Dynamic trust domains for secure, private, technology-assisted living

Large scale distributed systems comprising many administration domains have been well-researched. An example is a national health service, with domains such as primary care practices, hospitals, specialist clinics, etc. A new and relatively unexplored scenario is technology-assisted living, in which domains are small, dynamically created, and is associated with units of personal living. There is a great deal of commercial interest in providing technology to support assisted living, but services are created in isolation. We explore how such services could be integrated with a system that can ensure security and privacy. We propose to audit both system behaviour and the actions of principals, holding particular regard to the fulfillment of their obligations, to establish a computational expression of the trust to be associated with each principal

[1]  Ross J. Anderson,et al.  A security policy model for clinical information systems , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[2]  Ying Liu,et al.  A Practical Synthesis of Dynamic Role Settings in Telecare Services , 2007, First International Conference on the Digital Society (ICDS'07).

[3]  Jean Bacon,et al.  Integrating databases with publish/subscribe , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[4]  Jean Bacon,et al.  A model of OASIS role-based access control and its support for active security , 2002, ACM Trans. Inf. Syst. Secur..

[5]  Andrew Twigg,et al.  Distributed Approximation of Fixed-Points in Trust Structures , 2004 .

[6]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[7]  David M. Eyers,et al.  OASIS role-based access control for electronic health records , 2006, IEE Proc. Softw..

[8]  Jean Bacon,et al.  Access control and trust in the use of widely distributed services , 2001, Softw. Pract. Exp..

[9]  Jean Bacon,et al.  Trust for Ubiquitous, Transparent Collaboration , 2003, Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003. (PerCom 2003)..

[10]  Ken Moody Coordinating Policy for Federated Applications , 2000, DBSec.

[11]  Bruce Schneier,et al.  Secrets and Lies: Digital Security in a Networked World , 2000 .

[12]  Karl Krukow,et al.  Towards a Theory of Trust for the Global Ubiquitous Computer , 2006 .

[13]  Jean Bacon,et al.  Trust for Ubiquitous, Transparent Collaboration , 2004, Wirel. Networks.

[14]  Ravi S. Sandhu,et al.  The NIST model for role-based access control: towards a unified standard , 2000, RBAC '00.

[15]  Ying Liu,et al.  On Smart-Care Services: Studies of Visually Impaired Users in Living Contexts , 2007, First International Conference on the Digital Society (ICDS'07).

[16]  David M. Eyers,et al.  Securing Publish/Subscribe for Multi-domain Systems , 2005, Middleware.

[17]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.