GTHBAC: A Generalized Temporal History Based Access Control Model

Time plays a crucial role in access control for new computing environments, which is not supported in traditional access control models. In this paper, we propose a Generalized Temporal History Based Access Control (GTHBAC) model, aimed at integrating history-based constraints along with a generic access control model. GTHBAC enhances the specification of user-defined authorization rules by constraining time interval and temporal expression over users' history of accesses. Due to different application needs, GTHBAC uses two different time schemes, i.e., real time and logical time, in its authorization rules. A formal semantics for temporal authorizations is provided, and conflicting situations are also investigated and resolved in the model. To represent the applicability of the proposed model, an architecture for an access control system based on the model is proposed, and a case of employing the model in specifying and enforcing access control policies in a banking system is studied. The operators of GTHBAC are also compared with Linear Time Temporal Logic.(LTL) operators to show the expressive power of the model.