CA-UCON: a context-aware usage control model

Usage CONtrol (UCON) model is the latest major enhancement of the traditional access control models which enables mutability of subject and object attributes, and continuity of control on usage of resources. In UCON, access permission decision is based on three factors: authorisations, obligations and conditions. While authorisations and obligations are requirements that must be fulfilled by the subject and the object, conditions are subject and object independent requirements that must be satisfied by the environment. As a consequence, access permission may be revoked (and the access stopped) as a result of changes in the environment regardless of whether the authorisations and obligations re-quirements are met. This constitutes a major shortcoming of the UCON model in pervasive computing systems which constantly strive to adapt to environmental changes so as to minimise disruptions to the user. To overcome this limitation, this paper proposes a Context-Aware Usage CONtrol (CA-UCON) model which extends the traditional UCON model to enable adaptation to environmental changes in the aim of preserving continuity of access. When the authori-sations and obligations requirements are met by the subject and the object, and the conditions requirements fail due to changes in the environment or the system context, CA-UCON model triggers specific actions to adapt to the new situation. Besides the data protection. CA-UCON model so enhances the quality of services, striving to keep explicit interactions with the user at a minimum.

[1]  Ting Li,et al.  Context-Aware Environment-Role-Based Access Control Model for Web Services , 2008, 2008 International Conference on Multimedia and Ubiquitous Engineering (mue 2008).

[2]  Young Ik Eom,et al.  Adaptive Access Control Scheme Utilizing Context Awareness in Pervasive Computing Environments , 2008, 2008 IEEE International Performance, Computing and Communications Conference.

[3]  Hong Fan,et al.  A context-aware role-based access control model for Web services , 2005, IEEE International Conference on e-Business Engineering (ICEBE'05).

[4]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[5]  Fan Hong,et al.  A Context-Aware Role-Based Access Control Model for Web Services , 2005, ICEBE.

[6]  Morteza Amini,et al.  A Context-Aware Access Control Model for Pervasive Computing Environments , 2007 .

[7]  Hervé Martin,et al.  A generalized context-based access control model for pervasive environments , 2009, International Workshop on Security and Privacy in GIS and LBS.

[8]  Zhou Zhu,et al.  A Context-Aware Access Control Model for Pervasive Computing in Enterprise Environments , 2008, 2008 4th International Conference on Wireless Communications, Networking and Mobile Computing.

[9]  Stavros A. Koubias,et al.  A dynamic context-aware access control architecture for e-services , 2006, Comput. Secur..

[10]  Morteza Amini,et al.  A Context-Aware Access Control Model for Pervasive Computing Environments , 2007, The 2007 International Conference on Intelligent Pervasive Computing (IPC 2007).