A Generalized Temporal and Spatial Role-Based Access Control Model

Transcription

1 92 JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 200 A Generalzed Temporal Spatal Role-Based Access Control Model + Natonal Central Polce Unverst/ Depart. of Informaton Management, Taouan, Tawan E-mal: [email protected] Hsng-Chung Chen Department of Computer Scence Engneerng, Asa Unverst, IEEE Member Tachung Count, Tawan 4354 e-mal: [email protected] Shuh-Jeng Wang +, Jh-Horng Wen ++, Yung-Fa Huang &, Chung-We Chen &&, ++ Thongha Unverst/ Depart. of Electrcal Engneerng, Tachung Count, Tawan E-mal: [email protected] Abstract Securng access to data, appled to moble servce applcatons wth temporal spatal controllng, requres constructng nnovatve defntons wth temporal spatal lmtatons for an access-control sstem. To cope wth the temporal spatal requrements, we propose a generalzed Temporal Spatal RBAC (RBAC) model. In the RBAC model, temporal-perod spatal-locaton based enttes are used to constran the permssons of obects, user postons, geographcall bounded roles. Furthermore, we also present temporal spatal relatons of Temporal Spatal Separaton of Dutes (SSD), Temporal Spatal Dnamc Separaton of Dutes (DSD) constrants n the RBAC model. Index Terms - Access Control; RBAC; RBAC I. INTRODUCTION Usng wreless communcatons to access remote database sstem s becomng a more more popular means of accessng contents outsde a moble user s local machne. Moble users can each get specfc permsson to access nformaton through wreless connectons dependent on ther phscal locaton [2]. One of the core technques n a Wreless Access Database () sstem s Access Control (AC), whch s the means b whch the avalablt of data resources accessble b users n a sstem s restrcted whch both defends aganst llegal access b malcous attacers prevents honest users from ganng napproprate access possbl causng admnstratve Manuscrpt receved October 23, 2009; revsed December 0, 2009; accepted Januar 0, 200. Correspondence Author: Hsng-Chung Chen wth Asa Unverst on Dept. of Computer Scence Informaton Engneerng. Address: No. 500, Loufeng Rd., Wufeng Townshp, Tachung Count, Tawan (R. O. C.) E-mal: [email protected] also [email protected]. & Chaoang Unverst of Technolog /Dept. of Informaton Communcaton Engneerng, Tachung Count, Tawan Emal: [email protected] && Natonal Tsng Hua Unverst/ Insttute of Communcatons Engneerng, Hsnchu, Tawan E-mal: [email protected] errors. New problems frequentl occur when users want to access more than one server at specfc locatons concurrentl there are perod constrants for AC. For example, frst, one server assgns specfc permsson to a user, where ther permssons need to be constraned b specfc locatons perods. At the same locatons perods, other servers also assgn another specfc permsson to the user. The user can now access, va varng roles, the correspondng multple servers. The sstem should support stuatons ncludng, but not lmted to, a server assgnng a user mult-roles among dstnct locatons perods, or assgnng a user the same role but whle havng dfferent permssons among dstnct locatons perods. We hereafter propose a new mproved sstem, whch can satsf the stuatons mentoned above. However, accessng manpulatng nformaton from restrcted users dependng on specfc locatons together wth perod constrants complcates data processng actvtes. There are partcular constrants that mae sstem processng dfferent from sstem computng. A new AC technque, role-based access control (RBAC) [, 37] has establshed tself as a generalzed approach for hlng access control n large organzatons. It dffers from conventonal dentt-based access control models n that t taes advantage of smplfng access control polces b usng the concept of role relatons. The Natonal Insttute of Stards Technolog (NIST), n a recent stud of twent-eght organzatons, has demonstrated that RBAC do:0.4304/nw

