2014 | OriginalPaper | Chapter
PO-SAAC: A Purpose-Oriented Situation-Aware Access Control Framework for Software Services
Authors : A. S. M. Kayes, Jun Han, Alan Colman
Published in: Advanced Information Systems Engineering
Publisher: Springer International Publishing
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
Situation-aware applications need to capture relevant
context information
and
user intention or purpose
, to provide situation-specific access to software services. As such, a situation-aware access control approach coupled with purpose-oriented information is of critical importance. Existing approaches are highly domain-specific and they control access to services depending on the specific types of context information without considering the
purpose
. To achieve
situation-aware access control
, in this paper we consider
purpose-oriented situations
rather than conventional situations (e.g., user’s state). We take
situation
to mean the states of the entities and the states of the relationships between entities that are relevant to the purpose of a resource access request. We propose a generic framework,
P
urpose-
O
riented
S
ituation-
A
ware
A
ccess
C
ontrol
, that supports access control to software services based on the relevant situations. We develop a software prototype to demonstrate the practical applicability of the framework. In addition, we demonstrate the effectiveness of our framework through a healthcare case study. Experimental results demonstrate the satisfactory performance of our framework.