A Contextual Attribute-Based Access Control Model
The emergence of ubiquitous mobile devices, such as MP3 players, cellular phones, PDAs, and laptops, has sparked the growth of rich, mobile applications. Moreover, these applications are increasingly “aware” of the user and her surrounding environment. Dynamic mobile environments are generating new requirements – such as allowing users to access real-time, customized services on-demand and with no prior registration – that are not currently addressed by existing approaches to authorization. We investigate using contextual information present in the user’s operating environment, such as a user’s location, for defining an authorization policy. More precisely, we have defined an access control model that uses contextual attributes to capture the dynamic properties of a mobile environment, including attributes associated with users, objects, transactions, and the environment. Our Contextual Attribute-Based Access Control model lends itself more naturally to a mobile environment where subjects and objects are dynamic. Our authorization model promotes the adoption of many revolutionary mobile applications by allowing for the specification of flexible access control policies.
KeywordsAccess Control Object Attribute User Attribute Access Control Policy Access Control Model
Unable to display preview. Download preview PDF.
- 1.Sastry, M.R., Covington, M.J.: Attribute-based authentication using trusted platforms. In: Proceedings of the 8th International Symposium on Wireless Personal Multimedia Communications (WPMC 2005), Aalborg, Denmark (2005); Special Session on Platform SecurityGoogle Scholar
- 3.Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role based access control models. IEEE Computer 2 (1996)Google Scholar
- 4.Covington, M.J., Long, W., Srinivasan, S., Dey, A., Ahamad, M., Abowd, G.: Securing context-aware applications using environment roles. In: Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT), Chantilly, Virginia, USA, pp. 10–20 (2001)Google Scholar
- 6.Giuri, L., Iglio, P.: Role templates for content-based access control. In: Proceedings of the Second ACM Workshop on Role Based Access Control, Fairfax, Virginia, USA, pp. 153–159 (1997)Google Scholar
- 7.Moyer, M.J., Ahamad, M.: Generalized role based access control. In: Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS), Mesa, Arizona, USA (2001)Google Scholar
- 9.Hulsebosch, R.J., Salden, A.H., Bargh, M.S., Ebben, P.W.G., Reitsma, J.: Context sensitive access control. In: Proceedings of the 10th ACM Symposium on Access Control Models and Technologies (SACMAT 2005), Stockholm, Sweden, pp. 111–119 (2005)Google Scholar