2 JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST addresses have man dfferent needs n the commercal government sectors [3]. Based on the aforementoned, the RBAC model s manners of constranng user s access to computer sstems the maturt of ts models have been wdel nvestgated. Frst, the conventonal RBAC does not address user authentcaton method on applng to the multple sstems envronment e.g. there s more than one dstnct server whch supports RBAC servce n a sstem, n whch each RBAC server needs to provde user authentcaton n order to dentf the user s authortes for assgnng dfferent permssons. However, there are three other separate ssues whch have not been addressed n the conventonal RBAC model [7]: Issue : The organzaton should be able to medate access to obects based on the specfc locatons the spatal dmenson n whch the user s located. Issue 2: The organzaton should be able to medate access to obects based on specfc perods wthn the tme dmenson. Namel, the users who are n the organzaton can onl access some specfc obects between some dut perods. Phscall, some applcatons are affected b: temporal semantcs, such as worflow-based sstems organzatons n whch processes functons ma have lmted tme spans or have perodc temporal duratons. Issue 3: Ths ssue s the combnaton of two ssues from Issue Issue 2, whch state that the organzaton should be able to medate access to obects based on both the specfc locatons perods wthn the tme-spatal dmenson. Specfcall, the users who are n the organzaton can onl access some specfc obects at specfc locatons durng specfc perods. Recent research supportng Issue or Issue 2 s noted below. For example, Hansen et al. [4] have proposed a Spatal Role-based Access Control model for the support of Issue, whch utlzes locaton nformaton n securt polc defntons to address the spatal constrant on RBAC. Ther proposed model depends on whether the requrement of accurate estmaton of the moble termnal s poston s satsfed, whch requres an accurate locaton estmaton technque. In partcular, locaton plas a e role n managng locaton-dependent locaton-senstve accesses. In ths wa, the conventonal RBAC model can be extended b specfng spatal constrants on roles that are assocated wth users. In Hansen et al s Spatal RBAC model [4], locatons are represented b means of smbolc formalsm that defnes locatons usng locaton expressons that descrbe locaton areas that the sstem can dentf. In support of Issue 2, Bertno et al. [] proposed the Temporal RBAC model that addresses some of the temporal ssues related to RBAC. The man features of ths model nclude perodc enablng of roles temporal dependences among roles, whch can be expressed through trggers. Partcularl, n ths model, tme plas a e role n managng tmedependent tme-senstve accesses. That s, the conventonal RBAC model has been extended b specfng temporal constrants on roles that are assocated wth users. Nevertheless, Bertno et al. s Temporal RBAC model grants role-enablng constrants onl. Subsequentl, Josh et al. [5] proposed a Generalzed Temporal RBAC model, whch can allow perodc, as well as duratonal constrants on roles, user-role assgnments, role-permsson assgnments. The Generalzed Temporal RBAC model [5] extends the sntactc structure of the Temporal RBAC model [] ts event trgger expressons subsume those of Temporal RBAC []. However, the conventonal RBAC model [7] does not address Issue, Issue 2 or Issue 3. In addton, the models [, 36] mentoned above dd not address Issue 3. Therefore, n order to cope wth the temporal spatal constrants on the conventonal RBAC model, we propose a RBAC model, an extenson of Hansen et al. s Spatal RBAC model [4], whch specfes temporal spatal restrctons on permssons assgned to roles. The RBAC model can address the constrants on the set of roles permssons that users can actvate whle ther permssons are constraned b specfc, tme-spatal pars n whch a par s defned as a temporal perod spatal locaton (TPSL for short) par, estmated from the servng RBAC server (a server). Thus, n our model, we ensure that these TPSL pars are represented b means of smbolc formalsm that defne them as the expressons of specfc dut-tme perods locaton nformaton that descrbe the user s dut tme together wth the authorzed locaton areas. The remer of ths paper s organzed as follows: In Sec. II, we propose a RBAC model ts defntons for multple servers n sstem. An applcaton scenaro for the sstem s descrbed n Sec. III. Ths s followed b analses dscussons of our proposal n Sec. IV. Fnall, we mae our concludng remars n Sec. V. II. RBAC MODEL In order to be adaptable to the requrements of those moble envronments wth both temporal constrant spatal constrant, we propose the RBAC model as below. RBAC model s an extenson of Hansen et al. s Spatal RBAC model [4] whch s able to utlze both temporal locaton nformaton n securt polc defntons. We assume that there are m dstnct servers denoted as a set M, where M,2,..., m f, M, n the sstem. In the remer of ths secton, we ntroduce the formal model components of the RBAC model for a server as the followng.. The basc defntons of the RBAC The basc concept of the RBAC model, shown n Fg., conssts of the followng fve component sets: Users

