Abstract
In pervasive computing environments, changes in context may trigger changes in an individual's access permissions. We contend that existing access control frameworks do not provide the fine-grained revocation needed to enforce these changing authorizations. In this paper, we present an authorization framework, in the context of the Gaia OS for active spaces, which integrates context with authorization and provides fine-grained control over the enforcement of dynamically changing permissions using cryptographic mechanisms. Our design, implemented in middleware, addresses the limitations of traditional authorization frameworks and the specific access control needs of pervasive computing environments. As part of our proposed framework, we define cryptographic protocols that enforce access to the system's communication channels and provide secure delivery of messages. We also provide a proof of correctness of key agreement and freshness using the standard BAN deduction system.
| Original language | English (US) |
|---|---|
| Pages (from-to) | 134-150 |
| Number of pages | 17 |
| Journal | Lecture Notes in Computer Science |
| Volume | 3450 |
| DOIs | |
| State | Published - 2005 |
| Event | Second International Conference on Security in Pervasive Computing, SPC 2005 - Boppard, Germany Duration: Apr 6 2005 → Apr 8 2005 |
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science