Databases Reference
In-Depth Information
Table 1.
Examples of location-based predicates
Type
Predicate
Description
Position
inarea
(
user, area
)
Evaluate whether
user
is located within
area
.
disjoint
(
user
,
area
)
Evaluate whether
user
is outside
area
.
distance
(
user
,
entity
,
min dist
,
max dist
)
Evaluate whether distance between
user
and
entity
is within interval [
min dist
,
max dist
].
Movement
velocity
(
user
,
min vel
,
Evaluate whether
user
's speed falls within
range [
min vel
,
max vel
].
max vel
)
Interaction
density
(
area
,
min num
,
max num
)
Evaluate whether the number of users cur-
rently in
area
falls within interval [
min num
,
max num
].
local density
(
user
,
area
,
min num
,
max num
)
Evaluate the density within a 'relative' area
surrounding
user
.
symbolic model (i.e., with reference to entities of the real world such as, for
example, cells, streets, cities, zip code or buildings) [12].
Predicates are expressed as boolean queries of the form
predi-
cate
(
parameters, value
). Table 1 illustrates some examples of location predi-
cates.
Example 1.
Let
alice
be a user identifier, and
Milan
and
Director Office
be two map regions. Three simple examples of location-based conditions are
the following.
•
inarea(
alice
,
Milan
)
: request
alice
to be located in
Milan
.
•
velocity(
alice
,
70
,
90
)
: request
alice
to travel at a speed included in the
interval
[
70,90
]
.
•
density(
Director Office
,
0
,
1
)
:
request
at
most
one
person
in
the
Director Office
.
2.2 Location-based Access Control Policies
Location-based access control policies can be considered as a means for en-
riching the expressive power of existing access control languages (e.g., [11, 13,
14, 15]) by introducing location-based predicates. We assume access control
rules to be triples whose elements are generic boolean formula over the sub-
ject, object, and action domains. Formally, an access control rule is defined
as follows.
Definition 1 (Access control rule).
An access control rule is a triple of
the form
subj expr
,
obj expr
,
action
,where:
•
subj expr
is a boolean formula of terms referring to a set of subjects de-
pending on whether they satisfy or not certain conditions that can evaluate
the user's profile/information, location predicates, or the user's member-
ship in groups, active roles, and so on;