Situation-aware access control for service-oriented autonomous decentralized systems

Service-oriented autonomous decentralized systems (S-ADS) have been presented to address the extreme dynamism in large-scale information systems. In S-ADS, various capabilities are independently constructed and managed by different providers as autonomous services that are distributed over various types of networks, including wireless and wired networks. One of the key challenges in S-ADS is to have an effective access control mechanism that can meet the dynamic and diverse security requirements of various users and providers of an S-ADS system. Current access control mechanisms can hardly meet this challenge due to lack of situation-awareness. In this paper, a situation-aware access control approach is presented, which is middleware-based and integrates situation-awareness capability and role based access control (RBAC) models to provide a practical solution for access control in S-ADS. The situation-aware RBAC model is designed for specifying dynamic access policies in an S-ADS system. Due to the situation-awareness capability of our approach, flexible and high-grained access policies can be specified and enforced for various providers and users.