Distributed, Uncertainty-Aware Access Control for Pervasive Computing

Access control to sensitive resources in pervasive computing needs to take uncertainty into account. Previous research has developed uncertainty-aware access-control models for environments that are managed by a centralized administrator. We demonstrate that environments managed in a distributed way require a more powerful model. Furthermore, we point out additional challenges that need to be considered when deploying uncertainty-aware access control, namely, identifying and authenticating both people and their intended actions, associating uncertainty with time, providing monotonicity, and defending against Sybil attacks. We present an access-control model that addresses these challenges and discuss a sample implementation

[1]  Gregory R. Ganger,et al.  Authentication confidences , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.

[2]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[3]  Jadwiga Indulska,et al.  Scalable Location Management for Context-Aware Systems , 2003, DAIS.

[4]  Joan Feigenbaum,et al.  Compliance Checking in the PolicyMaker Trust Management System , 1998, Financial Cryptography.

[5]  Roy H. Campbell,et al.  Reasoning about Uncertain Contexts in Pervasive Computing Environments , 2004, IEEE Pervasive Comput..

[6]  David Kotz,et al.  Secure Context-Sensitive Authorization , 2005, PerCom.

[7]  Lujo Bauer,et al.  A General and Flexible Access-Control System for the Web , 2002, USENIX Security Symposium.

[8]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[9]  Peter Steenkiste,et al.  Avoiding Privacy Violations Caused by Context-Sensitive Services , 2006, PerCom.

[10]  Fabien L. Gandon,et al.  A Semantic E-Wallet to Reconcile Privacy and Context Awareness , 2003, SEMWEB.

[11]  Andrew W. Appel,et al.  Access control for the web via proof-carrying authorization , 2003 .

[12]  Irfan A. Essa,et al.  Parameterized Authentication , 2004, ESORICS.

[13]  Ronald Fagin,et al.  Reasoning about knowledge and probability , 1988, JACM.

[14]  A. Jøsang Artificial Reasoning with Subjective Logic , 2008 .

[15]  Harry Chen,et al.  SOUPA: standard ontology for ubiquitous and pervasive applications , 2004, The First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 2004. MOBIQUITOUS 2004..