Abstract
Alice first meets Bob in an entertainment shop, then, they wish to share multimedia content, but Do they know what are trustworthy users? How do they share such information in a secure way? How do they establish the permissions? Pervasive computing environments originate this kind of scenario, users with their personal devices interacting without need of wires, by forming ad-hoc networks. Such devices considered pervasive are having increasingly faster processors, larger memories and wider communication capabilities, which allows certain autonomy for collaborating and sharing resources. So, they require a suitable access control in order to avoid unauthorised access, or disclosure/modification of relevant information; in general, to protect the data that are usually confidential and the resources. This paper presents a distributed solution for access control, making use of the autonomy and cooperation capability of the devices, since in open dynamic environments is very difficult to depend on central server. The access control is based on a pervasive trust management model from which trust degrees are dynamically obtained. We present the TrustAC reference and functional model, as well as a prototype implementation using XACML-compliant policies.
Thanks to UBISEC (IST STREP 506926) and EVERYWARE (MCyT N∘ 2003-08995-C02-01) projects.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Barkley, J.: Security in Open System. Technical report, National Institute of Standards and Technology(NIST)(1994)
Ferraiolo, D., Cugini, J., Jun, D.: Role based access control (RBAC). National Institute of Standards and Technology, NIST (1992), http://csrc.nist.gov/rbac/
Farrell, S., Housley, R.: An internet attribute certificate profile for authorization, IETF RFC 3281 (2002), http://www.ietf.org/rfc/rfc3281.txt
Ellison, C.: SPKI Requirements. Technical Report RFC 2692, IETF Network Working Group (1999)
Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T.: SPKI Certificate theory. Technical Report RFC 2693, IETF Network Working Group (1999)
Rivest, R., Lampson, B.: SDSI - a simple distributed security infrastructure. In: Presented at CRYPTO 1996 Rumpsession (1996)
Ellison, C.: SPKI/SDSI certificates (2004), http://world.std.com/cme/html/spki.html
Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote trust management system. Internet Request for Comment RFC 2704, Internet Engineering Task Force, IETF (1999)
OASIS: Security Assertion Markup Language (SAML), http://www.saml.org , http://www.oasis-open.org/committees/security (2002)
Almenßrez, F., Marfn, A., Campo, C., Garcfa, C.: PTM: A Pervasive Trust Management Model for Dynamic Open Environments. In: First Workshop on Pervasive Security, Privacy and Trust PSPT 2004 in conjuntion with Mobiquitous 2004 (2004)
Zimmermann, P.: The Official PGP User’s Guide. MIT Press, Cambridge (1995)
Jøsang, A.: An algebra for assessing trust in certification chains. In: Network and Distributed Systems Security (NDSS 1999) Symposium, The Internet Society (1999)
Yavatkar, R., Pendarakis, D., Guerin, R.: A framework for policy-based admission control. Internet Request for Comment RFC 2753, Internet Engineering Task Force (IETF) (2000)
Godik, S., Moses, T. (eds.): extensible access control markup language (XACML). OASIS eXtensible Access Control Markup Language TC (2003)
Proctor, S.: Sun’s XACML implementation. Sun Microsystems Laboratories (2003), http://sunxacml.sourceforge.net/
Anderson, A.: XACML profile for role based access control (RBAC), version 2.0 (2004), http://www.oasis-open.org/committees/download.php/6806/wd-xacml-rbac-profile-02.1.pdf
Ferraiolo, D., Cugini, J., Kuhn, R.: Role based access control (RBAC): Features and motivations. In: Annual Computer Security Applications Conference. IEEE Computer Society Press, Los Alamitos (1995)
Curphey, M., Endler, D., Hau, W., Taylor, S., Smith, T., Russell, A., McKenna, G., Parke, R., McLaughlin, K.: A guide to building secure web applications. Technical report, The Open Web Application Security Project (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Almenárez, F., Marín, A., Campo, C., García R., C. (2005). TrustAC: Trust-Based Access Control for Pervasive Devices. In: Hutter, D., Ullmann, M. (eds) Security in Pervasive Computing. SPC 2005. Lecture Notes in Computer Science, vol 3450. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11414360_22
Download citation
DOI: https://doi.org/10.1007/11414360_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25521-5
Online ISBN: 978-3-540-32004-3
eBook Packages: Computer ScienceComputer Science (R0)