A Federated Physical and Logical Access Control Enforcement Model

This paper addresses the confidentiality of valuable content while the content is being accessed. Confidentiality threats such as information leakage by shoulder surfing or content theft may occur on critical assets. A person having access to a protected zone may therefore access to content which is unauthorized to him. This could be disastrous for the information of a top secret document or for a valuable digital film. An unprotected content could be attacked in two conditions: one if a protected content can be accessed without protected zone access restrictions or second if a protected zone can be accessed without logical access restrictions. To tackle these threats, this paper proposes a Federated Physical and Logical Access Control Enforcement Model. The model enforces a protected zone access control for logical content access together with a content-based access control for physical zone access. The access authorizations to content and to zone are dynamically linked together. Accordingly, it ensures that at every moment, contents currently edited can be processed by any user inside the protected zone. A formalized model example enforces a global Bell-Lapadula policy for a protected zone. Applicability is discussed for post-production film facilities and high sensitive protected zones such as government or defense facilities.