Research Article
Context-Aware Access Control Making Access Control Decisions Based on Context Information
@INPROCEEDINGS{10.1109/MOBIQW.2006.361782, author={Sven Lachmund and Thomas Walter and Laurent Gomez and Laurent Bussard and Eddy Olk}, title={Context-Aware Access Control Making Access Control Decisions Based on Context Information}, proceedings={1st International ICST Workshop on Ubiquitous Access Control}, publisher={IEEE}, proceedings_a={IWUAC}, year={2007}, month={5}, keywords={}, doi={10.1109/MOBIQW.2006.361782} }- Sven Lachmund
Thomas Walter
Laurent Gomez
Laurent Bussard
Eddy Olk
Year: 2007
Context-Aware Access Control Making Access Control Decisions Based on Context Information
IWUAC
IEEE
DOI: 10.1109/MOBIQW.2006.361782
Abstract
In ubiquitous computing environments access control decisions have to be adaptable to changes of the situation or state of an entity, in order to properly adjust to these changes without the need of manual interaction. A solution to this challenge is context-aware access control, where the mentioned changes are influencing access control decisions. In this paper we present a security framework for mobile business applications that is capable of performing context-aware access control on message level. There are several components in the framework that together (1) ensure that security requirements defined in policies are enforced in the framework, (2) provide context information and apply plausibility checks to increase the confidence that context information represents the actual situation or state (context) of an entity, and (3) perform the access-control decisions based on a combination of classic access control schemes and context information. In addition, a scenario is described where the introduced features of the framework are applied