Implementing access control to people location information

Ubiquitous computing uses a variety of information for which access needs to be controlled. For instance, a person's current location is asensitive piece of information, which only authorized entities should be able to learn. Several challenges arise in the specification and implementation of policies controlling access to location information. For example, there can be multiple sources of location information, the sources can be within different administrative domains, different administrative domains might allow different entities to specify policies, and policies need to be flexible. Weaddress these issues in our design of an access control mechanism for a people location system. Our design encodes policies as digital certificates. We present an example implementation based on SPKI/SDSI certificates. Using measurements, we quantify the influence of access control on query processing time. We also discuss trade-offs between RSA-based and DSA-based signature schemes for digital certificates.

[1]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[2]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[3]  Gregory D. Abowd,et al.  Securing context-aware applications using environment roles , 2001, SACMAT '01.

[4]  Paramvir Bahl,et al.  RADAR: an in-building RF-based user location and tracking system , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[5]  J. Feigenbaum,et al.  The KeyNote trust management system version2, IETF RFC 2704 , 1999 .

[6]  B. E. Eckbo,et al.  Appendix , 1826, Epilepsy Research.

[7]  Peter Steenkiste,et al.  Providing contextual information to ubiquitous computing applica-tions , 2002 .

[8]  Patrick D. McDaniel,et al.  On context in authorization policy , 2003, SACMAT '03.

[9]  Marvin Theimer,et al.  Providing location information in a ubiquitous computing environment (panel session) , 1994, SOSP '93.

[10]  David Garlan,et al.  Project Aura: Toward Distraction-Free Pervasive Computing , 2002, IEEE Pervasive Comput..

[11]  Jeff Magee,et al.  Security Considerations for a Distributed Location Service , 1998, Journal of Network and Systems Management.

[12]  Mike Spreitzer,et al.  Providing Location Information in a Ubiquitous Computing Environment , 1994, Mobidata.

[13]  Jean Bacon,et al.  Trust for Ubiquitous, Transparent Collaboration , 2003, Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003. (PerCom 2003)..

[14]  Tuomas Aura,et al.  Privacy and Accountability in Certificate Systems , 2000 .

[15]  Hari Balakrishnan,et al.  6th ACM/IEEE International Conference on on Mobile Computing and Networking (ACM MOBICOM ’00) The Cricket Location-Support System , 2022 .

[16]  Karen R. Sollins,et al.  Cascaded authentication , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[17]  Elisa Bertino,et al.  TRBAC , 2001, ACM Trans. Inf. Syst. Secur..

[18]  Jon Howell,et al.  End-to-end authorization , 2000, OSDI.

[19]  Peter Steenkiste,et al.  Providing contextual information to pervasive computing applications , 2003, Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003. (PerCom 2003)..

[20]  A. Harter,et al.  A distributed location system for the active office , 1994, IEEE Network.

[21]  Elisa Bertino,et al.  Trust-Chi: An XML Framework for Trust Negotiations , 2003, Communications and Multimedia Security.

[22]  B. Clifford Neuman,et al.  Proxy-based authorization and accounting for distributed systems , 1993, [1993] Proceedings. The 13th International Conference on Distributed Computing Systems.

[23]  Joan Feigenbaum,et al.  The KeyNote Trust-Management System Version 2 , 1999, RFC.

[24]  Timothy W. Finin,et al.  Trust-Based Security in Pervasive Computing Environments , 2022 .

[25]  Andy Hopper,et al.  A new location technique for the active office , 1997, IEEE Wirel. Commun..