Access control models for pervasive computing environments
Date
2010
Authors
Toahchoodee, Manachai, author
Ray, Indrakshi, advisor
McConnell, Ross M., committee member
Ray, Indrajit, 1966-, committee member
Hayne, Stephen, committee member
Journal Title
Journal ISSN
Volume Title
Abstract
With the growing advancement of pervasive computing technologies, we are moving towards an era where context information will be necessary for access control. Traditional access control models like Mandatory Access Control (MAC), Discretionary Access Control (DAC), and Role-Based Access Control (RBAC) do not work well in this scenario for several reasons. First, unlike traditional applications, pervasive computing applications usually do not have well-defined security perimeter-the entities an application will interact with or the resources that will be accessed may not be known in advance. Second, these applications are also dynamic in nature--the accessing entities may change, resources requiring protection may be created or modified, and an entity's access to resources may change during the course of the application, which make the resources protection during application execution extremely challenging. Third, pervasive computing applications use the knowledge of surrounding physical spaces to provide services; security policies designed for such applications must therefore use contextual information. Thus, new access control models and technologies are needed for pervasive computing applications. In this dissertation, we propose two types of access control models for pervasive computing environments; one determine the accessibility based on the spatio-temporal constraints, and the other determine the accessibility based on the trustworthiness of the entities. The different features of access control models may interact in subtle ways resulting in conflicts. Consequently, it is important to analyze and understand these models before they are widely deployed. The other contribution of this dissertation is to verify the correctness of the model. The results obtained by analyzing the access control models will enable the users of the model to make informed decisions. Toward this end, we propose automated verification techniques for our access control models.
Description
Department Head: L. Darrell Whitley.
Rights Access
Subject
data security
RBAC
pervasive computing
computer security
access control model for pervasive computing
access control model
Ubiquitous computing
Context-aware computing
Computers -- Access control
Computer security