An Access Control Model for Ubiquitous Computing Application

Traditional computer system depends on access policy and user's identities to grant or deny their access to resources. The basic assumption in this system is the entities had been known. It is unsuitable to use identity-based access control in ubiquitous computing environment where entities are not foreknown to each other. In this paper, we present a trust based access control model to secure ubiquitous computing application. The resource-constrained trust negotiation is addressed to establish initial trust for authenticating strangers. By the initial trust, each user is arranged a role subset, and context information dynamic decides which role is active

[1]  Ninghui Li,et al.  Design of a role-based trust-management framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[2]  Frank Stajano,et al.  The Resurrecting Duckling - What Next? , 2000, Security Protocols Workshop.

[3]  Gregory D. Abowd,et al.  Securing context-aware applications using environment roles , 2001, SACMAT '01.

[4]  Mustaque Ahamad,et al.  Generalized role-based access control , 2001, Proceedings 21st International Conference on Distributed Computing Systems.

[5]  Marianne Winslett,et al.  Negotiating Trust on the Web , 2002, IEEE Internet Comput..

[6]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[7]  Timothy W. Finin,et al.  Communications - Trust-Based Security in Pervasive Computing Environments , 2001, Computer.

[8]  K.E. Seamons,et al.  Automated trust negotiation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[9]  Trent Jaeger,et al.  Proceedings of the sixth ACM symposium on Access control models and technologies , 2001 .

[10]  Ninghui Li,et al.  Towards practical automated trust negotiation , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[11]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[12]  Chris McDonald,et al.  Kerberos Assisted Authentication in Mobile Ad-hoc Networks , 2004, ACSC.

[13]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[14]  Pradip Lamsal Requirements for Modeling Trust in Ubiquitous Computing and Ad Hoc Networks , 2002 .

[15]  Timothy W. Finin,et al.  Moving from Security to Distributed Trust in Ubiquitous Computing Environments , 2001 .

[16]  Marianne Winslett,et al.  Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation , 2003, TSEC.

[17]  Ninghui Li,et al.  Safety in Automated Trust Negotiation , 2004, IEEE Symposium on Security and Privacy.

[18]  David K. Vawdrey,et al.  Trust negotiation for authentication and authorization in healthcare information systems , 2003, Proceedings of the 25th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (IEEE Cat. No.03CH37439).

[19]  N. Asokan,et al.  Key agreement in ad hoc networks , 2000, Comput. Commun..

[20]  Kent E. Seamons,et al.  Content-triggered trust negotiation , 2004, TSEC.