Home // INFOCOMP 2014, The Fourth International Conference on Advanced Communications and Computation // View article

Trans-Organizational Role-Based Access Control in Android

Authors:
Jason Paul Cruz
Yuichi Kaji

Keywords: role-based access control; trans-organizational role; information security; ID-based encryption; service coalition; Android

Abstract:
The role-based access control (RBAC) is a natural and versatile model of the access control principle. In the real world, it is common that an organization provides a service to a user who owns a certain role that was issued by a different organization. However, such a trans-organizational RBAC is not common in a computer network because it is difficult to establish both the security that prohibits malicious impersonation of roles and the flexibility that allows small organizations/individual users to fully control their own roles. To solve this problem, this study proposes a mechanism that makes use of the hierarchical ID-based encryption scheme and the challenge-response authentication protocol. The proposed mechanism contributes to achieve both the security and the flexibility and it provides additional features that are common in physical communication but are not obvious in the cyberworld. This study also reports a prototyping system that is implemented on Android-enabled mobile devices. The proposed system employs the needed cryptographic mechanisms, and new technologies, namely, near-field communication and two-dimensional codes, are employed to realize locally closed communication between devices.

Pages: 114 to 119

Copyright: Copyright (c) IARIA, 2014

Publication date: July 20, 2014

Published in: conference

ISSN: 2308-3484

ISBN: 978-1-61208-365-0

Location: Paris, France

Dates: from July 20, 2014 to July 24, 2014