3 94 JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 200 ( U ), Roles ( ( R ), Permssons ( PRMS ), Sessons S ), TPLSPS ( ), representng the set of users, roles, permssons, sessons TPSL par set respectvel. Users n the set U are consdered the moble unts used b authentcated users that can establsh (wreless) communcaton wth the resources of the server to perform some actvtes. Roles are descrbed as a set, R, of permssons to access the resources (obects) of the server. Permssons are a set, PRMS, of approvals to execute operatons on one or more obects of the server, whch have been constraned b the role role owner s TPSL par constrants. Sessons are a set, S, the mappng between users actvated subsets of the set of roles, R, to whch the users are assgned. TPSLPS s represented as a TPLS par set,, of all subsets of TPSL pars, where each TPSL par s a smbolc expresson b whch the sstem descrbes dentfes not onl the spatal doman but also the tme doman. We assume that the server can dentf estmate both users temporal-perods users locaton nformaton for legtmate users who belong to the set U, based on the underlng archtecture. We assume that the tme-spatal doman, denoted as, covers the whole responsblt doman of the RBAC model. We defne a subset of, denoted as, whch belongs to the tme-spatal doman reflects the access authortes have to the underlng archtecture ablt to map a user s permssons on specfc TPSL pars. We also assume that a TPSL par denoted as, l belongng to x, where, N N s a set of nteger numbers. The par, l from s called homogeneous wth respect to role from R f has the same permssons avalable durng the specfc dut-tme perod specfc locaton l. In order to smplf defntons mplementatons, t s desrable to dentf a mnmum-value set of that can be used n TPSL par expressons to defne the meanngful tme-spatal doman n the RBAC model. Furthermore, there are two regular defntons, whch we propose for constructng the basc model for the RBAC, whch are shown as follows: x x Defnton : A subset of, l x,, N notated as, s called normalzed wth respect to a set of roles R from R, f t s a partton of, l, that s, x x,, l, l x x,,, x x I for an N, x x, an TPSL par,, l x, from s homogeneous wth respect to R. It s eas to see that an meanngful TPSL par expresson can be represented as a subset of normalzed. Hereafter, we also assume that s a normalzed subset of (wth respect to all roles from R ) that s a partton of the entre tme-spatal doman controlled b the server. On the sets U, R, PRMS, S, several functons are defned as shown below. The user assgnment (UA) relaton, notated as UA, represents the assgnment of a user from U to roles from R, based on the success of the user authentcaton. The permsson assgnment relaton, notated as PA, represents the assgnment of permssons to roles based on the avalablt of roles TPSL pars. We model authentcated users assgned to sessons, notated as S, b functon au _ s representng users assocated wth a sngle sesson. ; Defnton 2: The generalzed model of RBAC; U, R, PRMS, S, represent the fnte sets of authentcated users, roles, permssons, sessons TPSLPS, whch are assgned b the server, respectvel; UA U R, the user assgnment relaton that assocates users wth roles avalable upon successful user authentcaton; U r_ au : R 2, the mappng of a role onto a set of authentcated users, where the functon r_ au s defned as UA r _ au uu u, x ; PA R PRMS, the role assgnment relaton that assgns a permsson to a role avalable on specfc TPSL pars;

