Context-Aware and Adaptive Usage Control Model

Information protection is a key issue for the acceptance and adoption of pervasive computing systems where various portable devices such as smart phones, Personal Digital Assistants (PDAs) and laptop computers are being used to share information and to access digital resources via wireless connection to the Internet. Because these are resources constrained devices and highly mobile, changes in the environmental context or device context can affect the security of the system a great deal. A proper security mechanism must be put in place which is able to cope with changing environmental and system context. Usage CONtrol (UCON) model is the latest major enhancement of the traditional access control models which enables mutability of subject and object attributes, and continuity of control on usage of resources. In UCON, access permission decision is based on three factors: authorisations, obligations and conditions. While authorisations and obligations are requirements that must be fulfilled by the subject and the object, conditions are subject and object independent requirements that must be satisfied by the environment. As a consequence, access permission may be revoked (and the access stopped) as a result of changes in the environment regardless of whether the authorisations and obligations requirements are met. This constitutes a major shortcoming of the UCON model in pervasive computing systems which constantly strive to adapt to environmental changes so as to minimise disruptions to the user. We propose a Context-Aware and Adaptive Usage Control (CA-UCON) model which extends the traditional UCON model to enable adaptation to environmental changes in the aim of preserving continuity of access. Indeed, when the authorisation and obligations requirements are fulfilled by the subject and object, and the conditions requirements fail due to changes in the environmental or the system context, our proposed model CA-UCON triggers specific actions in order to adapt to the new situation, so as to ensure continuity of usage. We then propose an architecture of CA-UCON model, presenting its various components. In this model, we integrated the adaptation decision with usage decision architecture, the comprehensive definition of each components and reveals the functions performed by each components in the architecture are presented. We also propose a novel computational model of our CA-UCON architecture. This model is formally specified as a finite state machine. It demonstrates how the access request of the subject is handled in CA-UCON model, including detail with regards to revoking of access and actions undertaken due to context changes. The extension of the original UCON architecture can be understood from this model. The formal specification of the CA-UCON is presented utilising the Calculus of Context-aware Ambients (CCA). This mathematical notation is considered suitable for modelling mobile and context-aware systems and has been preferred over alternatives for the following reasons: (i) Mobility and Context awareness are primitive constructs in CCA; (ii) A system's properties can be formally analysed; (iii) Most importantly, CCA specifications are executable allowing early validation of system properties and accelerated development of prototypes. For evaluation of CA-UCON model, a real-world case study of a ubiquitous learning (u-learning) system is selected. We propose a CA-UCON model for the u-learning system. This model is then formalised in CCA and the resultant specification is executed and analysed using an execution environment of CCA. Finally, we investigate the enforcement approaches for CA-UCON model. We present the CA-UCON reference monitor architecture with its components. We then proceed to demonstrate three types of enforcement architectures of the CA-UCON model: centralised architecture, distributed architecture and hybrid architecture. These are discussed in detail, including the analysis of their merits and drawbacks

Formal Specification of CA-UCON model using CCA

A Context-Aware Usage CONtrol (CAUCON) model is an extension of the traditional UCON model which enables adaptation to environmental changes in the aim of preserving continuity of usage in a pervasive computing system. When the authorisations and obligations requirements are met by the subject and the object, and the conditions requirements fail due to changes in the environment or the system context, CAUCON model triggers specific actions to adapt to the new situation. Besides the data protection, CA-UCON model so enhances the quality of services, striving to keep explicit interactions with the user at a minimum. This paper proposes a formal specification of the CA-UCON model in the Calculus of Context-aware Ambients (CCA in short). This enables formal analysis of the CA-UCON model using the execution environment of CCA. For illustration, some properties of the CA-UCON model are validated for a ubiquitous learning system

Enforcement of CA-UCON Model

A Context-Aware Usage CONtrol (CA- UCON) model is an extension of the traditional UCON model which enable adaptation to environmental changes in the aim of preserving continuity of access. When the authorisations and obligations requirements are met by the subject and the object, and the conditions requirements fail due to changes in the environment or the system con- text, CA-UCON model triggers specific actions to adapt to the new situation. Besides the data protection, CA-UCON model so enhances the quality of services, striving to keep explicit interactions with the user at a minimum. In this paper, we propose an architecture of the reference monitor for the CA-UCON model and investigate a variety of enforcement approaches in ubiquitous computing systems; whether centralised, distributed or hybrid; depending on applications

Analysing Use Case Diagrams in a Calculus of Context-aware Ambients

Use case diagrams are an excellent tool for capturing and analyzing the functional requirements of a system under development. Context-aware use case diagrams are an extension of use case diagrams to cater for both the functional requirements and the context-awareness requirements of context-aware and pervasive systems. They provide (graphical) notations for specifying, visualizing and documenting the intended behavior of a context-aware system at an early stage of the system development life-cycle. This paper proposes an approach to analyzing context-aware use case diagrams usind a Calculus of Context-aware Ambients (CCA). An algorithm is proposed that translates a context-aware use case diagram into a CCA process. This process can then be analyzed using the CCA tools such as the simulator ccaPL which enables the execution of CCA processes and the model-checker ccaSPIN that can check automatically whether a CCA process satisfies a desired property, e.g. deadlock freedom and reachability. The proposed approach is evaluated using a real-word example of a context-aware pedestrian collision avoidance system

CA-UCON: A context-aware usage control model.

Usage CONtrol (UCON) model is the latest major enhance- ment of the traditional access control models which enables mutability of subject and object attributes, and continuity of control on usage of resources. In UCON, access permission decision is based on three factors: authorisations, obliga- tions and conditions. While authorisations and obligations are requirements that must be ful lled by the subject and the object, conditions are subject and object independent requirements that must be satis ed by the environment. As a consequence, access permission may be revoked (and the access stopped) as a result of changes in the environment regardless of whether the authorisations and obligations re- quirements are met. This constitutes a major shortcoming of the UCON model in pervasive computing systems which constantly strive to adapt to environmental changes so as to minimise disruptions to the user. To overcome this limita- tion, this paper proposes a Context-Aware Usage CONtrol (CA-UCON) model which extends the traditional UCON model to enable adaptation to environmental changes in the aim of preserving continuity of access. When the authori- sations and obligations requirements are met by the subject and the object, and the conditions requirements fail due to changes in the environment or the system context, CA- UCON model triggers speci c actions to adapt to the new situation. Besides the data protection, CA-UCON model so enhances the quality of services, striving to keep explicit interactions with the user at a minimum

Modelling Usage Control of a U-learning System using CA-UCON

A Context-Aware Usage CONtrol (CA-UCON) model is an extension of the traditional UCON model which enables adaptation to environmental changes in the aim of preserving continuity of usage in a pervasive computing system. When the authorisations and obligations requirements are met by the subject and the object, and the conditions requirements fail due to changes in the environment or the system context, CA-UCON model triggers specific actions to adapt to the new situation. Besides the data protection, CA-UCON model so enhances the quality of services, striving to keep explicit interactions with the user at a minimum. In this paper, this model is used to model usage control in a u-learning system and analyse its properties through simulation

Context-Aware and Adaptive Usage Control Model

Producing an adaptive usage control model that is compatible with UbiComp environments is a challenging task. A ubicomp system must be able to adapt its behavior based on its environment. Thus, it must respond to change in current context if it is to deliver an adaptive service. The security system that is utilized in an ubicomp environment (in order to control access in adaptive services) must accordingly be context-aware. CA-UCON model enables adaptation to environmental changes in the aim of preserving continuity of access and enhances the quality of services, striving to keep explicit interactions with the user at a minimum