Securing Context-Aware Applications Using Environment Roles
Author(s)
Covington, Michael J.
Long, Wende
Srinivasan, Srividhya
Dey, Anind K.
Advisor(s)
Editor(s)
Collections
Supplementary to:
Permanent Link
Abstract
In the future, a largely invisible and ubiquitous computing infrastructure
will assist people with a variety of activities in the home and at work.
The applications that will be deployed in such systems will create and
manipulate private information and will provide access to a variety of other
resources. Securing such applications is challenging for a number of
reasons. Unlike traditional systems where access control has been explored,
access decisions may depend on the context in which requests are made. We
show how the well-developed notion of roles can be used to capture
security-relevant context of the environment in which access requests are
made. By introducing environment roles, we create a uniform access control
framework that can be used to secure context-aware applications. We also
present a security architecture that supports security policies that make
use of environment roles to control access to resources.
Sponsor
Date
2000
Extent
186239 bytes
Resource Type
Text
Resource Subtype
Technical Report