4 JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST PRMS x r_ p : R,, l : 2, the mappng of a role onto a set of permssons based on the avalablt of a role s TPSL par,, l x, where the functon r_ p s defned as r_p x,p P, x,l p P RMS,,l A ; S au _ s u : U 2, where the functon au _ s assgns an authentcated user onto a set of sessons; R s_ r : S 2, the mappng of each sesson to a set of roles; PRMS x s_ pa_ ts : S,, l : U 2, the permssons avalable n a sesson for a TPSL par, l x r_ p,, l x. s pa ts 2. Herarchcal role n RBAC Herarches n the RBAC model defne an nhertance relatonshp between roles for a server n sstem, such that a role R nherts the permssons from role R, f all permssons of are also the permssons of. We present a herarchcal RBAC model, shown n Fg., for a server. In ths model, permsson s assgned to a role varng wth dstnct TPSL par. Thus, the permssons nhertance relatonshp among roles n the presence of a role herarch must depend on the TPSL par. That s, a role would nhert the permssons of role n a subset of TPSLPS,, f all the permssons of n are also the permssons of n f, onl f,. A regular defnton s shown below for the role herarches of the RBAC model n a sstem. Defnton 3: Role herarches n a RBAC model: RH R R s a partal order of roles wth respect to some specfc TPSL pars n, called the ascendanc relaton, wrtten as, where, s such that role R nherts all permssons that role R has n a subset of TPSLPS,, all the users of are also the users of. If s omtted, then role nherts all the permssons of wth respect to the specfc TPSLPs where s defned. r_ p_ ts : R,, l : 2 s x PRMS the mappng of a role, onto a set of permssons, based on a TPSL par, l x, n the presence of a role herarch. The permsson set assgned drectl to the role for that TPSL par together wth the permssons assgned to ts unor roles n that same TPSL par s specfcall: r_p_ts,,l x r_p_ts, _ x,l r_p ts, x,l : U r_ au _ ts : R 2 s the mappng of a role onto a set of authentcated users n the presence of a role herarch, specfcall: r_ au_ ts u U, u, U A ; for the purposes of generalzaton, let be a subset of PSLPS, l,, l 2,...,,,..., 2 l x l x, l n n,,...,, normalzed wth respect to roles, R, l x s such that, l. Then the relaton, l x From the above defntons, t follows that f, then, l x.

5 96 JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 200 r _ p_ts,,l r _ p_ts,,l r_ au_ ts r_ au_ ts x x. 3. Separaton of dutes constraned n the RBAC The proposed RBAC model [7] defnes Separaton of Dutes as those that are to be enforced on a set of roles that ma not be executed smultaneousl b a user. Our model extends the concept of Separaton of Dutes to allow users who have been authorzed to have mutuall exclusve roles f the cannot be utlzed n the same TPSL par. It s smlar to Statc Separaton of Dutes (SSD) [6] Dnamc Separaton of Dutes (DSD) [6] that ntends to lmt the permssons avalable to a user. It dffers from SSD DSD n that the roles are mutuall exclusve relant on the TPSL par n whch a user s stuated. That s, two roles wth assgned permssons ma be mutuall exclusve for a gven TPSL par; however, for another TPSL par, a user ma be authorzed to actvate these two roles, snce the set of permssons assgned to the roles ma be dfferent for dstnct TPSL pars. We defne, n our RBAC model shown n Fg., both temporal spatal relatons SSD DSD for a server, whch are further, elaborated defned n the next two subsectons. () Temporal Spatal Separaton of Dutes (SSD) relatons enforce constrants on the assgnment of users to roles wth regard to TPSLPs. Ths mples that f a user s assgned to a role n a TPSL par, then the user cannot be assgned to another role n ths same TPSL par f these two roles are conflctng. Thus, a user ma never actvate two roles that share a TLSSD relaton for a specfed TPSL par. Ths s the stronger Separaton of Dut relaton, our model would be smlar to the stard RBAC model f the temporal spatal SSD relaton were defned for the entre tme-spatal doman. Ths s llustrated n Fg.. The formal defnton of temporal spatal SSD s gven below. Defnton 4: SSD relaton n the RBAC model; TLSSD, R TLSSD 2 2 N, s a R collecton of trples,, n 2, 2, N for a R server; where each 2 s a role set, 2 s a normalzed TPSLPS, n N s a natural number, n 2, wth the propert that no user can be assgned to n or more roles from the set n an normalzed TPSL par x, l from. Specfcall: x :,,n TLSSD,,l, n mples x r_ au_ ts,, l. (2) Temporal Spatal Dnamc Separaton of Dutes (DSD) relatons