José Bringel Filho
Hervé Martin
ABSTRACT
Pervasive Computing Environments enable new opportunities for users to share and to access resources anytime and anywhere in a more natural way, making access control a critical issue. These heterogeneous and dynamic sensor-rich environments characterized by frequent and unpredictable changes on user's, resource's, and environment situations, call for access control solutions that allow dynamically adjust access permissions based on information describing the conditions of these entities (context), such as location and time. Some research attempts have been done based on existing models, which context information is used as an optional attribute for limiting the scope of access control permissions. However, these approaches normally exploit identities and roles dynamically assigned to the users in order to grant access permissions, which is an inappropriate solution for open and dynamic environments which we cannot assume the existence of predefined roles and user-role associations. In this scenario, we claim that access permissions should be assigned to the users only based on context information characterizing the three most important entities of any access control framework: owners, requestors, and resources. Thus, this paper proposes a generalized context-based access control model for making access control decisions completely based on context information.
- Trusted computer system evaluation criteria, dod 5200.28-std, department of defense, 1985.Google Scholar
- E. Bertino, P. A. Bonatti, and E. Ferrari. Trbac: a temporal role-based access control model. In ACM Workshop on Role-Based Access Control, pages 21--30, 2000. Google ScholarDigital Library
- T. Buchholz, A. Küpper, and M. Schiffers. Quality of context: What it is and why we need it. In (HPOVUA 2003), Geneva, 2003, 2003.Google Scholar
- A. K. Dey. Understanding and using context. Personal and Ubiquitous Computing, 5(1):4--7, 2001. Google ScholarDigital Library
- B. Filho, W. Viana, R. Braga, and R. Andrade. Framesec: A framework for the application development with end-to-end security provision in the mobile computing environment. In AICT-SAPIR-ELETE '05, pages 72--77, Washington, DC, USA, 2005. IEEE Computer Society. Google ScholarDigital Library
- J. B. Filho and H. Martin. Qacbac: an owner-centric qoc-aware context-based access control model for pervasive environments. In SPRINGL '08: Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS, pages 30--38, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- J. B. Filho and H. Martin. A quality-aware context-based access control model for ubiquitous applications. In ICDIM, Third IEEE International Conference on Digital Information Management (ICDIM), November 13--16, 2008, London, UK, Proceedings, pages 113--118, 2008.Google Scholar
- J. B. Filho and H. Martin. Using context quality indicators for improving context-based access control in pervasive environments. Embedded and Ubiquitous Computing, IEEE/IFIP International Conference on, 2:285--290, 2008. Google ScholarDigital Library
- C. Groba, S. Grob, and T. Springer. Context-dependent access control for contextual information. In ARES '07: Proceedings of the The Second International Conference on Availability, Reliability and Security, pages 155--161, Washington, DC, USA, 2007. IEEE Computer Society. Google ScholarDigital Library
- Y.-G. Kim, C.-J. Moon, D. Jeong, J.-O. Lee, C.-Y. Song, and D.-K. Baik. Context-aware access control mechanism for ubiquitous applications. In AWIC, volume 3528 of Lecture Notes in Computer Science, pages 236--242. Springer, 2005. Google ScholarDigital Library
- M. J. Moyer and M. Ahamad. Generalized role-based access control. In ICDCS, pages 391--398, 2001. Google ScholarDigital Library
- S.-H. Park, Y.-J. Han, and T.-M. Chung. Context-role based access control for context-aware application. In High Performance Computing and Communications, Second International Conference, HPCC 2006, Munich, Germany, September 13--15, 2006, Proceedings, volume 4208 of Lecture Notes in Computer Science, pages 572--580. Springer, 2006. Google ScholarDigital Library
- I. Ray and M. Toahchoodee. A spatio-temporal role-based access control model. In Data and Applications Security XXI, 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Redondo Beach, CA, USA, July 8--11, 2007, Proceedings, volume 4602 of Lecture Notes in Computer Science, pages 211--226. Springer, 2007. Google ScholarDigital Library
- R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38--47, 1996. Google ScholarDigital Library
- A. Toninelli, R. Montanari, L. Kagal, and O. Lassila. A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In International Semantic Web Conference, pages 473--486, 2006. Google ScholarDigital Library
- W. Viana, J. B. Filho, J. Gensel, M. Villanova-Oliver, and H. Martin. Photomap - automatic spatiotemporal annotation for mobile photos. In Web and Wireless Geographical Information Systems, 7th International Symposium, W2GIS 2007, Cardiff, UK, November 28--29, 2007. Proceedings, pages 187--201, 2007. Google ScholarDigital Library
- W. Viana, J. B. Filho, J. Gensel, M. Villanova-Oliver, and H. Martin. A semantic approach and a web tool for contextual annotation of photos using camera phones. In WISE, pages 225--236, 2007. Google ScholarDigital Library
- W. Viana, J. B. Filho, J. C. F. Junior, G. J. de Sena, E. L. F. Senne, J. Gensel, M. Villanova-Oliver, and H. Martin. Caus: Uma arquitetura para sistemas de ensino. In SBCUP, 2009.Google Scholar
- S. Yokoyama, E. Kamioka, and S. Yamada. An anonymous context aware access control architecture for ubiquitous services. In 7th International Conference on Mobile Data Management (MDM2006), Nara, Japan, May 9--13, 2006, page 74. IEEE Computer Society, 2006. Google ScholarDigital Library
- G. Zhang and M. Parashar. Context-aware dynamic access control for pervasive computing, 2004.Google Scholar
Index Terms
- A generalized context-based access control model for pervasive environments
Recommendations
Context-aware role-based access control in pervasive computing systems
SACMAT '08: Proceedings of the 13th ACM symposium on Access control models and technologiesIn this paper we present a context-aware RBAC (CARBAC) model for pervasive computing applications. The design of this model has been guided by the context-based access control requirements of such applications. These requirements are related to users' ...
Domain Administration of Task-role Based Access Control for Process Collaboration Environments
IAS '09: Proceedings of the 2009 Fifth International Conference on Information Assurance and Security - Volume 01The fast evolving workflow technologies facilitate organizations to interact and cooperate with each other to achieve their business goals by process collaborations. Task-role based access control is an important security mechanism to protect data and ...
An Evaluation of Role Based Access Control Towards Easier Management Compared to Tight Security
ICFNDS '17: Proceedings of the International Conference on Future Networks and Distributed SystemsRole-based access control (RBAC) is a widely-used protocol to design and build an access control for providing the system security regarding authorization. Even though in the context of internet resources access, the authentication and access control ...
Comments