Cloud-Based Access Control Including Time and Location-Reference-Cited by-同舟云学术

Cloud-Based Access Control Including Time and Location

Published:2024-07-17 Issue:14 Volume:13 Page:2812
ISSN:2079-9292
Container-title:Electronics
language:en
Short-container-title:Electronics

Author:

Al Lail Mustafa¹^ORCID,Moncivais Marshal¹^ORCID,Benton Robert²,Perez Alfredo J.³^ORCID

Affiliation:

1. School of Engineering, Texas A&M International University, Laredo, TX 78041, USA

2. TSYS School of Computer Science, Columbus State University, Columbus, GA 31907, USA

3. Department of Computer Science, University of Nebraska at Omaha, Omaha, NE 68182, USA

Abstract

Location-based services (LBS) offer various functionalities, but ensuring secure access to sensitive user data remains a challenge. Traditional access control methods often need more detail to enforce location-specific restrictions. This paper proposes a new approach that utilizes the Generalized Spatio-Temporal Role-Based Access Control Model (GSTRBAC) within the context of LBS. GSTRBAC grants access based on user credentials, authorized locations, and access times, providing a detailed approach to securing LBS data. We introduce an optimized cloud-based GSTRBAC implementation suitable for deployment in modern LBS architectures. The system uses two secure communication protocols tailored to different security requirements. This allows for efficient communication for less-sensitive data while offering robust protection for highly sensitive information. Additionally, a proof-of-concept mobile application demonstrates the system’s functionality and efficiency within an LBS environment. Our evaluation confirms the effectiveness of the cloud-based GSTRBAC implementation in enforcing location-specific access control while maintaining resource and time efficiency.

Funder

U.S National Science Foundation

Presidential Research Development grant from Texas A&M International University

Publisher

MDPI AG

Link

https://www.mdpi.com/2079-9292/13/14/2812/pdf

Reference45 articles.

1. Security policy verification for multi-domains in cloud systems;Gouglidis;Int. J. Inf. Secur.,2014

2. Taxonomy for Identification of Security Issues in Cloud Computing Environments;Ahmed;J. Comput. Inf. Syst.,2018

3. Role-based access control models;Sandhu;Computer,1996

4. Attribute-based access control;Hu;Computer,2015

5. Microsoft (2024, July 06). What Is Azure Role-Based Access Control (Azure RBAC)?. Available online: https://learn.microsoft.com/en-us/azure/role-based-access-control/overview.