enforced on the permssons assgned to roles, whch are actvated n a user s sesson (see Fg. ). Temporal spatal DSD relatons allow users to be assgned to two or more roles that are not conflctng when actvated n separate sessons for specfed TPSL pars; however, t would generate polc concerns when actvated smultaneousl n a user s sesson for other specfed TPSL pars. Ths offers a great advantage compared wth the conventonal DSD, because one can lmt the valdt of the constrant to eld onl n specfc TPSL pars. A conventonal DSD constrant enforces restrctons on roles n the entre organzaton; that s, the complete tme-spatal doman, whle temporal spatal DSD lmts the constrant to be valdl dependent on a TPSL par such that a user ma actvate conflctng roles wthn a sesson for a TPSL par, other than the TPSL par tself, for whch the temporal spatal DSD constrant s specfed. Ths s llustrated n Fg.. The formal defnton of the temporal spatal DSD s gven below. Defnton 5: DSD relaton n the RBAC model; R TLDSD, TLDSD 2 2 N, s a R collecton of trples,, n 2, 2, N for a 2 R 2 server, where each s a role set, s a normalzed subset of TPSLPS, n N s a natural number, n 2, wth the propert that no user ma actvate n or more roles from the set n an normalzed TPSL par, l x from. Specfcall:,, n TLDSD, x,l, S, s _r n mples :,, l x r_ au _ ts. III. APPLICATION SCENARIO Assume that there are three dstnct databases managed A B C b dstnct servers, respectvel. We then assume that the users U, U2, U3, U4, U5, U6 U7 have satsfed the UA A B C relatons UA, UA UA, where the relatons are

6 JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST defned accordng to Defnton Defnton 2 as follows: A A U UA, U2 UA, A A U3 UA, U4 UA A A A A U UA, where U A U R ; 7 B U UA, B B B UA U R ; B U UA 5 C U UA B U UA where, 6 C U UA C C C U7 UA where UA U R C. We llustrate the example wth the followng. U B Example: In Fg. 2, the server assgns the user B one role,,l. In wth the constrant TPSL par 4 C the same perod locaton area, the server C assgns the user U the other role, wth the same A constrant TPSL par,l. The WA D server also A A assgns the user U two roles, 2 5, constraned b the TPSL pars 2,l 4 4, l 5, respectvel. C Smlarl, the server assgns the user U the role C 3 wth the constrant TPSL par 2, l4. That s, accordng to Defnton, the user U has been assgned the roles wth the constrant of the subsets of TPSLPS: A B 2, l4, 4, l5,, l C A B, l b servers:, C, respectvel. The users U2 U3, shown n Fg. 2, are assgned the roles A 3, A, 4, respectvel, wth the same constrant TPSL par 3, l A 3 b the server, where the two roles satsf the ascendanc relaton A A A A ,l3. In A A 3 4 other words, accordng to Defnton 3, the user U 2 can A access not onl the permsson of the role 3 but also the A A permsson of the role 4, nherted from the role 3. On the contrar, however, the user U 3 cannot access the A permsson of the role 3. Ths mples that the user U 3 A s assgned to the role 4 n the TPSL par 3, l3, that A s, the user U 3 s not assgned to another role 3 n ths TPSL par 3, l3. B B If the server enforces these two roles 3 B 4, n Fg. 2, such that these two roles share a temporal spatal SSD relaton accordng to Defnton 4 n a specfed TPSL par 4,l, f these two roles are conflctng, then the user U5 or U 6 ma never actvate B B these two roles 3 4,.e. B B 3, 4, 4, l,2 B TLS SD. In Fg. 2, accordng to Defnton 5, no users are allowed to actvate both B B 2 5 n a specfed TPSL par B B, n a sngle sesson,.e.,,,, l,2 3,l B TLDSD. The fact s that no temporal spatal DSD constrant on B B 2 5 s specfed for the other B TPSL pars n Fg. 2. Onl the server enforces the constrant that nether the user U5 nor U6 ma never actvate these two roles for a sngle user s sesson n a specfed TPSL par 3,l2. Fnall, after successfull performng a user s authentcaton b wa of a server, a user can be allowed to access ths server. Thus, our model extends from the Hansen et al. s Spatal RBAC model [4] for whch extends the conventonal RBAC model to access not onl the temporall senstve constrant but also the spatall senstve constrant. IV. ANALYSES AND DISCUSSIONS Two mportant characterstcs n our RBAC model are analzed n the followng, where the model apples to assocated RBAC servers n the sstem.

