A framework for decentralized access control

Authors:
Meenakshi Balasubramanian;Abhishek Bhatnagar;Namit Chaturvedi;Atish Datta Chowdhury;Arul Ganesh
Affiliations:
Honeywell Technology Solutions, Bangalore, India;Honeywell Technology Solutions, Bangalore, India;Honeywell Technology Solutions, Bangalore, India;Honeywell Technology Solutions, Bangalore, India;Honeywell Technology Solutions, Bangalore, India
Venue:
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Year:
2007

Citing 16
Cited 1

Symbolic Boolean manipulation with ordered binary-decision diagrams

ACM Computing Surveys (CSUR)
A calculus for access control in distributed systems

ACM Transactions on Programming Languages and Systems (TOPLAS)
A flexible model supporting the specification and enforcement of role-based authorization in workflow management systems

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Languages, automata, and logic

Handbook of formal languages, vol. 3
An access control model supporting periodicity constraints and temporal reasoning

ACM Transactions on Database Systems (TODS)
Flexible support for multiple access control policies

ACM Transactions on Database Systems (TODS)
Java Card Technology for Smart Cards: Architecture and Programmer's Guide

Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Automata and Computability

Automata and Computability
Gaia: a middleware platform for active spaces

ACM SIGMOBILE Mobile Computing and Communications Review
Access Control: Policies, Models, and Mechanisms

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Mona: Monadic Second-Order Logic in Practice

TACAS '95 Proceedings of the First International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Logic in Access Control

LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
An infrastructure for context-awareness based on first order logic

Personal and Ubiquitous Computing
Distributed Proving in Access-Control Systems

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
A framework for rapid-prototyping of context based ubiquitous computing applications

SUTC '06 Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing -Vol 1 (SUTC'06) - Volume 01
A conceptual framework and a toolkit for supporting the rapid prototyping of context-aware applications

Human-Computer Interaction

Security in depth through smart space cascades

ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present a framework for decentralized authorization for physical access control, using smart cards, where access to individual rooms is guarded by context-dependent policies that are dynamically evaluated. Policies are specified using a logical language parameterized by events. A policy analyzer converts policy specifications into equivalent executable automata and also generates initialization information about the contexts used in these policies. While the automata are stored in users' smart cards, context initialization information is disseminated in the system. We also provide a context modeling mechanism that supports construction and propagation of contexts in the system. Upon an access request, user automata are executed at the point of access in the presence of current context information. This results in an allow/deny decision. The benefit of this approach lies in resolving authorizations in a decentralized manner in situations where the solution needs to scale with increasing number of users.