Skip to main content
Article thumbnail
Location of Repository

Context-aware Authorization in Highly Dynamic Environments

By Jean-Yves TIGLI, Stephane LAVIROTTE, Gaetan REY, Vincent Hourdin and Michel RIVEILL

Abstract

Highly dynamic computing environments, like ubiquitous and pervasive computing environments, require frequent adaptation of applications. Context is a key to adapt suiting user needs. On the other hand, standard access control trusts users once they have authenticated, despite the fact that they may reach unauthorized contexts. We analyse how taking into account dynamic information like context in the authorization subsystem can improve security, and how this new access control applies to interaction patterns, like messaging or eventing. We experiment and validate our approach using context as an authorization factor for eventing in Web service for device (like UPnP or DPWS), in smart home security

Topics: Dynamical Systems
Publisher: International Journal of Computer Science Issues, IJCSI
Year: 2009
OAI identifier: oai:cogprints.org:6709

Suggested articles

Citations

  1. (2000). A contextsensitiveaccess control model and prototype implementation,”
  2. (2002). A model of OASIS rolebased access control and its support for active security,”
  3. (2008). Access control in publish/subscribe systems,”
  4. (1994). Access control: principle and practice,”
  5. (2006). Avoiding privacy violations caused by context-sensitive services,”
  6. (2002). Context authentication using constrained channels,”
  7. (2005). Context is key,”
  8. (2005). Context sensitive access control,”
  9. (2002). Context sensitivity in role-based access control,”
  10. (2005). Context-aware access control mechanism for ubiquitous applications,”
  11. (2006). Context-aware provisional access control,”
  12. (2009). Mobilegov Access Control®” See related information on http://www.mobilegov.com/,
  13. (2003). Modelling contexts in the OrBAC model,”
  14. (2004). Models, protocols, and architectures for secure pervasive computing: Challenges and research directions,”
  15. (2003). On context in authorization policy,”
  16. (1967). Privacy and freedom.
  17. (1998). Realization of a context-dependent access control mechanism on a commercial platform,”
  18. (2005). Secure context-sensitive authorization,”
  19. (1991). The computer for the twenty-first century”.
  20. (2003). The many faces of publish/subscribe,”

To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.