A flexible security architecture for pervasive computing environments

In the future, a largely invisible and ubiquitous computing infrastructure will assist people with a variety of activities in the home and at work. The applications that will be deployed in such systems will create and manipulate private information and will provide access to a variety of resources and services. Clearly, the successful deployment of such applications will depend on our ability to secure them. In particular, we will have to ensure that access to information and services is granted only to authorized users, without requiring them to deal with complex security policies or burdensome authentication procedures. We address the problem of securing applications that will access and control information resources in context-aware environments. Specifically, we have designed security services that are adaptable, in the sense that they make use of contextual information to provide flexible system access and policy enforcement. Our contributions include a flexible access control model that makes significant use of context in policy definition, a technique that provides enhanced authentication services and an architecture for secure context-aware computing.