Abstract
The widespread diffusion of wireless-enabled portable devices creates novel opportunities for users to share resources anywhere and anytime, but makes access control a crucial issue. User/device mobility and heterogeneity, together with network topology and conditions variability, complicate access control and call for novel solutions to dynamically adapt access decisions to the different operating conditions. Several research efforts have emerged in recent years that propose to exploit context-awareness to control access to resources based on context visibility and changes. Context-based access control requires, however, to take into account the quality of context information used to drive access decisions (QoC). Quality of context has in fact a profound impact on the correct behavior of any context-aware access control framework. Using context information with insufficient quality might increase the risk of incorrect access control decisions, thus leading to dangerous security breaches in resource sharing. In this paper we propose a QoC-aware approach to access control for anywhere, anytime resource sharing. The paper describes the design, implementation and evaluation of the Proteus policy framework, which combines two design guidelines to enable dynamic adaptation of policies depending on context changes: context-awareness with QoC guarantees and semantic technologies to allow high-level description of context/policy specification and reasoning about context/policies.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-3-642-01802-2_30
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Toninelli, A., et al.: A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In: ISWC, pp. 473–486 (2006)
Dey, A.K.: Understanding and using context. Personal and Ubiquitous Computing 5(1), 4–7 (2001)
Sandhu, R.S., et al.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)
Buchholz, T., Kupper, A., Schiffer, M.: Quality of context: What it is and why we need it. In: HPOVUA 2003 (2003)
van Sinderen, M., et al.: Supporting context-aware mobile applications: an infrastructure approach. Communications Magazine 44(9), 96–104 (2006)
Lassila, O., Khushraj, D.: Contextualizing applications via semantic middleware. In: MOBIQUITOUS 2005, pp. 183–191. IEEE Computer Society, Washington (2005)
Kim, Y., Lee, K.: A quality measurement method of context information in ubiquitous environments. In: ICHIT 2006, vol. 2, pp. 576–581 (November 2006)
Riva, O.: Contory: A middleware for the provisioning of context information on smart phones. In: Middleware, pp. 219–239 (2006)
Covington, M.J., et al.: Securing context-aware applications using environment roles. In: SACMAT 2001, pp. 10–20. ACM, New York (2001)
Al-Muhtadi, J., et al.: Cerberus: a context-aware security scheme for smart spaces. In: PerCom 2003, pp. 489–496 (March 2003)
Dersingh, A., Liscano, R., Jost, A.: Utilizing semantic knowledge for access control in pervasive and ubiquitous systems. In: WIMOB 2008, pp. 435–441 (October 2008)
Lachmund, S., et al.: Context-aware access control; making access control decisions based on context information. In: Mobiquitous 2006, pp. 1–8 (July 2006)
Tang, S., Yang, J., Wu, Z.: A context quality model for ubiquitous applications. In: IFIP NPC Workshops, pp. 282–287 (September 2007)
Bu, Y., et al.: Managing quality of context in pervasive computing. In: QSIC 2006, pp. 193–200 (October 2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Toninelli, A., Corradi, A., Montanari, R. (2009). A Quality of Context-Aware Approach to Access Control in Pervasive Environments. In: Bonnin, JM., Giannelli, C., Magedanz, T. (eds) MobileWireless Middleware, Operating Systems, and Applications. MOBILWARE 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 7. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01802-2_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-01802-2_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01801-5
Online ISBN: 978-3-642-01802-2
eBook Packages: Computer ScienceComputer Science (R0)