Towards Shrink-Wrapped Security: Practically Incorporating Context Into Security Services

Abstract The mobile workforce is rapidly increasing, and technological advances make it feasible for these workers to have ubiquitous access to a variety of resources with various protection requirements. The dynamic computing environment of these workers mandates a security paradigm in which security is tightly coupled with a user's current situation. We have proposed a security paradigm to achieve this, called Shrink-Wrapped Security, in which security is constantly adapting to a user's current situation, and a comprehensive amount of security-relevant context is used to characterize a user's situation. We present an approach that uses generalized annotated programs (GAPs) to practically incorporate such context into security services, with a focus on access control. This allows us to represent context in a principled manner; consistently make security-related decisions; easily make temporary, ad-hoc changes to a security policy; and give a user feedback when access is denied so that she can make the appropriate adjustments.

[1]  Seng Wai Loke,et al.  Logic Programming for Context-Aware Pervasive Computing: Language Support, Characterizing Situations, and Integration with the Web , 2004, IEEE/WIC/ACM International Conference on Web Intelligence (WI'04).

[2]  Elisa Bertino,et al.  A unified framework for enforcing multiple access control policies , 1997, SIGMOD '97.

[3]  Gleneesha M. Johnson Towards shrink-wrapped security: A taxonomy of security-relevant context , 2009, 2009 IEEE International Conference on Pervasive Computing and Communications.

[4]  Roy H. Campbell,et al.  An infrastructure for context-awareness based on first order logic , 2003, Personal and Ubiquitous Computing.

[5]  Manoj R. Sastry,et al.  A Contextual Attribute-Based Access Control Model , 2006, OTM Workshops.

[6]  V. S. Subrahmanian,et al.  Theory of Generalized Annotated Logic Programming and its Applications , 1992, J. Log. Program..

[7]  Peter J. Stuckey,et al.  Flexible access control policy specification with constraint logic programming , 2003, TSEC.

[8]  Ashok K. Agrawala,et al.  A Framework for Shrink-Wrapping Security Services , 2010, 2010 IEEE International Conference on Services Computing.

[9]  Charles P. Pfleeger,et al.  Security in computing , 1988 .

[10]  Lalana Kagal,et al.  A Semantic Context-Aware Access Control Framework for Secure Collaborations in Pervasive Computing Environments , 2006, SEMWEB.

[11]  Gregory D. Abowd,et al.  Towards a Better Understanding of Context and Context-Awareness , 1999, HUC.

[12]  Zahir Tari,et al.  On the Move to Meaningful Internet Systems. OTM 2018 Conferences , 2018, Lecture Notes in Computer Science.