U. Lang and R. Schreiner, “Proximity-Based Access Control (PBAC) using Model-Driven Security,” in ISSE 2015 – Highlights of the Information Security Solutions Europe 2015 Conference, Berlin, Germany, November 1-2, 2015, 2015, pp. 157–170.
Unfortunately, well-established classic security models for access control are often not sufficient anymore for many of today’s use cases and IT landscapes, including for example Internet of Things (IoT) and big data analytics. Access control (and security/privacy in general) requirements and implementations have frequently become very different, and more challenging, compared to conventional enterprise or internet-facing IT environments. More sophisticated approaches based on fine-grained, contextual, dynamic access control are required. This paper focuses on “Proximity Based Access Control” (PBAC), a particularly advanced access control approach that can implement flexible, proximity-based, dynamic, contextual access. PBAC, together with Attribute Based Access Control (ABAC) and Model Driven Security (MDS) is used to express and enforce such security and privacy requirements. Section 1 motivates the need for advanced access control for many of today’s environments. Section 2 first introduces ABAC, then section 3 discusses PBAC within the context of ABAC. Section 4 introduces MDS. Finally, section 5 presents a detailed Intelligent Transport Systems (ITS) example of PBAC, implemented using MDS and an extension of ABAC).