7 98 JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 200 () Each server ma defne ts own components R, PRMS S respectvel; furthermore, t ma also defne ts own relatons UA, PA, RH, TLSSD, TLDSD, respectvel. That s to sa, each server ma own manage all ts components relatons, except the sets of Users ( U ) TPSLPS ( ). In the sstem, a user ma actvate mult-roles to access multple servers dependng on ther authorzed subset of the TPSLPS. (2) If a user wants to actvate a role, whch has been assgned, belongng to a server, then the user must be authentcated b each server to whch she/he belongs. Fnall, the RBAC model we propose s compared to several nfluental research papers mentoned above. Bertno et al. s [] TRBAC model addresses the perodc enablng of roles temporal dependences among roles, but t does not address the user authentcaton spatal constrants. Josh et al. s [5] Generalzed Temporal RBAC model s capable of expressng a wder range of temporal constrants also allows expressng perodc as well as duratonal constrants on roles, user-role assgnments, rolepermsson assgnments, however, t does not address user authentcaton spatal constrants. Hansen et al. s [4] Spatal RBAC model specfes spatal restrctons on permssons assgned to roles, whch can be used to constran the set of roles permssons that a user can actvate at a gven locaton, et t does not address the user authentcaton temporal constrants. practcal sstem. Furthermore, ncorporatng temporal locaton nformaton n the RBAC as proposed n ths paper would enable the RBAC to be mplemented n wreless computng envronments. REFERENCES [] E. Bertno, P.A. Bonatt, E. Ferrar, TRBAC: A Temporal Role- Based Access Control Model, ACM Trans. on Informaton Sstem Securt, vol. 4, no. 3, pp , Aug [2] Y. Ca, K. A. Hua, G. Cao., T. Xu, Real-tme processng of rangemontorng queres n heterogeneous moble databases, IEEE Transactons on Moble Computng, vol. 5, no. 7, pp , Jul [3] D. F. Ferraolo, R. Shu, S. Gavrla, D.R. Kuhn, R. Chramoul, Proposed NIST Stard for Role-Based Access Control, ACM Trans. on Informaton Sstem Securt, vol. 4, no. 3, pp , Aug [4] F. Hansen V. Oleshchu, Spatal role-based access control model for wreless networs, n Proc. the 58th of IEEE Vehcular Technolog Conference, vol. 3, pp , 6 9 Oct [5] J. B. D. Josh, E. Bertno, U. Latf, A. Ghafoor, A Generalzed Temporal Role-Based Access Control Model, IEEE Transactons on Knowledge And Data Engneerng, vol. 7, no., pp. 4 23, Jan [6] S. Osborn, R. Shu, Q. Munawer, Confgurng role-based access control to enforce mator dscretonar access control polces, ACM Trans. on Informaton Sstem Securt, vol. 3, no. 2, pp , [7] R. S. Shu, E.J. Cone, H.L. Fensten, C.E. Youman, Role- Based Access Control Models, IEEE Computer, vol. 29, ssue 2, pp , Feb V. CONCLUSION We have proposed a Temporal Spatal RBAC model that allows specfcaton of a comprehensve set of temporal spatal constrants. In partcular, all users wll be authentcated frst from ther servng server, where each server defnes the related relatons of UA, PA, RH, TLSSD TLDSD va our RBAC model. The constrants on role enablng role actvatng, varous temporal spatal restrctons on user-role role-permsson assgnments, can be specfed multple servers, n the sstem, through the RBAC model. We have also presented the temporal spatalbased semantcs of herarches, temporal spatal SSD temporal spatal DSD constrants. We also present an assocated role-herarchcal relaton that s the defnton extended from basc RBAC model for the assocated servers n a sstem. Addtonal extensons from both relatonal defntons of the spatal SSD spatal DSD nclude the assocated temporal spatal SSD assocated temporal spatal DSD for applcaton n a Fgure. Both TLSSD TlDSD relatons wth TPSL par constrants are managed b a server.

