Browse > Article
http://dx.doi.org/10.13089/JKIISC.2005.15.2.37

Context Conflicts of Role-Based Access Control in Ubiquitous Computing Environment  

Nam Seung-Jwa (LG Electronics)
Park Seog (Sogang University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.15, no.2, 2005 , pp. 37-52 More about this Journal
Abstract
Traditional access control models like role-based access control model are insufficient in security needs in ubiquitous computing environment because they take no thought of access control based on user's context or environment condition. In these days, although researches on context-aware access control using user's context or environment conditions based on role-based access control are emerged, they are on the primary stage. We present context definitions md an access control model to provide more flexible and dynamic context-aware access control based on role-based access control. Specially, we describe the conflict problems occurred in the middle of making an access decision. After classifying the conflict problems, we show some resolutions to solve them. In conclusion, we will lay the foundations of the development of security policy and model assuring right user of right object(or resource) and application service through pre-defined context and context classification in ubiquitous computing environments. Beyond the simplicity of access to objects by authorized users, we assure that user can access to the object, resource, or service anywhere and anytime according to right context.
Keywords
Ubiquitous computing; role-based access control; context; context conflict;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Anind K. Dey and Gregory D. Abowd, 'Towards a Better Understanding of Context and Context-Awareness', In Workshop on The What, Who, Where, When, and How of Context-Awareness, as part of the 2000 Conference on Human Factors in Computing Systems (CHI 2000), The Hague, The Netherlands, April 3, 2000
2 C.K. Georgiadis, I. Mavridis, G. Pangalos and R. K. Thomas, 'Flexible Team-Based Access Control Using Contexts', In ACM Symposium on Access Control Models and Technologies (SACMAT2001), pp.21-30, May 2001
3 M. Wilikens, S. Feriti, A. Sanna and M. Masera, 'A Context-Related Authorization and Access Control Method Based on RBAC : A case study from the health care domain', In 7th ACM Symposium on Access Control Models and Technologies(SACMAT2002), pp. 117-124, 2002
4 Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman, 'Role Based Access Control Model.', In IEEE Computer, 20(2), pp.38-47, February 1996
5 Gustaf Neumann and Mark Strembeck, 'An Approach to Engineer and Enforce Context Constraints in an RBAC Environment', In 8th ACM Symposium on Access Control Models and Technologies (SACMAT2003), pp. 65-79, Como, Italy, June 2003
6 Ravi Sandhu, David Ferraiolo, and Richard kuhn, 'The NIST Model for Role-Based Access Control: Towards A Unified Approach', In ACM Workshop on Role-Based Access Control. pp. 47-63, 2000
7 M. J. Covington, M.J. Moyer and M. Ahamad, 'Generalized Role-based Access Control for Securing Future Applications', In 23rd National Information Systems Security Conference (NISSC), pp.115-125, Baltimore, Maryland, USA, October 2000
8 조영섭, 조상래, 유인태, 진승헌, 정교일, '유비쿼터스 컴퓨팅과 정보보호; 유비쿼터스 컴퓨팅과 보안요구사항 분석', 정보보호학회지, 제14권 제1호, 2004
9 Anind K. Dey and Gregory D. Abowd, 'Understanding and Using Context', In Personal and Ubiquitous Computing Journal, Springer Verlag, 5(1), pp.4-7, 2001   DOI   ScienceOn
10 박춘식, '유비쿼터스 네트워크와 시큐리티 고찰', 정보보호학회지, 제14권 제1호, 2004
11 김완석, 김정국, '유비쿼터스 컴퓨팅과 정보보호; 유비쿼터스 컴퓨팅의 발전 전망과 보안에 대한 이슈', 정보보호학회지, 제14권 제1호, 2004
12 Mark Weiser, 'Some Computer Science Issues in Ubiquitous Computing', In Communications of the ACM , 36(7), pp.4-7, July 1993
13 Matthew J. Moyer and Mustaque Ahamad, 'Generalized Role-based Access Control', In IEEE International Conference on Distributed Computing Systems(ICDCS2001), pp.391- 398, Mesa, Arizona, USA, April 2001