skip to main content
research-article

A criterion-based multilayer access control approach for multimedia applications and the implementation considerations

Published:20 November 2008Publication History
Skip Abstract Section

Abstract

In this article, a novel criterion-based multilayer access control (CBMAC) approach is presented to enhance existing access control models such as Role-Based, Mandatory, and Discretionary Access Control models to support multilayer (multilevel) access control. The proposed approach is based on a set of predefined security criteria which are extracted from authorization rules. The security attributes of objects and users are specified by security criterion expressions (serving as locks) and the elements (serving as keys) of security criterion subsets respectively. An object embedded with a number of security criterion expressions becomes a secure object while a user associated with a security criterion subset is called a secure user. The multilayer access control is achieved by evaluating the embedded security criterion expressions (actuating locks) by the elements (keys) in a user's security criterion subset. The paper also provides the details of integrating the proposed approach with existing access control models and presents the implementation considerations of Criterion-Based Role-Based Multilayer Access Control, the integration of CBMAC and Role-Based Access Control.

References

  1. Adam, N., Atilri V., Bertino, E., and Ferrari, E. 2002. A content-based authorization model for digital libriaries. IEEE Trans. Knowl. Data Engine. 14, 2. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Bell, D. and LaPadula, L. 1996. The Bell-LaPadula model. J. Comput. Secu. 4, 2, 239--263. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Bertino, E., Fan J., Ferrari, E., Hacid, M. S., Elmagarmjd, A., and Zhu, X. 2003. A hierarchical access control model for video database system. ACM Trans. Inform. Syst. 21, 2, 155--191. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Bertino, E., Ferrari, E., and Perego, A. 2002. Max: An access control system for digital libraries and the Web, http://semioweb.msh-paris.fr/euforbia/download/max.pdfGoogle ScholarGoogle Scholar
  5. Bertino, E., Hammad, M., Aref, W., and Elmagarmjd, A. 2000. An access control model for video database systems. In Proceedings of the International Conference on Information and Knowledge Management, 336--343. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Damiani, E., De Capitani di Vimercati, S., and Samarati, P. 2005. New paradigms for access control in open environments. In Proceedings of the 5th IEEE International Symposium on Signal Processing and Information.Google ScholarGoogle Scholar
  7. Damiani, E., De Capitani S., Fernandez-Medina, E., and Samarati, P. 2002. An access control system for SVG documents. In Proceedings of the 16th Annual IFIP WG11.3 Workshop Conference on Data and Application Security.Google ScholarGoogle Scholar
  8. Fernandez-Medina, E., Ruiz, G., and De Capitani, di Vimerati, S. 2003. Implementing an Access Control System for SVG Documents. Lecture Notes in Computer Science. 741--753.Google ScholarGoogle Scholar
  9. Kodali, N., Farkas C., and Wijesekera, D. Multimedia Access Control using RDF Metadata. http://www.cse.sc.edu/~farkas/publications/c11.pdfGoogle ScholarGoogle Scholar
  10. Kosch, H. 2004. Distributed Multimedia Database Technologies Supported by MPEG-7 and MPEG-21, CEC Press.Google ScholarGoogle Scholar
  11. Manjunath, B. S., Salembier, P., and Sikora, T. 2002. Introduction to MPEG-7 Multimedia Content Description Interface, John Wiley & Sons, Ltd. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. National Computer Security Center. 1987. A guide to understanding discretionary access control in trusted systems. http://www.radium.ncsc.mil/tpep/library/rainbow/NCSC-TG-003.htmlGoogle ScholarGoogle Scholar
  13. Pan, L. and Zhang, C. 2006. A criterion-based role-based multilayer access control model for multimedia applications. In Proceedings of the IEEE International Symposium on Multimedia (ISM'06). Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Park, J. and Sandhu, R. 2004. The UCONABC usage control model. ACM Trans. Inform. Syst. Secu. 7, 1. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Rabitti, F., Bertino, E., Kim, W., and Woelk, D. 1991. A model of authorization for next-generation database systems. ACM Trans. Datab. Syst. 16, 1, 88--131. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Salembier, P. and Smith, J. R. 2001. MPEG-7 multimedia description schemes. IEEE Trans. Circ. Syst. Video Techn. 11, 6, 748--759. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Sandhu, R., Coyne, E., Feinstein, H., and Youman, C. 1996. Role-based access control models. IEEE Comput. 29, 2, 38--47. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. W3C Recommendation. 2004. XML schema part 0: Primer second edition, http://www.w3.org/TR/xmlschema-0/.Google ScholarGoogle Scholar
  19. W3C Recommendation. 2004. XML Schema part 1: Structures second edition, http://www.w3.org/TR/2004/REC-xmlschema-1-20041028/structures.htmlGoogle ScholarGoogle Scholar
  20. W3C Recommendation. 2004. XML Schema part 2: Datatypes second edition, http://www.w3.org/TR/2004/REC-xmlschema-2-20041028/datatypes.htmlGoogle ScholarGoogle Scholar
  21. Walmsley, P. 2002. Definitive XML Schema, Prentice Hall. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Wang, L., Wijesekera, D., and Jajodia, S. 2004. A logic-based framework for attribute based access control. In Proceedings of the 2004 ACM Workshop on Formal Methods in Security Engineering. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Yuan, E. and Tong, J. 2005. Attributed based access control (ABAC) for Web services. In Proceedings IEEE International Conference on Web Services (ICW'05). Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. A criterion-based multilayer access control approach for multimedia applications and the implementation considerations

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          • Published in

            cover image ACM Transactions on Multimedia Computing, Communications, and Applications
            ACM Transactions on Multimedia Computing, Communications, and Applications  Volume 5, Issue 2
            November 2008
            187 pages
            ISSN:1551-6857
            EISSN:1551-6865
            DOI:10.1145/1413862
            Issue’s Table of Contents

            Copyright © 2008 ACM

            Publisher

            Association for Computing Machinery

            New York, NY, United States

            Publication History

            • Published: 20 November 2008
            • Accepted: 1 March 2008
            • Revised: 1 July 2007
            • Received: 1 October 2006
            Published in tomm Volume 5, Issue 2

            Permissions

            Request permissions about this article.

            Request Permissions

            Check for updates

            Qualifiers

            • research-article
            • Research
            • Refereed

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!