access requests, including moving object requests by stationary subjects such as locate and track, and stationary object requests by moving subjects.

Original languageEnglish (US)
Title of host publicationData and Applications Security XX - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Proceedings
EditorsPeng Liu, Ernesto Damiani
PublisherSpringer Verlag
Pages237-251
Number of pages15
ISBN (Electronic)9783540367963
ISBN (Print)3540367969, 9783540367963
DOIs
StatePublished - 2006
Event20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security - Sophia Antipolis, France
Duration: Jul 31 2006Aug 2 2006

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4127 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security
Country/TerritoryFrance
CitySophia Antipolis
Period7/31/068/2/06

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Efficient enforcement of security policies based on tracking of mobile users'. Together they form a unique fingerprint.

Cite this