Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
A temporal authorization model
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Project Aura: Toward Distraction-Free Pervasive Computing
IEEE Pervasive Computing
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Protection in the Hydra Operating System
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Access control to information in pervasive computing environments
Access control to information in pervasive computing environments
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Kerberized credential translation: a solution to web access control
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
Hi-index | 0.00 |
In pervasive computing environments, information gateways derive specific information, such as a person's location, from raw data provided by a service, such as a videostream offered by a camera. Here, access control to confidential raw data provided by a service becomes difficult when a client does not have access rights to this data. For example, a client might have access to a person's location information, but not to the videostream from which a gateway derives this information. Simply granting access rights to a gateway will allow an intruder into the gateway to access any raw data that the gateway can access. We present the concept of derivation-constrained access control, which requires a gateway to prove to a service that the gateway needs requested raw data to answer a client's authorized request for derived information. Therefore, an intruder into the gateway will be limited in its capabilities. We provide a formal framework for derivation-constrained access control based on Lampson et al.'s “speaks-for” relationship. We demonstrate feasibility of our design with a sample implementation and a performance evaluation.