A Flexible and Scalable Access Control for Ubiquitous Computing Environments
Abstract: The ubiquity and invisibility characteristics of ubiquitous computing (ubicomp) arise many security problems, especially in the field of access control. Some important issues that are needed to be addressed in access control design are: (1) Ubicomp environment is composed of huge amount of entities. Therefore, determination of access rights must be based on role or group of role, instead of individuals. (2) The context (e.g. user’s location, user’s need, etc) changes dynamically over time. Hence authorization of user’s accessibility is required to be based on such contextual information for proper enforce-ment of the required policies. (3) Users may not know what credentials are to be provided to access a specific service. In that case, the delivery service must support some interaction mechanism to explicitly acquire necessary credentials from users. (4) Numerous entities, roaming across different domains in ubiquitous network, are usually unknown to the local system. Access control should be based on the notion of trust to grant privileges in such circumstances. Lots of works have been done in the area of access control. Most of them have followed any of the four main approaches: Role-based Access Control (RBAC), Policy-based Access Control (PBAC), Context-based Access Control (CBAC), and Trust-based Access Control (TBAC). However, each of these approaches itself can not fulfill such security requirements of ubicomp. Hence we propose a Hybrid Access Control (HAC) model to tackle the problems of these approaches while taking their major advantages. HAC is hybrid of RBAC, PBAC, CBAC, and TBAC.
Loading