Collaborative Computing: Networking, Applications and Worksharing. 4th International Conference, CollaborateCom 2008, Orlando, FL, USA, November 13-16, 2008, Revised Selected Papers

Research Article

Evaluating Security Policies in Pervasive Mobile Environments Using Context Information

Download
429 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-03354-4_12,
        author={Carlos S\^{a}nchez and Le Gruenwald and Mauricio S\^{a}nchez},
        title={Evaluating Security Policies in Pervasive Mobile Environments Using Context Information},
        proceedings={Collaborative Computing: Networking, Applications and Worksharing. 4th International Conference, CollaborateCom 2008, Orlando, FL, USA, November 13-16, 2008, Revised Selected Papers},
        proceedings_a={COLLABORATECOM},
        year={2012},
        month={5},
        keywords={Security integrity and protection risk context data pervasive mobile environments},
        doi={10.1007/978-3-642-03354-4_12}
    }
    
  • Carlos Sánchez
    Le Gruenwald
    Mauricio Sánchez
    Year: 2012
    Evaluating Security Policies in Pervasive Mobile Environments Using Context Information
    COLLABORATECOM
    Springer
    DOI: 10.1007/978-3-642-03354-4_12
Carlos Sánchez1,*, Le Gruenwald1,*, Mauricio Sánchez2,*
  • 1: The University of Oklahoma
  • 2: IMTEC Corporation a 3M Company
*Contact email: maletas@ou.edu, ggruenwald@ou.edu, mauricio.sanchez@imtec.com

Abstract

Due to both the number of entities and the nature of the interactions and collaborations amongst them, conventional security models are inadequate for regulating access to data and services in a pervasive mobile computing environment. Since many of these interactions occur between entities that have not interacted with each other previously, new security paradigms rely on context information in order to arrive at a security and decision. However, these new systems fail to take into account the variability, correlation and uncertainty of the context variables composing a security policy when making a security decision. In this paper, we propose a Monte Carlo based framework to evaluate security policies that are based on the changes in multiple context variables. In this framework, context variables are modeled and risk in security decisions is measured.