8 JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST Prof. Hsng-Chung Chen receved the B.S. degree n Electronc Engneerng from Natonal Tawan Unverst of Scence Technolog, Tape, Tawan, n 994, the M.S. degree n Industral Educaton from Natonal Normal Unverst, Tape, Tawan, n 996, respectvel. He receved the Ph.D. degree n Electronc Engneerng from Natonal Chung Cheng Unverst, Cha-Y, Tawan, n Durng the ears , he had served as a Sstem Engneer at the Department of Moble Busness Group, Chunghwa Telecom Co., Ltd. From Februar 2008 present, he has been the Assstant Professor of the Department of Computer Scence Informaton Engneerng at Asa Unverst, n Tachung Count of Tawan. Currentl, he s nterested n researchng Mult-sesson Crptograph, Role-based Access Control, Fuzz Control, Gre Theoretc, Wreless Communcatons. He s a member of the Chnese Crptolog Informaton Securt Assocaton (CCISA). He s also a member of the Internatonal Fuzz Sstem Assocaton (IFSA), the member of the Chnese Gre Sstems Assocaton. He ons the nternatonal commttee on Internatonal Conference on Convergence Hbrd Informaton Technolog (ICCIT) seres. Fgure 2. An example to llustrate how users are assgned roles dependng on the users specfc TPSL pars b the servers A, B WA C D WA D n the tme-spatal doman. Prof. Shuh-Jeng Wang was born n Tawan, 967. He receved the M.S. degree n Appled Mathematcs from Natonal Chung-Hsng Unverst, Tachung, Tawan, n 99. He receved hs PhD degree n Electrcal Engneerng at Natonal Tawan Unverst, Tape, Tawan n 996. He s currentl wth Dept. of Informaton Management at Central Polce Unverst, Taouan, Tawan, where he drects the Informaton Crptolog Constructon Laborator (ICCL, He was a recpent of the 5th Acer Long-Tung Master Thess Award the 0th Acer Long-Tung Ph.D Dssertaton Award n , respectvel. Dr. Wang was a vstng scholar of Computer Scence Dept. at Florda State Unverst (FSU), USA n He also was a vstng scholar of Dept. of Computer Informaton Scence Engneerng at Unverst of Florda (UF) from Aug to Feb He served the edtor-n-chef of the ournal of Communcatons of the CCISA n Tawan from He has been elected as the Drector of Chnese Crptolog Informaton Securt Assocaton (CCISA) snce Dr. Wang academcall toured the CLab wth School of Computer Scence n Carnege Mellon Unverst, USA, n 2007 for nternatonal proect collaboraton nspecton. He s also the authors of eght boos (n Chnese versons): Informaton Securt, Crptograph Networ Securt, State of the Art on Internet Securt Dgtal Forenscs, Ees of Prvac Informaton Securt Computer Forenscs, Informaton Multmeda Securt, Computer Forenscs Dgtal Evdence, Computer Forenscs Securt Sstems, Computer Networ Securt n Practce, publshed n 2003, 2004, 2006, 2007, 2009, respectvel. He s also the guest edtors of a number of Journals ncludng IEEE Journal on Selected Areas n

