SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
Iolus: a framework for scalable secure multicasting
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
Practical Intranet Security: Overview of the State of the Art and Available Technologies
Practical Intranet Security: Overview of the State of the Art and Available Technologies
A Middleware Infrastructure for Active Spaces
IEEE Pervasive Computing
How Role Based Access Control is Implemented in SESAME
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
KeyNote: Trust Management for Public-Key Infrastructures (Position Paper)
Proceedings of the 6th International Workshop on Security Protocols
Key Establishment in Large Dynamic Groups Using One-Way Function Trees
IEEE Transactions on Software Engineering
Access Control for Active Spaces
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
CLIQUES: A New Approach to Group Key Agreement
ICDCS '98 Proceedings of the The 18th International Conference on Distributed Computing Systems
Towards Context-aware Security: An Authorization Architecture for Intranet Environments
PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
Location constraints in digital rights management
Computer Communications
Challenges and architectural approaches for authenticating mobile users
Proceedings of the 1st international workshop on Software architectures and mobility
Hi-index | 0.00 |
In pervasive computing environments, changes in context may trigger changes in an individual's access permissions. We contend that existing access control frameworks do not provide the fine-grained revocation needed to enforce these changing authorizations. In this paper, we present an authorization framework, in the context of the Gaia OS for active spaces, which integrates context with authorization and provides fine-grained control over the enforcement of dynamically changing permissions using cryptographic mechanisms. Our design, implemented in middleware using distributed objects, addresses the limitations of traditional authorization frameworks and the specific access control needs of pervasive computing environments. As part of our proposed framework, we define cryptographic protocols that enforce access to the system's communication channels and provide secure delivery of messages. We also provide a proof of correctness of key agreement and freshness using the standard BAN deduction system.