Abstract

A building information model (BIM) is of upmost importance with a full life-time cycle in architecture engineering and construction industry. Smart construction relies on BIM to manipulate information flow, data flow, and management flow. Currently, BIM has been explored mainly for information construction and utilization, but there exist few works concerning information security, e.g., audits of critical models and exposure of sensitive models. Moreover, few BIM systems have been proposed to make use of new computing paradigms, such as mobile cloud computing, blockchain and Internet of Things. In this paper, we propose a Context-aware Access Control (CaAC) model for BIM systems on mobile cloud architectures. BIM data can be confidentially accessed according to contexts in a fine-grained manner. We describe functions of CaAC formally by illustrating location-aware access control and time-aware access control. CaAC model can outperform role-based access control for preventing BIM data leakage by distinguishing contexts. In addition, grouping algorithms are also presented for flexibility, in which basic model (user grouping based on user role permissions) and advanced model (user grouping based on user requests) are differentiated. Compared with the traditional role-based access control model, security and feasibility of CaAC are remarkably improved by distinguishing an identical role with multiple contexts. The average efficiency is improved by $2n/(2n-p-q)$ , and time complexity is $O\left(n\right)$ .