9 920 JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 200 Communcatons (J-SAC), Journal of Internet Technolog (JIT), Oxford The Computer Journal, Sprnger Telecommuncaton Sstems n , respectvel.prof. Wang has publshed over 200 papers n referred Journals/Conference proceedngs/technque reports so far. He s a full professor a member of the IEEE, ACM. Hs current nterests nclude nformaton securt, dgtal nvestgaton computer forenscs, steganograph, crptograph, data constructon engneerng. Prof. Jh-Horng Wen receved the B.S. degree n electronc engneerng from the Natonal Chao Tung Unverst, Hsng-Chu, Tawan, n 979 the Ph.D. degree n electrcal engneerng from Natonal Tawan Unverst, Tape, n 990. From 98 to 983, he was a Research Assstant wth the Telecommuncaton Laborator, Mnstr of Transportaton Communcatons, Chung-L, Tawan. From 983 to 99, he was a Research Assstant wth the Insttute of Nuclear Energ Research, Taoun, Tawan. From Februar 99 to Jul 2007, he was wth the Insttute of Electrcal Engneerng, Natonal Chung Cheng Unverst, Cha-Y, Tawan, frst as an Assocate Professor, snce 2000, as a Professor. He was also the Managng Drector of the Center for Telecommuncaton Research, Natonal Chung Cheng Unverst, from Aug. 200 to Jul 2004 the Dean of General Affars, Natonal Ch Nan Unverst, from Aug to Jul Snce Aug. 2007, he has been the Department Head of Electrcal Engneerng, Tungha Unverst, Tachung, Tawan. He s an Assocate Edtor of the Journal of the Chnese Gre Sstem Assocaton. Hs current research nterests nclude computer communcaton networs, cellular moble communcatons, personal communcatons, spread-spectrum technques, wreless broadb sstems, gra theor. Prof. Wen s a member of the IEEE Communcaton Socet, the IEEE Vehcular Technolog Socet, the IEEE Informaton Socet, the IEEE Crcuts Sstems Socet, the Insttute of Electroncs, Informaton Communcaton Engneers, the Internatonal Assocaton of Scence Technolog for Development, the Chnese Gre Sstem Assocaton, the Chnese Insttute of Electrcal Engneern g. Engneerng, Chaoang Unverst of Technolog, Tachung, Tawan. From August 2007 to Jul 2008, he was the Department Head of Computer Communcaton Engneerng the Insttute Char of the Graduate Insttute of Networng Communcaton Engneerng, Chaoang Unverst of Technolog. Snce Aug. 2008, he has been the Department Head of Informaton Communcaton Engneerng, Chaoang Unverst of Technolog. Hs current research nterests nclude multuser detecton n OFDM-CDMA cellular moble communcaton sstems, communcaton sgnal processng, fuzz sstems wreless sensor networs. Dr. Huang s a member of IEEE Communcatons Socet IEICE Communcatons Socet. Chung-We Chen receved the MS degree n communcaton engneerng from Natonal Tsng Hua Unverst, Tawan BS degree n electrc engneerng from Natonal Central Unverst, Tawan. He s now worng toward PhD program n Insttute of Communcaton Engneerng of Natonal Tsng-Hua Unverst, Tawan. Hs research nterest ncludes securt ssues n moble ad hoc networ wreless sensor networ. Prof. Yung-Fa Huang was born n Changhua Count, Tawan, n 96. He receved the Dplom-Eng. n electrcal engneerng from Natonal Tape Unverst of Technolog, Tape, n 982, M.Eng. degree n electrcal engneerng from Natonal Tsng Hua Unverst, Hsnchu, Tawan, n 987 Ph.D. degree n electrcal engneerng from Natonal Chung Cheng Unverst, Cha, Tawan, n Durng , he oned the Ar Forces for the mltar servce n Tawan. Durng , he was an nstructor n Chung Chou Insttute of Technolog, Yuanln, Tawan. From Februar 2002 to Jul 2004, he was wth the Department of Electrcal Engneerng, Chung Chou Insttute of Technolog, as an Assocate Professor. From August 2004 to Jul 2007, he was an Assocate Professor n Graduate Insttute of Networng Communcaton