1 / 18

Contexts and Context-based Access Control Model

Contexts and Context-based Access Control Model. PhD Dissertation Progress Report Candidate: Alvaro E. Escobar Advisors: Dr. Maria Petrie Dr. Eduardo Fernandez . Department of Computer Science and Engineering Florida Atlantic University, Boca Raton FL. 12/15/2005. Agenda.

tom
Télécharger la présentation

Contexts and Context-based Access Control Model

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Contexts and Context-based Access Control Model PhD Dissertation Progress Report Candidate: Alvaro E. Escobar Advisors: Dr. Maria Petrie Dr. Eduardo Fernandez Department of Computer Science and Engineering Florida Atlantic University, Boca Raton FL. 12/15/2005

  2. Agenda • What is Context? • Context Models • What is Profile • Profile Models • Policy and Access Control • Access Control Models • Conclusions • Future Work

  3. What is Context? • The set of facts and/or circumstances that surround a situation or event. [Google]. • The location and identities of nearby people and objects and changes to those objects. [Sch95] • The logical set of resources accessible to a client during a service session depending on several factors, such as client location, access device capabilities, management policies of the access locality, subscribed services, user preferences, and level of trust. [Bel03] [Cor04] • The composition of context elements which belong to either physical or organizational contexts. The physical context identifies spaces, locations and devices. The organizational context includes roles, groups, calendars, activities, processes and applications. [Kir05] • Is a process of interacting with an ever-changing environment composed of reconfigurable, mobile and distributed resources. [Cou05]. • Is a distinction between the notion of an instant snapshot of observable variables (a situation) and the composition of those observable variables over time (a context) [Cou02].

  4. Context Models Corradi’s Context and Access Control Model

  5. Context Models Kirsch-Pinheiro’s Class model for Context – Part 1(Taken from [Kir05])

  6. Context Models Kirsch-Pinheiro’s Class model for Context – Part 2(Taken from [Kir05])

  7. Figure 4 Coutaz’s Class model for Context Context Models

  8. What is Context made of? • Critical sub-processes of a context are: • Collect the set of locally available resources. (resources potentially visible in the user’s physical location) • Filter the visible resources through access control policies. (refined potentially visible resources) • Map them onto the users’ goals, preferences and activities described by profiles. (refine resources even more) • Resources vs Observables. (What about time?)

  9. What is a Profile? • Profiles represent characteristics, capabilities, and requirements of users, devices, and service components. [Bel03]. • User profiles: personal preferences, interests, privacy requirements, and subscribed services. • Device profiles: hardware/software characteristics of devices. • Service component profiles: service interface, properties for binding management decisions. • Site profiles: All resources available at one location.

  10. What is a Profile? • Descriptions of user’s potential contexts and filtering rules that describe the user’s preferences, given a context [Kir05] • Comprehensive Structured Context Profiles (CSCP); based on the Resource Description Framework (RDF) [Buc04],[[Bra01]

  11. Profile Models Corradi’s Profile Model

  12. Kirsch-Pinheiro Class model for a General Profile [Kir05] Profile Models

  13. Policy and Access Control • Policies express the choices of a ruling system behavior, in terms of the actions subjects can/must operate upon resources.[Bel03] • Access control policies specify the actions subjects are allowed to perform on resources depending on various types of conditions, e.g., subject identity and resource state; • Obligation policies define the actions subjects must perform on resources when specified conditions occur. • The automatic qualification of accessible resources depends on the client context, the current enforced management policies and the user’s personal preferences (profiles). [Cor04]

  14. Access Control Model Corradi’s Access Control Model

  15. Unified Context-based Access Control Model. Context and CBAC Model

  16. Conclusions • Context is a fundamental concept in mobile systems. • Different researchers use different variations of context. • We have tried here to unify and clarify this concept from three definitions of context. • We produced a model that summarizes their most relevant aspects. • This unified model can be expressed as a pattern and can be used as a guideline for the design of mobile systems.

  17. Future Work • Work on the pattern model and characteristics. • Paper submission for International Workshop on Research Challenges in Security and Privacy for Mobile and Wireless Networks (WSPWN06) - March 15-16, 2006, Miami FL. • Context-Aware Web Services Distributed and Parallel Databases Journal - Submission deadline: March 15, 2006. • AMCIS Minitrack on Mobile Services - Submission deadline: March 1, 2006. • Dissertation document completed by end of Summer ’06.

  18. Contexts and Context-based Access Control Model • References: • [Bel03] P. Bellavista, A. Corradi, R. Montanari, C. Stefanelli, “Context-Aware Middleware for Resource Management in the Wireless Internet”, IEEE Transactions on Software Engineering. Vol. 29, No. 12, December 2003. Page 1086. • [Cor04] A. Corradi, R. Montanari, D. Tibaldi, “Context-Based Access Control Management in Ubiquitous Environments”, Network Computing and Applications, Proceeding of the Third IEEE International Symposium on (NCA'04), August 30 - September 01, 2004, Boston, MA. • [Cou05] J. Coutaz, J. L. Crowley, S. Dobson & D. Garlan. “Context is key”. Communications of the ACM. March 2005/Vol. 48, No. 3. Page 49. • [Cou02] J. Coutaz and G. Rey. “Foundations for a theory of contextors”. Computer Aided Design of User Interfaces, Springer Verlag, 2002. • [Cro02] J. Crowley, J. Coutaz, G. Rey, and P. Reignier. “Perceptual components for context-aware computing”. Proceedings of the Fourth International Conference of Ubiquitous Computing, (Göteburg, Sweden, Sept./Oct. 2002). Springer, 117–134. • [Fer05] E. B. Fernandez, M. M. Larrondo-Petrie, T. Sorgente, and M. VanHilst, "UML as a generalized access control model ".   Florida Atlantic University. • [Kir05] M. Kirsch-Pinheiro, M. Villanova-Oliver, J. Gensel, H. Martin. “Context-Aware Filtering for Collaborative Web Systems: Adapting the Awareness Information to the User’s Context” 2005 ACM Symposium on Applied Computing. SAC’05, March 13-17, 2005, Santa Fe, New Mexico, USA. • [Lem04] T. Lemlouma, N. Layaïda, Context-aware adaptation for mobile devices. Proceedings of the IEEE International Conference on Mobile Data Management (Berkeley, CA, USA, January 19-22, 2004). IEEE, 106-111. • [Mon03] R. Montanari, P. Bellavista, A. Corradi, C.Stefanelli, “Dynamic Binding in Mobile Applications: a Middleware Approach”, IEEE Internet Computing, Special Issue on “Mobile Applications”, Vol. 7, No. 2, March/April 2003. • [Sch95] W. N. Schilit. “A System Architecture for Context-Aware Mobile Computing”. PhD thesis dissertation. Columbia University, 1995.

More Related