The emergence of ubiquitous mobile devices, such as MP3 players, cellular phones, PDAs, and laptops, has sparked the growth of rich, mobile applications. Moreover, these applications are increasingly “aware” of the user and her surrounding environment. Dynamic mobile environments are generating new requirements – such as allowing users to access real-time, customized services on-demand and with no prior registration – that are not currently addressed by existing approaches to authorization. We investigate using contextual information present in the user’s operating environment, such as a user’s location, for defining an authorization policy. More precisely, we have defined an access control model that uses contextual attributes to capture the dynamic properties of a mobile environment, including attributes associated with users, objects, transactions, and the environment. Our Contextual Attribute-Based Access Control model lends itself more naturally to a mobile environment where subjects and objects are dynamic. Our authorization model promotes the adoption of many revolutionary mobile applications by allowing for the specification of flexible access control policies.
Weitere Kapitel dieses Buchs durch Wischen aufrufen
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten
Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:
- A Contextual Attribute-Based Access Control Model
Michael J. Covington
Manoj R. Sastry
- Springer Berlin Heidelberg