Patterns for Location and Context-based access control

Slides:

Advertisements

Similar presentations

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.

Advertisements

BY MAULIK PATEL CED, GPERI Computing Architecture.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Distributed Systems Architectures Slide 1 1 Chapter 9 Distributed Systems Architectures.

Lecturer: Sebastian Coope Ashton Building, Room G.18 COMP 201 web-page: Lecture.

SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation.

CS 795 – Spring  “Software Systems are increasingly Situated in dynamic, mission critical settings ◦ Operational profile is dynamic, and depends.

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

Distributed Systems Architectures

ABCSG - Distributed Database 1 Data Management Distributed Database Data Replication.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

ECDL 2002 Employing Smart Browsers to Support Flexible Information Presentation in Petri net-based Digital Libraries Unmil P. Karadkar, Richard Furuta.

What is adaptive web technology?  There is an increasingly large demand for software systems which are able to operate effectively in dynamic environments.

Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European.

1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.

Course Instructor: Aisha Azeem

Secure Systems Research Group - FAU 1 SCADA Software Architecture Meha Garg Dept. of Computer Science and Engineering Florida Atlantic University Boca.

Community Manager A Dynamic Collaboration Solution on Heterogeneous Environment Hyeonsook Kim  2006 CUS. All rights reserved.

Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 12 Slide 1 Distributed Systems Design 1.

Audumbar Chormale Advisor: Dr. Anupam Joshi M.S. Thesis Defense

Mobile Computing Lecture: 4.

An Intelligent Broker Architecture for Context-Aware Systems A PhD. Dissertation Proposal in Computer Science at the University of Maryland Baltimore County.

Secure Systems Research Group - FAU Context Architectures Using Web Services PhD Candidate: Alvaro E. Escobar Advisors: Dr. Maria Petrie Dr. Eduardo Fernandez.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 12 Slide 1 Distributed Systems Architectures.

Performance analysis and prediction of physically mobile systems Point view: Computational devices including Mobile phones are expanding. Different infrastructure.

1 소프트웨어공학 강좌 Chap 9. Distributed Systems Architectures - Architectural design for software that executes on more than one processor -

An Introduction to Software Architecture

Secure Systems Research Group - FAU Context Architectures Using Web Services Candidate: Alvaro E. Escobar Advisors: Dr. Maria Petrie Dr. Eduardo Fernandez.

Chapter 1 Lecture 2 By :Jigar M Pandya WCMP 1. Architecture of Mobile Computing The three tier architecture contains the user interface or the presentation.

UMBC iConnect Audumbar Chormale, Dr. A. Joshi, Dr. T. Finin, Dr. Z. Segall.

SAMANVITHA RAMAYANAM 18 TH FEBRUARY 2010 CPE 691 LAYERED APPLICATION.

Ontology-based and Rule-based Policies: Toward a Hybrid Approach to Control Agents in Pervasive Environments The Semantic Web and Policy Workshop – ISWC.

Secure Systems Research Group - FAU Contexts and Context-based Access Control Model PhD Dissertation Progress Report Candidate: Alvaro E. Escobar Advisors:

The roots of innovation Future and Emerging Technologies (FET) Future and Emerging Technologies (FET) The roots of innovation Proactive initiative on:

Page 1 WWRF Briefing WG2-br2 · Kellerer/Arbanowski · · 03/2005 · WWRF13, Korea Stefan Arbanowski, Olaf Droegehorn, Wolfgang.

1 15 quality goals for requirements  Justified  Correct  Complete  Consistent  Unambiguous  Feasible  Abstract  Traceable  Delimited  Interfaced.

Context: definition and specification. Leuven, 21 november 2003 Agenda Introduction Work method Context in literature  Definitions  Specifications Where.

A Context Model based on Ontological Languages: a Proposal for Information Visualization School of Informatics Castilla-La Mancha University Ramón Hervás.

Secure Systems Research Group - FAU SW Development methodology using patterns and model checking 8/13/2009 Maha B Abbey PhD Candidate.

Secure Systems Research Group - FAU A Trust Model for Web Services Ph.D Dissertation Progress Report Candidate: Nelly A. Delessy, Advisor: Dr E.B. Fernandez.

Secure Systems Research Group - FAU Context Architectures Using Web Services Candidate: Alvaro E. Escobar Advisors: Dr. Maria Petrie Dr. Eduardo Fernandez.

FDT Foil no 1 On Methodology from Domain to System Descriptions by Rolv Bræk NTNU Workshop on Philosophy and Applicablitiy of Formal Languages Geneve 15.

REU 2004 Computer Science and Engineering Department The University of Texas at Arlington Research Experiences for Undergraduates in Distributed Rational.

Task 1.2 Context: definition and specification. Leuven, 14 oktober 2004 Outline Introduction Work method Context definition Context specification  Overview.

Service Discovery Protocols Mobile Computing - CNT Dr. Sumi Helal Professor Computer & Information Science & Engineering Department University.

Secure Systems Research Group - FAU 1 A Trust Model for Web Services Ph.D Dissertation Progess Report Candidate: Nelly A. Delessy, Advisor: Dr E.B. Fernandez.

A Pattern Language for Firewalls Eduardo B. Fernandez, Maria M. Petrie, Naeem Seliya, Nelly Delessy, and Angela Herzberg.

Csci 490 / Engr 596 Special Topics / Special Projects Software Design and Scala Programming Spring Semester 2010 Lecture Notes.

Secure Systems Research Group - FAU 1 WS-Reliability Pattern Ingrid Buckley Dept. of Computer Science and Engineering Florida Atlantic University Boca.

