A Location-Based Secure Spatial Audit Policy Model

Abstract

Besides RBAC, securing access to data in location-based services and mobile applications requires the definition of spatially aware audit policy model. In spatial DBMS applications, spatial query based on spatial predication is main object of secure auditing; however, the audit mechanism of traditional object-oriented DBMS and relational DBMS can not support spatial auditing. Even if some approaches have already been proposed either in the context of geographic database systems or context-aware applications, a comprehensive framework, general and flexible enough to deal with spatial aspects in real mobile applications, is still missing. This paper proposes a new secure spatial audit policy model enhanced with spatial and location-based information, and discusses spatial object attribute function, spatial predications and spatial relations, then presents the formal definition of spatial audit rules, strengthening the secure spatial auditing capability on traditional audit mechanism. Rules are activated based on the position of the user. The spatial audit policy model has been embedded into the kernel of a security spatial DBMS, Sec_VISTA, which is developed and maintained by our research group.