Title :
Exploiting Information Relationships for Access Control
Author :
Hengartner, Urs ; Steenkiste, Peter
Author_Institution :
Dept. of Comput. Sci., Carnegie Mellon Univ., Pittsburgh, PA
Abstract :
Pervasive computing environments offer a multitude of information services that provide potentially complex types of information. Therefore, when running access control for sensitive information, these environments need to take relationships between information into account. Other approaches to relationship-aware access control (e.g., based on semantic Web rule engines) are often expensive and based on a centralized design. In this paper, we identify three types of information relationships (bundling-based, combination-based, and granularity-based) that are common and important in pervasive computing, and we integrate support for them in distributed, certificate-based access control architecture. In our approach, access control is fully distributed while sophisticated rule engines can still be used to deal with more complex access control cases. To demonstrate the feasibility of our design, we give a complexity analysis of the architecture and a performance analysis of a prototype implementation
Keywords :
authorisation; certification; ubiquitous computing; certification; information relationship; information services; pervasive computing; role-based access control; Access control; Calendars; Computer architecture; Detectors; Engines; Face detection; Performance analysis; Permission; Pervasive computing; Semantic Web;
Conference_Titel :
Pervasive Computing and Communications, 2005. PerCom 2005. Third IEEE International Conference on
Conference_Location :
Kauai Island, HI
Print_ISBN :
0-7695-2299-8
DOI :
10.1109/PERCOM.2005.19