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 6 Essentials of Design.

Distributed System Architectures Yonsei University 2 nd Semester, 2014 Woo-Cheol Kim.

Seminar on Service Oriented Architecture Distributed Systems Architectural Models From Coulouris, 5 th Ed. SOA Seminar Coulouris 5Ed.1.

Providing web services to mobile users: The architecture design of an m-service portal Minder Chen - Dongsong Zhang - Lina Zhou Presented by: Juan M. Cubillos.

CSC 480 Software Engineering Lecture 17 Nov 4, 2002.

Engr 691 Special Topics in Engineering Science Software Architecture Spring Semester 2004 Lecture Notes.

Wireless Communication & Mobile Programming 1 UNIT- 1 – MOBILECOMPUTINGINTRODUCTION Blog: aforajayshahnirma.wordpress.com.

Context-based Access Control

1 Architectural Blueprints—The “4+1” View Model of Software Architecture (

REU 2009 Computer Science and Engineering Department The University of Texas at Arlington Research Experiences for Undergraduates in Information Processing.

Dr D. Greer, Queens University Belfast ) Software Engineering Chapter 7 Software Architectural Design Learning Outcomes Understand.

Meier, R. Cahill, V. Distributed Systems Group, School of Computer Science and Statistics, Trinity College Dublin, Ireland RTLab. Seolyoung,

1 Multimedia services over networks Service provider Service client Service registry Publish Discovery Bind Multimedia system Review/background Framework/

Context-Aware Middleware for Resource Management in the Wireless Internet US Lab 신현정.

CGS 2545: Database Concepts Fall 2010

CSC 480 Software Engineering

Extending a secure development methodology to distributed systems

THREE TIER MOBILE COMPUTING ARCHITECTURE

3rd Studierstube Workshop TU Wien

Presentation transcript:

Patterns for Location and Context-based access control 9/15/2005 Patterns for Location and Context-based access control PhD Dissertation Progress Report Candidate: Alvaro E. Escobar Advisors: Dr. Eduardo Fernandez Dr. Maria Petrie Department of Computer Science and Engineering Florida Atlantic University, Boca Raton FL.

What is not Context? Is not simply the state of a predefined environment with a fixed set of interaction resources. Is not Attribute/Value pairs that only define or represent or describe user’s state in a static way.

What is Context? The set of facts and/or circumstances that surround a situation or event. [Google]. Context is a process of interacting with an ever-changing environment composed of reconfigurable, migratory, distributed, and multi-scale resources. [Cou05]. Context is the logical set of resources accessible to a client during a service session depending on several factors, such as client location, access device capabilities, management policies of the access locality, subscribed services, user preferences, and level of trust. [Bel03]. The view of context-as-process is more flexible than the simpler view of context-as-state.

What is Context made of? Two critical sub-processes in context are:[Cou05]. Recognize users’ goals, preferences and activities (a.k.a.Profiles). Map them adaptively onto the population of available services and resources, filtered by access control Policies.

What is Context made of? UML Model 1: [Kir05] 9/15/2005 Physical context are location, device and application. Organizational context is group, role, member, calendar, activity, shared object and process.

What is Context made of? UML Model 2: [Kir05]

What is a Profile? Profiles represent characteristics, capabilities, and requirements of users, devices, and service components. [Bel03]. User profiles maintain information about personal preferences, interests, security requirements, and subscribed services. Device profiles report the hardware/software characteristics of the supported devices. Service component profiles describe the interface of available service components as well as their properties relevant for binding management decisions, e.g., whether a service component can be copied and migrated over the network. Site profiles provide a resource group abstraction, by listing all the resources currently available at one location.

What is a Profile? Profiles are both: [Kir05] 9/15/2005 What is a Profile? Profiles are both: [Kir05] Descriptions of user’s potential contexts. Filtering rules that reflect user’s preferences, given a context. an owner (for who/what the profile is defined), the application context to be considered, a set of event types to be selected, and a set of conditions to be checked.

What is a Policy? Policies express the choices of a ruling system behavior, in terms of the actions subjects can/must operate upon resources.[Bel03] Access control policies specify the actions subjects are allowed to perform on resources depending on various types of conditions, e.g., subject identity and resource state; Obligation policies define the actions subjects must perform on resources when specified conditions occur.

What is a Policy? Filtering process between profiles and events: [Kir05]

What about Access Control (AC)? The automatic qualification of accessible resources (AC) depends on the client location, the current enforced management policies in the hosting locality, and the user’s personal preferences (aka profiles). [Bel03]

Patterns for Location and Context-based access control References: [Bel03] P. Bellavista, A. Corradi, R. Montanari, C. Stefanelli, “Context-Aware Middleware for Resource Management in the Wireless Internet”, IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, Vol. 29, No. 12, December 2003. Page 1086. [Cou05] J. Coutaz, J. L. Crowley, S. Dobson & D. Garlan. “Context is key”. COMMUNICATIONS OF THE ACM March 2005/Vol. 48, No. 3. Page 49. [Sch95] W. N. Schilit. “A System Architecture for Context-Aware Mobile Computing”. PhD thesis dissertation. COLUMBIA UNIVERSITY 1995. [Kir05] M. Kirsch-Pinheiro, M. Villanova-Oliver, J. Gensel, H. Martin. “Context-Aware Filtering for Collaborative Web Systems: Adapting the Awareness Information to the User’s Context” 2005 ACM Symposium on Applied Computing. SAC’05, March 13-17, 2005, Santa Fe, New Mexico, USA.