Experiences with the Amoeba distributed operating system
Communications of the ACM
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
Location Privacy in Pervasive Computing
IEEE Pervasive Computing
Preserving Privacy in Environments with Location-Based Applications
IEEE Pervasive Computing
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Cerberus: A Context-Aware Security Scheme for Smart Spaces
PERCOM '03 Proceedings of the First IEEE International Conference on Pervasive Computing and Communications
Tradeoffs in certificate revocation schemes
ACM SIGCOMM Computer Communication Review
An infrastructure for context-awareness based on first order logic
Personal and Ubiquitous Computing
Context-Based Security Policies: A New Modeling Approach
PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
Context-Based Secure Resource Access in Pervasive Computing Environments
PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
A Software Engineering Framework for Context-Aware Pervasive Computing
PERCOM '04 Proceedings of the Second IEEE International Conference on Pervasive Computing and Communications (PerCom'04)
An ontology for context-aware pervasive computing environments
The Knowledge Engineering Review
Secure Context-Sensitive Authorization
PERCOM '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications
Distributed Proving in Access-Control Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Context sensitive access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Secure context-sensitive authorization
Pervasive and Mobile Computing
Context-Aware Computing Applications
WMCSA '94 Proceedings of the 1994 First Workshop on Mobile Computing Systems and Applications
Safety and consistency in policy-based authorization systems
Proceedings of the 13th ACM conference on Computer and communications security
Lightweight cnsistency enforcement schemes for distributed proofs with hidden subtrees
Proceedings of the 12th ACM symposium on Access control models and technologies
The Traust Authorization Service
ACM Transactions on Information and System Security (TISSEC)
Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
On the consistency of distributed proofs with hidden subtrees
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
A logic-based language is often adopted in systems for pervasive computing, because it provides a convenient way to define rules that change the behavior of the systems dynamically. Those systems might define rules that refer to the users' context information to provide context-aware services. For example, a smart-home application could define rules referring to the location of a user to control the light of a house automatically. In general, the context information is maintained in different administrative domains, and it is, therefore, desirable to construct a proof in a distributed way while preserving each domain's confidentiality policies. In this paper, we introduce such a system, a secure distributed proof system for context-sensitive authorization and show that our novel caching and revocation mechanism improves the performance of the system, which depends on public key cryptographic operations to protect confidential information in rules and facts. Our revocation mechanism maintains dependencies among facts and recursively revokes across multiple hosts all the cached facts that depend on a fact that has become invalid. Our initial experimental results show that our caching mechanism, which maintains both positive and negative facts, significantly reduces the latency for handling a logical query.