1st International ICST Workshop on the Security and Privacy of Emerging Ubiquitous Communication Systems

Research Article

Privacy Challenges in Context-sensitive Access Control for Pervasive Computing Environment

  • @INPROCEEDINGS{10.1109/MOBIQ.2007.4451065,
        author={Sheikh  Ahamed and Nilothpal  Talukder and Md.  Munirul Haque},
        title={Privacy Challenges in Context-sensitive Access Control for Pervasive Computing Environment},
        proceedings={1st International ICST Workshop on the Security and Privacy of Emerging Ubiquitous Communication Systems},
        publisher={IEEE},
        proceedings_a={SPEUCS},
        year={2008},
        month={2},
        keywords={Healthcare  Information leak  Pervasive Computing  Privacy violation  Trust Model},
        doi={10.1109/MOBIQ.2007.4451065}
    }
    
  • Sheikh Ahamed
    Nilothpal Talukder
    Md. Munirul Haque
    Year: 2008
    Privacy Challenges in Context-sensitive Access Control for Pervasive Computing Environment
    SPEUCS
    IEEE
    DOI: 10.1109/MOBIQ.2007.4451065
Sheikh Ahamed1,*, Nilothpal Talukder1,*, Md. Munirul Haque1,*
  • 1: Dept. of Mathematics, Statistics and Computer Science Marquette University Milwaukee, Wisconsin, USA
*Contact email: iq@mscs.mu.edu, ntalukde@mscs.mu.edu, mhaque@mscs.mu.edu

Abstract

The widespread prevalence of pervasive devices and applications has raised the concerns of privacy. Granting Access to Resources and Context sensitive information causes information leakage through inference or obfuscation. Again, the open and dynamic collaborative environment of pervasive computing has rendered the traditional access control models like Role based models to be unfit. Even though Trust based models came to rescue in such circumstances, privacy is mostly compromised in the big picture. In this paper, we have drawn examples from pervasive computing environment and illustrated some scenarios of privacy violation. We have presented a trust based access control model for pervasive healthcare environment to prevent information leakage on accessing constraint information that yields privacy violation in the end. We have addressed information leak from three perspectives of constraint information satisfaction to grant access to the resources. They are satisfy any, satisfy all and hierarchical constraints. Furthermore, the model eliminates requirements for maintaining any keys or access rights certificates for privacy protection. This lightweight model helps ensure the resource constrained small pervasive devices like PDA, cell phones use the access control model effectively and efficiently with privacy of the individuals preserved in the first place.