A Context-Risk-Aware Access Control Model for Ubiquitous Environments

Ali Ahmed, Ning Zhang

    Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

    Abstract

    This paper reports our ongoing work to design a context-risk-aware access control (CRAAC) model for ubiquitous computing (UbiComp) environments. CRAAC is designed to augment flexibility and generality over the current solutions. Risk assessment and authorization level of assurance play a key role in CRAAC. Through risk assessment, resources are classified into groups according to their sensitivity levels and potential impacts should any unauthorized access occurs. The identified risks are mapped onto their required assurance levels, called object level of assurance (OLoA). Upon receiving an object access request, the requesterpsilas run-time contextual information is assessed to establish a requesterpsilas level of assurance (RLoA) denoting the level of confidence in identifying that requester. The access request is granted if RLoA ges OLoA. This paper describes the motivation for, and the design of, the CRAAC model, and reports a case study of further illustrate the model.
    Original languageEnglish
    Title of host publicationthe Proceedings of the 3rd International Workshop on Secure Information Systems (SIS'08)
    PublisherIEEE Computer Society
    Pages775-782
    Number of pages8
    Publication statusPublished - Oct 2008
    EventInternational Multiconference on Computer Science and Information Technology, 2008. - Wisla, Poland
    Duration: 20 Oct 200822 Oct 2008

    Conference

    ConferenceInternational Multiconference on Computer Science and Information Technology, 2008.
    CityWisla, Poland
    Period20/10/0822/10/08

    Fingerprint

    Dive into the research topics of 'A Context-Risk-Aware Access Control Model for Ubiquitous Environments'. Together they form a unique fingerprint.

    Cite this