Patterns for Location and Context-based access control

About This Presentation

Title:

Description:

Number of Views:66

Avg rating:3.0/5.0

Slides: 13

Provided by: TamiSo2

Learn more at: https://www.cse.fau.edu

Category:

more less

Transcript and Presenter's Notes

Title: Patterns for Location and Context-based access control

1
Patterns for Location and Context-based access
control

Department of Computer Science and
Engineering Florida Atlantic University, Boca
Raton FL.
2
What is not Context?

Is not simply the state of a predefined
environment with a fixed set of interaction
resources.
Is not Attribute/Value pairs that only define or
represent or describe users state in a static
way.

3
What is Context?

The set of facts and/or circumstances that
surround a situation or event. Google.
Context is a process of interacting with an
ever-changing environment composed of
reconfigurable, migratory, distributed, and
multi-scale resources. Cou05.
Context is the logical set of resources
accessible to a client during a service session
depending on several factors, such as client
location, access device capabilities, management
policies of the access locality, subscribed
services, user preferences, and level of trust.
Bel03.
The view of context-as-process is more flexible
than the simpler view of context-as-state.

4
What is Context made of?

Two critical sub-processes in context
areCou05.
Recognize users goals, preferences and
activities (a.k.a.Profiles).
Map them adaptively onto the population of
available services and resources, filtered by
access control Policies.

5
What is Context made of?

6
What is Context made of?

7
What is a Profile?

Profiles represent characteristics, capabilities,
and requirements of users, devices, and service
components. Bel03.
User profiles maintain information about personal
preferences, interests, security requirements,
and subscribed services.
Device profiles report the hardware/software
characteristics of the supported devices.
Service component profiles describe the interface
of available service components as well as their
properties relevant for binding management
decisions, e.g., whether a service component can
be copied and migrated over the network.
Site profiles provide a resource group
abstraction, by listing all the resources
currently available at one location.

8
What is a Profile?

9
What is a Policy?

Policies express the choices of a ruling system
behavior, in terms of the actions subjects
can/must operate upon resources.Bel03
Access control policies specify the actions
subjects are allowed to perform on resources
depending on various types of conditions, e.g.,
subject identity and resource state
Obligation policies define the actions subjects
must perform on resources when specified
conditions occur.

10
What is a Policy?

11
What about Access Control (AC)?

The automatic qualification of accessible
resources (AC) depends on the client location,
the current enforced management policies in the
hosting locality, and the users personal
preferences (aka profiles). Bel03

12
Patterns for Location and Context-based access
control

References
Bel03 P. Bellavista, A. Corradi, R. Montanari,
C. Stefanelli, Context-Aware Middleware for
Resource Management in the Wireless Internet,
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, Vol.
29, No. 12, December 2003. Page 1086.
Cou05 J. Coutaz, J. L. Crowley, S. Dobson D.
Garlan. Context is key. COMMUNICATIONS OF THE
ACM March 2005/Vol. 48, No. 3. Page 49.
Sch95 W. N. Schilit. A System Architecture for
Context-Aware Mobile Computing. PhD thesis
dissertation. COLUMBIA UNIVERSITY 1995.
Kir05 M. Kirsch-Pinheiro, M. Villanova-Oliver,
J. Gensel, H. Martin. Context-Aware Filtering
for Collaborative Web Systems Adapting the
Awareness Information to the Users Context 2005
ACM Symposium on Applied Computing. SAC05, March
13-17, 2005, Santa Fe, New Mexico, USA.