Context-aware access control and the GEO-RBAC framework

Geo-RBAC (Geographical Role-based Access Control) is a location-aware access control system developed on top of standard RBAC (Role Based Access Control). Geo-RBAC supports the specification of spatial constraints relating the position of the requesting subject to bounded regions. Key concepts:

  • Spatial role: a role which is effective in a bounded region
  • Role schema: a template for semantically homogeneous spatial roles
  • Logical position: geographical place at policy-dependent granularity
  • Spatial roles and roles schemas hierarchy
  • Separation of duty constraints on spatial roles and spatial role schemas
  • Spatial domain: spatially-bounded policy administration context


  • M. Kirkpatrick, M.L. Damiani, E. Bertino (2011). Prox-RBAC: a Proximity-based Spatially Aware RBAC, ACM GIS
  • M.L. Damiani, C. Silvestri (2008). Towards movement-aware access control. ACM SIGSpatial Workshop on Security and Privacy in GIS and LBS, Irvine (US)
  • M.L. Damiani, E. Bertino, C. Silvestri (2008). Spatial Domains for the Administration of Location-based Access Control Policies. Journal of Network and System Management, Springer
  • M. L. Damiani, C. Silvestri, E. Bertino (2008). Hierarchical domains for the decentralized administration of a spatially-aware access control system. Proc. of the 3rd International Conference on Availability, Reliability and Security (ARES2008)
  • M.L. Damiani, E. Bertino, B.Catania, B. and P. Perlasca (2007). GEO-RBAC: a spatially-aware RBAC. ACM Transactions on Information and System Security, Vol 10, No.1 Art. 1
  • M.L. Damiani, E. Bertino and P. Perlasca (2007). Data Security in Location-aware Applications: an Approach Based on RBAC. International Journal of Information and Computer Security. Vol. 1, No 1/2
  • M. L. Damiani and E. Bertino (2006). Access Control and Privacy in Location-aware Services for Mobile Organizations. In Proc. of the 7th International Conference on Mobile Data Management, May 10-12, Nara, Japan, 2006
  • E. Bertino, B. Catania, M. L. Damiani, and P. Perlasca (2005). GEO-RBAC: A Spatially Aware RBAC. Proc. of the 10th ACM Symp. on Access Control Models and Technologies
  • A. Belussi, E.Bertino, B. Catania, M.L. Damiani and A. Nucita (2004). An Authorization Model for Geographical Maps. 12th ACM International Symposium on Advances in Geographic Information Systems, Washington D.C.
  • E. Bertino, M.L. Damiani and D. Momini. An Access Control System for a Web Map Management Services (2004). Proc. of the 14th IEEE International Workshop on ResearchIssues on Data Engineering: Web Services for E-Commerce and E-Government Applications (RIDE-WS-ECEG 2004)
start/accesscontrol.txt · Last modified: 2017/03/02 12:58 by Maria Luisa Damiani
CC Attribution-Noncommercial-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0