Abstract
In conventional security systems, protected resources such as documents, hardware devices and software applications follow an On/Off access policy. On, allows to grant access and off for denying access. This access policy is principally based on the user’s identity and is static over time. As applications become more pervasive, security policies must become more flexible in order to respond to these highly dynamic computing environments. That is, security infrastructures will need to be sensitive to context. In order to meet these requirements, we propose a conceptual model for context-based authorizations tuning. This model offers a fine-grained control over access on protected resources, based on a set of user’s and environment state and information.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Brézillon, P., Pomerol, J-Ch.: Contextual Knowledge Sharing and Cooperation in Intelligent Assistant Systems. Le Travail Humain 62(3), PUF, Paris, (1999) 223–246
Balfanz, D., Dean, D., Spreitzer, M.: A Security Infrastructure for Distributed Java Applications. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, Oakland, California, (2000) 15–26
Wack, J.: Guidelines on Firewalls and Firewall Policy. Computer Security Division. Information Technology Laboratory. National Institute of Standards and Technology
Covington, M.J., Ahamad, M., Srinivasan, S.: A Security Architecture for Context-Aware Applications. Technical Report GIT-CC-01-12, College of Computing, Georgia Institute of Technology, May 2001
Covington, M.J., Fogla, P., Zhan, Z., Ahamad, M.: A Context-Aware Security Architecture for Emerging Applications. In Proceedings of the Annual Computer Security Applications Conference (ACSAC), Las Vegas, Nevada, USA, December 2002
Covington, M.J., Long, W., Srinivasan, S., Dey, D., Ahamad, M., Abowd., A.: Securing Context-Aware Applications Using Environment Roles. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT’ 01), Chantilly, Virginia, USA, May 2001
Masone, C.: Role Definition Language (RDL): A Language to Describe Context-Aware Roles. Dartmouth College, Computer Science. Hanover, NH. TR2002-426. May 2002
Shankar, N., Balfanz, D.: Enabling Secure Ad-hoc Communication Using Context-Aware Security Services. Extended Abstract. In Proceedings of UBICOMP2002-Workshop on Security in Ubiquitous Computing
Osbakk, P., Ryan, N.: Context Privacy, CC/PP, and P3P. In Proceedings of UBICOMP2002-Workshop on Security in Ubiquitous Computing
Schilit, B.N and Theimer, M.M.: Disseminating Active Map Information to Mobile Hosts. IEEE Network, 8(5): (1994) 22–32
Dey, A.K.: Understanding and Using Context. Personal Ubi Comp 5 (2001) 1, 4–7
Brézillon, P.: Using Context for Supporting Users Efficiently. Proceedings of the 36th Hawaii International Conference on Systems Sciences, HICSS-36, Track “Emerging Technologies”, R.H. Sprague (Ed.), Los Alamitos: IEEE, (2003)
Georgiadis C., Mavridis I., Pangalos G., Thomas, R.: Flexible Team-based Access Control Using Contexts. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001) ACM SIGSAC, Chantilly, VA, U.S.A, May 2001
Ferraiolo, D.F. and Kuhn, D.R.: Role Based Access Control. In Proceedings of the 15th National Computer Security Conference (1992)
Sandhu R. S., Coyne E. J., Feinstein H. L., and Youman C. E.: Role-Based Access Control Models. IEEE Computer, Volume 29, Number 2, February 1996, 38–47
Clancey, W. J.: The Epistimology of a Rule-Based Expert System: A Framework for Explanation. Artificial Intelligence Journal, 20(3): (1983) 197–204
Clancey, W. J.: Notes on “Epistimology of a Rule-Based Expert system”. Artificial Intelligence Journal, 59: (1993) 197–204
Kokinov, B.: A Dynamic Approach to Context Modeling. Proceedings of the IJCAI-95 Workshop on Modeling Context in Knowledge Representation and Reasoning. LAFORIA 95/11, (1995)
Bouquet, P., Serafini, L., Brezillon, P., Benerecetti, M., Castellani, F. (eds.): Modelling and Using Context. In Proceedings of the 2nd International and Interdisciplinary Conference, CONTEXT99, Lecture Notes in Artificial Intelligence, Vol. 1688, Springer Verlag, (1999)
Henricksen, K., Indulska, J., Rakotonirainy, A.: Modeling Context Information in Pervasive Computing Systems. In Proceedings of the 1st International Conference, Pervasive 2002-Zurich August 2002, Lecture Notes in Computer Science, Vol. 2414, Springer Verlag, (2002) 167–180
Hong, J.I.: The Context Fabric: An Infrastructure for Context-Aware Computing. Extended Abstract. Conference on Human Factors and Computing Systems, (2002) 554–555
White, J.E.: Mobile Agents. In I. Bradshaw and M. Jeffrey, editors, Software Agents. MIT Press and American Association for Artificial Intelligence, (1997)
Brézillon, P., Pasquier, L., Pomerol J-Ch.: Reasoning with contextual graphs. European Journal of Operational Research, 136(2): (2002) 290–298
Brézillon, P., Cavalcanti, M., Naveiro, R., Pomerol J-Ch.: SART: An intelligent assistant for subway control. Pesquisa Operacional, Brazilian Operations Research Society, 20(2): (2002) 247–268
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mostéfaoui, G.K., Brézillon, P. (2003). A Generic Framework for Context-Based Distributed Authorizations. In: Blackburn, P., Ghidini, C., Turner, R.M., Giunchiglia, F. (eds) Modeling and Using Context. CONTEXT 2003. Lecture Notes in Computer Science(), vol 2680. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44958-2_17
Download citation
DOI: https://doi.org/10.1007/3-540-44958-2_17
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40380-7
Online ISBN: 978-3-540-44958-4
eBook Packages: Springer Book Archive