A Flexible Trust-Based Access Control Mechanism for Security and Privacy Enhancement in Ubiquitous Systems

It is the ubiquity and mobility absolutely necessary for ubiquitous computing environments that raise new challenges for pervasive service provision invisibly. Particularly, mobility of users/devices causes un-predefined and unpredictable changes in physical location and in available resources and services, event at runtime and during the same service session, thus forcing us to consider very dynamic aspects of evaluation when designing an access control mechanism. Alternatively, there is generally no a priori trust relationship among entities interacting in pervasive computing environments which makes it essential to establish trust from scratch. This task becomes extremely challenging when it is simultaneously necessary to protect the privacy of the users involved. In this paper , we first show how trust evaluation process of the user´s system can be based on previous accesses and peer recommendations. A solution then relied on trust to control access is proposed that depends upon pre-defined access control security policy. Several tuning parameters and options are suggested so that end-users can customize to meet the security and privacy requirement of a ubiquitous system.