Enforcing role based access control model with multimedia signatures

Recently ubiquitous technology has invaded almost every aspect of the modern life. Several application domains, have integrated ubiquitous technology to make the management of resources a dynamic task. However, the need for adequate and enforced authentication and access control models to provide safe access to sensitive information remains a critical matter to address in such environments. Many security models were proposed in the literature thus few were able to provide adaptive access decisions based on the environmental changes. In this paper, we propose an approach based on our previous work [B.A. Bouna, R. Chbeir, S. Marrara, A multimedia access control language for virtual and ambient intelligence environments, In Secure Web Services (2007) 111-120] to enforce current role based access control models [M.J. Moyer, M. Ahama, Generalized role-based access control, in: Proceedings of International Conference on Distributed Computing Systems (ICDCS), Phoenix, Arizona, USA, 2001. pp. 391-398] using multimedia objects in a dynamic environment. In essence, multimedia objects tend to be complex, memory and time consuming nevertheless they provide interesting information about users and their context (user surrounding, his moves and gesture, people nearby, etc.). The idea behind our approach is to attribute to roles and permissions, multimedia signatures in which we integrate conditions based on users' context information described using multimedia objects in order to limit role activation and the abuse of permissions in a given environment. We also describe our architecture which extends the known XACML [XACML, XACML Profile for Role Based Access Control (RBAC), http://docs.oasis-open.org/xacml/cd-xacml-rbac-profile-01.pdf.2008] terminology to incorporate multimedia signatures. We provide an overview of a possible implementation of the model to illustrate how it could be valuable once integrated in an intelligent environment. (C) 2008 Elsevier B.V. All rights reserved.