Context-aware access control model for Smart-M3 platform

One of the main security problems of Smart-M3 platform is a lack of dynamic security management support. In particular, a new access control model for resource sharing is needed. The access control model should describe the current situation via a context. The paper proposes a model of the context-based access control for the information shared in a smart space based on the Smart-M3 platform. Micro virtualization mechanisms represented by virtual private smart spaces are the basis for the model, which is built on the combination of the role-based and attribute-based access control models. Roles are assigned dynamically based on the smart space participant's trust level. The role separation allows simplifying policies and makes them human-readable and easy to configure. The trust level calculation is based on the participant's context, which includes identification attributes; location; current date; device type, etc. Also, three kinds of security policy rules have been proposed. These rules are used to calculate the trust level, to assign roles based on the trust level, and to grant permissions to the smart space resources.

[1]  Jesus Fernandez Gomez-Pimpollo,et al.  Smart Objects for Intelligent Applications - ADK , 2010, 2010 IEEE Symposium on Visual Languages and Human-Centric Computing.

[2]  Bhavani M. Thuraisingham,et al.  A semantic web based framework for social network access control , 2009, SACMAT '09.

[3]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[4]  D. Richard Kuhn,et al.  Adding Attributes to Role-Based Access Control , 2010, Computer.

[5]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[6]  G. Kanaan,et al.  Ontology-Based Access Control Model for Semantic Web Services , 2011 .

[7]  Andrei Gurtov,et al.  Host identity protocol: identifier/locator split for host mobility and multihoming , 2009 .

[8]  Ronald Brown,et al.  Smart-M3 information sharing platform , 2010, The IEEE symposium on Computers and Communications.

[9]  Johan Lilius,et al.  A Framework for Context-Aware Applications for Smart Spaces , 2011, 2011 IEEE/IPSJ International Symposium on Applications and the Internet.

[10]  Sipi Dubey,et al.  Two Level Centre of Gravity Computation -An Important Parameter for Offline Signature Recognition , 2012 .

[11]  Zhengqiu He,et al.  Semantics-based Access Control Approach for Web Service , 2011, J. Comput..

[12]  Suresh Kumar,et al.  Comparative analysis of Role Base and Attribute Base Access Control Model in Semantic Web , 2012 .

[13]  Bhavani M. Thuraisingham,et al.  Semantic web-based social network access control , 2011, Comput. Secur..

[14]  Gregory D. Abowd,et al.  A Conceptual Framework and a Toolkit for Supporting the Rapid Prototyping of Context-Aware Applications , 2001, Hum. Comput. Interact..

[15]  Pekka Nikander,et al.  Host Identity Protocol , 2005 .

[16]  Roy H. Campbell,et al.  Cerberus: a context-aware security scheme for smart spaces , 2003, Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003. (PerCom 2003)..