Abstract
This paper introduces a model for invisible security. Our model provides an unobtrusive multi-factor authentication and context-aware authorization based on a probabilistic approach that takes into account social relationships and natural behaviors of the user, such as sharing objects or borrowing credentials as a form of access delegation. We believe the traditional model with sequential authentication, authorization and accounting modules is not suitable for smart spaces. Instead we propose a “probabilistic-spiral” model that can be as dynamic as the space itself.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Want, R., Hopper, A., Falcao, V., Gibbons, J.: The active badge location system. ACM Transactions on Information Systems 10, 102 (1992)
Snyder Jr., G.F., Pardoe, T.: Network Security. Delmar Cengage Learning (2004)
Barkley, J., Beznosov, K., Uppal, J.: Supporting relationships in access control using role based access control. In: Proceedings of the Fourth ACM Workshop on Role-Based Access Control, pp. 55–65. ACM, New York (1999)
Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security 3, 85–106 (2000)
Pearl, J.: Probabilistic reasoning in intelligent systems: networks of plausible inference. Morgan Kaufmann, San Francisco (1988)
Cobb, B.R., Shenoy, P.P.: A comparison of Bayesian and belief function reasoning. Information Systems Frontiers 5, 345–358 (2003)
Laskey, K.B.: MEBN: A language for first-order Bayesian knowledge bases. Artificial Intelligence 172, 140–178 (2008)
Ginsberg, M.: Essentials of artificial intelligence. Morgan Kaufmann, San Francisco (1994)
Kaplan, S., Garrick, B.J.: On The Quantitative Definition of Risk. Risk Analysis 1, 11–27 (1981)
Sabzevar, A.P., Sousa, J.P.: Authentication, authorization and auditing for ubiquitous computing: a survey and vision. International Journal of Space-Based and Situated Computing 1, 59–67 (2011)
Bardram, J.E., Kjær, R.E., Pedersen, M.Ø.: Context-aware user authentication – supporting proximity-based login in pervasive computing. In: Dey, A.K., Schmidt, A., McCarthy, J.F. (eds.) UbiComp 2003. LNCS, vol. 2864, pp. 107–123. Springer, Heidelberg (2003)
Corner, M.D., Noble, B.D.: Zero-interaction authentication. In: Intl. Conf. on Mobile Computing and Networking, pp. 1–11. ACM, Atlanta (2002)
Matsumiya, K., Aoki, S., Murase, M., Tokuda, H.: Zero-stop authentication: Sensor-based real-time authentication system. In: Chen, J., Hong, S. (eds.) RTCSA 2003. LNCS, vol. 2968, pp. 296–311. Springer, Heidelberg (2004)
Beigl, M.: Using spatial co-location for coordination in ubiquitous computing environments. In: Gellersen, H.-W. (ed.) HUC 1999. LNCS, vol. 1707, pp. 259–273. Springer, Heidelberg (1999)
Sadeh, N.M., Gandon, F.L., Kwon, O.B.: Ambient Intelligence: The MyCampus Experience, TR CMU-ISRI-05-123. School of Computer Science, Carnegie Mellon U, Pittsburgh, PA (2005)
Al-Muhtadi, J., Ranganathan, A., Campbell, R., Mickunas, M.D.: Cerberus: a context-aware security scheme for smart spaces. In: IEEE Intl. Conf. on Pervasive Computing and Communications, pp. 489–496. IEEE CS, Los Alamitos (2003)
Song, Y.J., Tobagus, W., Leong, D.Y., Johanson, B.: iSecurity: A Security Framework for Interactive Workspaces, Technical Report. Stanford University (2003)
Kagal, L., Undercoffer, J., Perich, F., Joshi, A., Finin, T., Yesha, Y.: Vigil: Providing trust for enhanced security in pervasive systems. Technical Report, University of Maryland, Baltimore County (2002)
Roman, M., Campbell, R.H.: Gaia: Enabling active spaces. In: ACM SIGOPS European Workshop, pp. 229–234. ACM, Kolding (2000)
Satyanarayanan, M.: Pervasive computing: Vision and challenges. IEEE Personal Communications 8, 10–17 (2001)
The Location Stack, http://portolano.cs.washington.edu/projects/location/
Park, J., Sandhu, R.: The UCON ABC usage control model. ACM Trans. on Information and System Security 7, 128–174 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sabzevar, A.P., Sousa, J.P. (2011). Chameleon: A Model of Identification, Authorization and Accountability for Ubicomp. In: Hsu, CH., Yang, L.T., Ma, J., Zhu, C. (eds) Ubiquitous Intelligence and Computing. UIC 2011. Lecture Notes in Computer Science, vol 6905. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23641-9_27
Download citation
DOI: https://doi.org/10.1007/978-3-642-23641-9_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23640-2
Online ISBN: 978-3-642-23641-9
eBook Packages: Computer ScienceComputer Science (R0)