The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Communications of the ACM - Privacy and security in highly dynamic systems
| Hi-index | 0.00 |
Mobile devices consume significant amounts of information, from different sources. Thus they often deal also with sensitive or confidential data, in places or situations that could be not appropriate, or not compliant with a corporate policy: context-aware access/usage control solutions can counter such situations. We propose a prototype, called ProtectMe, that exploits "Sticky Policies" (SP) that are attached to resources and prescribe usage conditions. Since mobile devices cannot foresee usage conditions of collected data, ProtectMe integrates SPs within any information consumable by mobile devices, and dynamically enforces their usage constraints. It assists users in attaching access and usage control conditions stated by resource-specific SPs, and it enforces them by making use of contextual information collected by mobile devices. The aim of the prototype is to show the feasibility of the SP approach, merging security functionalities within a concept for expressing SPs in a user-friendly manner.