Symbolic Boolean manipulation with ordered binary-decision diagrams
ACM Computing Surveys (CSUR)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Languages, automata, and logic
Handbook of formal languages, vol. 3
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Automata and Computability
Gaia: a middleware platform for active spaces
ACM SIGMOBILE Mobile Computing and Communications Review
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Mona: Monadic Second-Order Logic in Practice
TACAS '95 Proceedings of the First International Workshop on Tools and Algorithms for Construction and Analysis of Systems
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
An infrastructure for context-awareness based on first order logic
Personal and Ubiquitous Computing
Distributed Proving in Access-Control Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
A framework for rapid-prototyping of context based ubiquitous computing applications
SUTC '06 Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing -Vol 1 (SUTC'06) - Volume 01
Human-Computer Interaction
Security in depth through smart space cascades
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Hi-index | 0.00 |
We present a framework for decentralized authorization for physical access control, using smart cards, where access to individual rooms is guarded by context-dependent policies that are dynamically evaluated. Policies are specified using a logical language parameterized by events. A policy analyzer converts policy specifications into equivalent executable automata and also generates initialization information about the contexts used in these policies. While the automata are stored in users' smart cards, context initialization information is disseminated in the system. We also provide a context modeling mechanism that supports construction and propagation of contexts in the system. Upon an access request, user automata are executed at the point of access in the presence of current context information. This results in an allow/deny decision. The benefit of this approach lies in resolving authorizations in a decentralized manner in situations where the solution needs to scale with increasing number of users.