Abstract

Recent advances in embedded computing and communications technology have facilitated the development of intelligent environments, enabling exciting new ap-plications, but also creating new challenges for security. The large number of het-erogeneous devices, mobile users, and new kinds of applications all contribute to making security administration and enforcement more difficult. We study the problem of access control for such environments, which we call Ac-tive Spaces. Context plays an important role in these systems—users may have different permissions in different situations, making access control harder to con-figure, enforce and understand. Collaboration between users is common in these spaces, and needs to be supported by the system. My thesis is that existing models for access control, such as Role-Based Access Con-trol, can be extended to satisfy the access control requirements for Active Spaces. An access control architecture for Active Spaces must integrate physical and virtual aspects of the environment, provide explicit support for collaborative applications,

Citations

2605	Graph-based algorithms for Boolean function manipulation - Bryant - 1986
1734	The Anatomy of the Grid: Enabling Scalable Virtual Organizations - FOSTER, KESSELMAN, et al. - 2001
1087	The computer for the 21st century - Weiser - 1991
944	Role-based access control models - Sandhu, Coyne, et al. - 1996
557	A cookbook for using the model-view controller user interface paradigm in smalltalk80 - Krasner, Pope - 1988
537	The protection of information in computer systems - Saltzer, Schroeder - 1975
462	Cryptographyand Data Security - Denning - 1982
388	Enforceable security policies - Schneider - 2000
375	The Context Toolkit: Aiding the Development of ContextAware Applications - Dey, Abowd - 1999
363	Guarded commands, nondeterminacy and formal derivation of programs - Dijkstra - 1975
321	Protection in operating systems - Harrison, Ruzzo, et al. - 1976
299	P: A Focus+Context Technique Based on Hyperbolic Geometry for Visualizing Large Hierarchies. Page 10 of 11 (page number not for citation purposes - Lamping, Rao, et al.
266	D.: Role-based access control - Ferraiolo, Kuhn - 1992
234	The interactive workspaces project: experiences with ubiquitous computing rooms - Johanson, Fox, et al. - 2002
221	Finding the k shortest paths - Eppstein - 1998
180	Safety in automated trust negotiation - Winsborough, Li
177	Object Request Broker Architecture - Common - 2004
175	Gaia: A Middleware Infrastructure to Enable Active Spaces - Román, Hess, et al.
169	TRBAC: A Temporal Role-based Access Control Model - Bertino, Bonatti, et al.
155	Privacy by design—Principles of privacy-aware ubiquitous systems - Langheinrich - 2001
140	The arbac97 model for role-based administration of roles - Sandhu, Bhamidipati, et al. - 1999
140	Access Control for Collaborative Environments - Shen, Dewan - 1992
131	Configuring Role-based Access Control to Enforce Mandatory and Discretionary Access Control Policies - Osborn, Sandhu, et al. - 2000
125	Handbook of Usability Testing: How to plan, design and conduct effective tests - Rubin - 2008
123	Supporting structured credentials and sensitive policies trough interoperable strategies for automated trust - Yu, Winslett, et al. - 2003
109	Specification and enforcement of authorization constraints in workflow management systems - Bertino, Ferrari, et al.
108	Role-Based Authorization Constraints Specification - Ahn, Sandhu - 2000
105	The cognitive walkthrough method: A practitioner's guide - Wharton, Reiman, et al. - 1994
96	Securing context-aware applications using environment roles - Covington, Long, et al.
93	User interface evaluation in the real world: A comparison of four techniques - Jeffries, Miller, et al. - 1991
81	A Context-Based Infrastructure for Smart Environments - Dey, Gregory, et al. - 1999
72	Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterpriseoriented Authorization Management - Thomas, Sandhu - 1997
70	User interaction design for secure systems - Yee - 2002
64	User-Centered Security - Zurko, Simon - 1996
57	Smart rooms - Pentland - 1996
55	Trust-based security in pervasive computing environments - Kagal, Finin, et al. - 2001
48	Flexible Team-Based Access Control Using Contexts - Georgiadis, Mavridis, et al. - 2001
46	Comparison of empirical testing and walkthrough methods in user interface evaluation - Karat, Campbell, et al. - 1992
44	Access control mechanisms for inter-organizational workflow - Kang, Park, et al.
43	A uniform framework for regulating service access and information release on the web - Bonatti, Samarati
42	Measuring usability: preference vs. performance - Nielsen, Levy - 1994
41	dRBAC: Distributed Role-Based Access Control for Dynamic Coalition Environments - Freudenthal, Pesin, et al. - 2002
39	Cerberus: a context-aware security scheme for smart spaces - Al-Muhtadi - 2003
34	Modeling Mandatory Access Control in RoleBased Security Systems - Nyanchama, Osborn - 1997
33	Implementing Access Control to People Location Information - Hengartner, Steenkiste - 2004
25	Know why your access was denied: regulating feedback for usable security - Kapadia, Sampemane, et al. - 2004
24	Protection--principles and practice - Graham, Denning - 1972
23	BuDDy - A Binary Decision Diagram Package - Lind-Nielsen - 1999
21	R.H.: Gaia: A development infrastructure for active spaces - Cerqueira, Hess, et al. - 2001
20	Models for Coalition-based Access Control (CBAC - Cohen, Thomas, et al. - 2002