Controlling access to pervasive information in the “Solar” system


Kazuhiro Minami and David Kotz. Controlling access to pervasive information in the “Solar” system. Technical Report number TR2002-422, Dartmouth Computer Science, February 2002. ©Copyright the authors.


Pervasive-computing infrastructures necessarily collect a lot of context information to disseminate to their context-aware applications. Due to the personal or proprietary nature of much of this context information, however, the infrastructure must limit access to context information to authorized persons. In this paper we propose a new access-control mechanism for event-based context-distribution infrastructures. The core of our approach is based on a conservative information-flow model of access control, but users may express discretionary relaxation of the resulting access-control list (ACL) by specifying relaxation functions. This combination of automatic ACL derivation and user-specified ACL relaxation allows access control to be determined and enforced in a decentralized, distributed system with no central administrator or central policy maker. It also allows users to express their personal balance between functionality and privacy. Finally, our infrastructure allows access-control policies to depend on context-sensitive roles, allowing great flexibility.

We describe our approach in terms of a specific context-dissemination framework, the Solar system, although the same principles would apply to systems with similar properties.

Citable with [BibTeX]

Projects: [solar]

Keywords: [context-aware] [security]

Available from the publisher: [page]

Available from the author: [bib] [pdf]
This pdf was produced by the publisher and its posting here is permitted by the publisher.

[Kotz research]