1 / 12

Patterns for Location and Context-based access control

Patterns for Location and Context-based access control . PhD Dissertation Progress Report Candidate: Alvaro E. Escobar Advisors: Dr. Eduardo Fernandez Dr. Maria Petrie. Department of Computer Science and Engineering Florida Atlantic University, Boca Raton FL. What is not Context?.

jerold
Download Presentation

Patterns for Location and Context-based access control

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Patterns for Location and Context-based access control PhD Dissertation Progress Report Candidate: Alvaro E. Escobar Advisors: Dr. Eduardo Fernandez Dr. Maria Petrie Department of Computer Science and Engineering Florida Atlantic University, Boca Raton FL.

  2. What is not Context? • Is not simply the state of a predefined environment with a fixed set of interaction resources. • Is not Attribute/Value pairs that only define or represent or describe user’s state in a static way.

  3. What is Context? • The set of facts and/or circumstances that surround a situation or event. [Google]. • Context is a process of interacting with an ever-changing environment composed of reconfigurable, migratory, distributed, and multi-scale resources. [Cou05]. • Context is the logical set of resources accessible to a client during a service session depending on several factors, such as client location, access device capabilities, management policies of the access locality, subscribed services, user preferences, and level of trust. [Bel03]. • The view of context-as-process is more flexible than the simpler view of context-as-state.

  4. What is Context made of? • Two critical sub-processes in context are:[Cou05]. • Recognize users’ goals, preferences and activities (a.k.a.Profiles). • Map them adaptively onto the population of available services andresources,filtered by access control Policies.

  5. What is Context made of? • UML Model 1: [Kir05]

  6. What is Context made of? • UML Model 2: [Kir05]

  7. What is a Profile? • Profiles represent characteristics, capabilities, and requirements of users, devices, and service components. [Bel03]. • User profiles maintain information about personal preferences, interests, security requirements, and subscribed services. • Device profiles report the hardware/software characteristics of the supported devices. • Service component profiles describe the interface of available service components as well as their properties relevant for binding management decisions, e.g., whether a service component can be copied and migrated over the network. • Site profiles provide a resource group abstraction, by listing all the resources currently available at one location.

  8. What is a Profile? • Profiles are both: [Kir05] • Descriptions of user’s potential contexts. • Filtering rules that reflect user’s preferences, given a context.

  9. What is a Policy? • Policies express the choices of a ruling system behavior, in terms of the actions subjects can/must operate upon resources.[Bel03] • Access control policies specify the actions subjects are allowed to perform on resources depending on various types of conditions, e.g., subject identity and resource state; • Obligation policies define the actions subjects must perform on resources when specified conditions occur.

  10. What is a Policy? • Filtering process between profiles and events: [Kir05]

  11. What about Access Control (AC)? • The automatic qualification of accessible resources (AC) depends on the client location, the current enforced management policies in the hosting locality, and the user’s personal preferences (aka profiles). [Bel03]

  12. Patterns for Location and Context-based access control • References: • [Bel03] P. Bellavista, A. Corradi, R. Montanari, C. Stefanelli, “Context-Aware Middleware for Resource Management in the Wireless Internet”, IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, Vol. 29, No. 12, December 2003. Page 1086. • [Cou05] J. Coutaz, J. L. Crowley, S. Dobson & D. Garlan. “Context is key”. COMMUNICATIONS OF THE ACM March 2005/Vol. 48, No. 3. Page 49. • [Sch95] W. N. Schilit. “A System Architecture for Context-Aware Mobile Computing”. PhD thesis dissertation. COLUMBIA UNIVERSITY 1995. • [Kir05] M. Kirsch-Pinheiro, M. Villanova-Oliver, J. Gensel, H. Martin. “Context-Aware Filtering for Collaborative Web Systems: Adapting the Awareness Information to the User’s Context” 2005 ACM Symposium on Applied Computing. SAC’05, March 13-17, 2005, Santa Fe, New Mexico, USA.

More Related