Download presentation
Presentation is loading. Please wait.
Published byElmer Conley Modified over 9 years ago
1
Patterns for Location and Context-based access control
9/15/2005 Patterns for Location and Context-based access control PhD Dissertation Progress Report Candidate: Alvaro E. Escobar Advisors: Dr. Eduardo Fernandez Dr. Maria Petrie Department of Computer Science and Engineering Florida Atlantic University, Boca Raton FL.
2
What is not Context? Is not simply the state of a predefined environment with a fixed set of interaction resources. Is not Attribute/Value pairs that only define or represent or describe user’s state in a static way.
3
What is Context? The set of facts and/or circumstances that surround a situation or event. [Google]. Context is a process of interacting with an ever-changing environment composed of reconfigurable, migratory, distributed, and multi-scale resources. [Cou05]. Context is the logical set of resources accessible to a client during a service session depending on several factors, such as client location, access device capabilities, management policies of the access locality, subscribed services, user preferences, and level of trust. [Bel03]. The view of context-as-process is more flexible than the simpler view of context-as-state.
4
What is Context made of? Two critical sub-processes in context are:[Cou05]. Recognize users’ goals, preferences and activities (a.k.a.Profiles). Map them adaptively onto the population of available services and resources, filtered by access control Policies.
5
What is Context made of? UML Model 1: [Kir05] 9/15/2005
Physical context are location, device and application. Organizational context is group, role, member, calendar, activity, shared object and process.
6
What is Context made of? UML Model 2: [Kir05]
7
What is a Profile? Profiles represent characteristics, capabilities, and requirements of users, devices, and service components. [Bel03]. User profiles maintain information about personal preferences, interests, security requirements, and subscribed services. Device profiles report the hardware/software characteristics of the supported devices. Service component profiles describe the interface of available service components as well as their properties relevant for binding management decisions, e.g., whether a service component can be copied and migrated over the network. Site profiles provide a resource group abstraction, by listing all the resources currently available at one location.
8
What is a Profile? Profiles are both: [Kir05]
9/15/2005 What is a Profile? Profiles are both: [Kir05] Descriptions of user’s potential contexts. Filtering rules that reflect user’s preferences, given a context. an owner (for who/what the profile is defined), the application context to be considered, a set of event types to be selected, and a set of conditions to be checked.
9
What is a Policy? Policies express the choices of a ruling system behavior, in terms of the actions subjects can/must operate upon resources.[Bel03] Access control policies specify the actions subjects are allowed to perform on resources depending on various types of conditions, e.g., subject identity and resource state; Obligation policies define the actions subjects must perform on resources when specified conditions occur.
10
What is a Policy? Filtering process between profiles and events: [Kir05]
11
What about Access Control (AC)?
The automatic qualification of accessible resources (AC) depends on the client location, the current enforced management policies in the hosting locality, and the user’s personal preferences (aka profiles). [Bel03]
12
Patterns for Location and Context-based access control
References: [Bel03] P. Bellavista, A. Corradi, R. Montanari, C. Stefanelli, “Context-Aware Middleware for Resource Management in the Wireless Internet”, IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, Vol. 29, No. 12, December Page 1086. [Cou05] J. Coutaz, J. L. Crowley, S. Dobson & D. Garlan. “Context is key”. COMMUNICATIONS OF THE ACM March 2005/Vol. 48, No. 3. Page 49. [Sch95] W. N. Schilit. “A System Architecture for Context-Aware Mobile Computing”. PhD thesis dissertation. COLUMBIA UNIVERSITY 1995. [Kir05] M. Kirsch-Pinheiro, M. Villanova-Oliver, J. Gensel, H. Martin. “Context-Aware Filtering for Collaborative Web Systems: Adapting the Awareness Information to the User’s Context” 2005 ACM Symposium on Applied Computing. SAC’05, March 13-17, 2005, Santa Fe, New Mexico, USA.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.