Securing context-aware applications using environment roles

Covington, Michael J.; Long, Wende; Srinivasan, S.; Dev, Anind K.; Ahamad, Mustaque; Abowd, Gregory D.

doi:10.1145/373256.373258

Cited by 326 publications

(212 citation statements)

References 12 publications

Supporting

Mentioning

207

Contrasting

Unclassified

Order By: Relevance

“…Generalized RBAC model (GRBAC) [1] define environmental role to control access to private information and resources in ubiquitous computing applications. Permission to assign role is associated with set of environmental role in GRBAC and environmental properties such as time and location influence to role activation.…”

Section: Related Workmentioning

confidence: 99%

Context-Aware Role Based Access Control Using User Relationship

Jung¹,

Park²

2013

IJCTE

View full text Add to dashboard Cite

Abstract-Role-based access control is widely used in modern enterprise systems because it is adequate for reflecting the functional hierarchy in various organizations' for access control model. However, environmental changes, such as the increasing usage of mobile devices, make several challenges. Our research suggests a relationship-based access control model that considers the relation with surrounding users in organization. Relation is significant context information but it is not considered in existing access control models. The proposed technique is different from that in traditional research in two ways. First, we regard the relationship among employee's as contextual information. As a result, the administrator can manage fine-grained access control for cooperative work in an organization. Second, we design access control architecture using NFC technique to deal with usability and security problems. Moreover, we propose a protocol for enforcing the suggested access control model in real world. We report performance analysis and security evaluation IndexTerms-Access control, context-aware, relationship-based, Security.

show abstract

Section: Related Workmentioning

confidence: 99%

Context-Aware Role Based Access Control Using User Relationship

Jung¹,

Park²

2013

IJCTE

View full text Add to dashboard Cite

show abstract

“…Otherwise, the access is denied. It is called Location-based Access Control (LBAC) [2,6,7], which provides more reliable access control when combined with traditional methods. In addition, it offers the ability to trace an intruder back to a physical location if some intrusion has been detected.…”

Section: Introductionmentioning

confidence: 99%

A Statistical Indoor Localization Method for Supporting Location-based Access Control

et al. 2009

View full text Add to dashboard Cite

“…Besides defining triggering actions [22] of pervasive applications (e.g., a smart meeting room), a logical language provides a way to infer high-level context information [13,19], such as a user's activity, from raw sensor data. One promising application of the logic-based approach is a context-sensitive authorization system [1,2,6,8,11,18,24] that considers a requester's context as well as his identity to make a granting decision; the system derives the granting decision (true or false) with a set of rules encoding policies and facts encoding context information.…”

Section: Introductionmentioning

confidence: 99%

Scalability in a Secure Distributed Proof System

Minami

Kotz

2006

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract.A logic-based language is often adopted in systems for pervasive computing, because it provides a convenient way to define rules that change the behavior of the systems dynamically. Those systems might define rules that refer to the users' context information to provide context-aware services. For example, a smart-home application could define rules referring to the location of a user to control the light of a house automatically. In general, the context information is maintained in different administrative domains, and it is, therefore, desirable to construct a proof in a distributed way while preserving each domain's confidentiality policies. In this paper, we introduce such a system, a secure distributed proof system for context-sensitive authorization and show that our novel caching and revocation mechanism improves the performance of the system, which depends on public key cryptographic operations to protect confidential information in rules and facts. Our revocation mechanism maintains dependencies among facts and recursively revokes across multiple hosts all the cached facts that depend on a fact that has become invalid. Our initial experimental results show that our caching mechanism, which maintains both positive and negative facts, significantly reduces the latency for handling a logical query.

show abstract

Securing context-aware applications using environment roles

Cited by 326 publications

References 12 publications

Context-Aware Role Based Access Control Using User Relationship

Context-Aware Role Based Access Control Using User Relationship

A Statistical Indoor Localization Method for Supporting Location-based Access Control

Scalability in a Secure Distributed Proof System

Contact Info

Product

Resources

About