Situation, Team and Role based Access Control
Abstract
Problem statement: An emergency system of sharing and exchanging user’s personal information is demanded in medical treatment and disaster situations. Approach: In such a system, personal information access control depending on user situations is greatly necessary. However, it is complicated to manage personal information access control directly, because the existing access control methods only support regular access control, not for an emergency case. Results: In this study, we propose a new access control model, called STRAC, which stands for Situation, Team and Role based Access Control. The STRAC enables access control of user personal information with consideration of context changes. Conclusion/Recommendations: In our proposed model, a concept of situations is introduced. Moreover, the proposed model is based on a concept of TMAC, which is an extension of a conventional RBAC model.
DOI: https://doi.org/10.3844/jcssp.2011.629.637
Copyright: © 2011 Kyoji Kawagoe and Keisuke Kasai. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
- 3,298 Views
- 3,834 Downloads
- 1 Citations
Download
Keywords
- Access control
- personal information
- permission rights
- crucial emergency
- Emergency Operation Unit (EOU)
- object context
- RBAC and TMAC models