Supporting dynamically changing authorizations in pervasive communication systems

Adam J. Lee, Jodie P. Boyer, Chris Drexelius, Prasad Naldurg, Raquel L. Hill, Roy H. Campbell

Research output: Contribution to journalConference article

Abstract

In pervasive computing environments, changes in context may trigger changes in an individual's access permissions. We contend that existing access control frameworks do not provide the fine-grained revocation needed to enforce these changing authorizations. In this paper, we present an authorization framework, in the context of the Gaia OS for active spaces, which integrates context with authorization and provides fine-grained control over the enforcement of dynamically changing permissions using cryptographic mechanisms. Our design, implemented in middleware, addresses the limitations of traditional authorization frameworks and the specific access control needs of pervasive computing environments. As part of our proposed framework, we define cryptographic protocols that enforce access to the system's communication channels and provide secure delivery of messages. We also provide a proof of correctness of key agreement and freshness using the standard BAN deduction system.

Original languageEnglish (US)
Pages (from-to)134-150
Number of pages17
JournalLecture Notes in Computer Science
Volume3450
StatePublished - Sep 19 2005
EventSecond International Conference on Security in Pervasive Computing, SPC 2005 - Boppard, Germany
Duration: Apr 6 2005Apr 8 2005

Fingerprint

Authorization
Ubiquitous computing
Access control
Communication Systems
Communication systems
Pervasive Computing
Middleware
Access Control
Network protocols
Key Agreement
Proof of correctness
Revocation
Cryptographic Protocols
Communication Channels
Deduction
Trigger
Integrate
Framework
Context

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Lee, A. J., Boyer, J. P., Drexelius, C., Naldurg, P., Hill, R. L., & Campbell, R. H. (2005). Supporting dynamically changing authorizations in pervasive communication systems. Lecture Notes in Computer Science, 3450, 134-150.

Supporting dynamically changing authorizations in pervasive communication systems. / Lee, Adam J.; Boyer, Jodie P.; Drexelius, Chris; Naldurg, Prasad; Hill, Raquel L.; Campbell, Roy H.

In: Lecture Notes in Computer Science, Vol. 3450, 19.09.2005, p. 134-150.

Research output: Contribution to journalConference article

Lee, AJ, Boyer, JP, Drexelius, C, Naldurg, P, Hill, RL & Campbell, RH 2005, 'Supporting dynamically changing authorizations in pervasive communication systems', Lecture Notes in Computer Science, vol. 3450, pp. 134-150.
Lee, Adam J. ; Boyer, Jodie P. ; Drexelius, Chris ; Naldurg, Prasad ; Hill, Raquel L. ; Campbell, Roy H. / Supporting dynamically changing authorizations in pervasive communication systems. In: Lecture Notes in Computer Science. 2005 ; Vol. 3450. pp. 134-150.
@article{6c274875430045d186a22f1f81dbea88,
title = "Supporting dynamically changing authorizations in pervasive communication systems",
abstract = "In pervasive computing environments, changes in context may trigger changes in an individual's access permissions. We contend that existing access control frameworks do not provide the fine-grained revocation needed to enforce these changing authorizations. In this paper, we present an authorization framework, in the context of the Gaia OS for active spaces, which integrates context with authorization and provides fine-grained control over the enforcement of dynamically changing permissions using cryptographic mechanisms. Our design, implemented in middleware, addresses the limitations of traditional authorization frameworks and the specific access control needs of pervasive computing environments. As part of our proposed framework, we define cryptographic protocols that enforce access to the system's communication channels and provide secure delivery of messages. We also provide a proof of correctness of key agreement and freshness using the standard BAN deduction system.",
author = "Lee, {Adam J.} and Boyer, {Jodie P.} and Chris Drexelius and Prasad Naldurg and Hill, {Raquel L.} and Campbell, {Roy H.}",
year = "2005",
month = "9",
day = "19",
language = "English (US)",
volume = "3450",
pages = "134--150",
journal = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
issn = "0302-9743",
publisher = "Springer Verlag",

}

TY - JOUR

T1 - Supporting dynamically changing authorizations in pervasive communication systems

AU - Lee, Adam J.

AU - Boyer, Jodie P.

AU - Drexelius, Chris

AU - Naldurg, Prasad

AU - Hill, Raquel L.

AU - Campbell, Roy H.

PY - 2005/9/19

Y1 - 2005/9/19

N2 - In pervasive computing environments, changes in context may trigger changes in an individual's access permissions. We contend that existing access control frameworks do not provide the fine-grained revocation needed to enforce these changing authorizations. In this paper, we present an authorization framework, in the context of the Gaia OS for active spaces, which integrates context with authorization and provides fine-grained control over the enforcement of dynamically changing permissions using cryptographic mechanisms. Our design, implemented in middleware, addresses the limitations of traditional authorization frameworks and the specific access control needs of pervasive computing environments. As part of our proposed framework, we define cryptographic protocols that enforce access to the system's communication channels and provide secure delivery of messages. We also provide a proof of correctness of key agreement and freshness using the standard BAN deduction system.

AB - In pervasive computing environments, changes in context may trigger changes in an individual's access permissions. We contend that existing access control frameworks do not provide the fine-grained revocation needed to enforce these changing authorizations. In this paper, we present an authorization framework, in the context of the Gaia OS for active spaces, which integrates context with authorization and provides fine-grained control over the enforcement of dynamically changing permissions using cryptographic mechanisms. Our design, implemented in middleware, addresses the limitations of traditional authorization frameworks and the specific access control needs of pervasive computing environments. As part of our proposed framework, we define cryptographic protocols that enforce access to the system's communication channels and provide secure delivery of messages. We also provide a proof of correctness of key agreement and freshness using the standard BAN deduction system.

UR - http://www.scopus.com/inward/record.url?scp=24644446545&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=24644446545&partnerID=8YFLogxK

M3 - Conference article

AN - SCOPUS:24644446545

VL - 3450

SP - 134

EP - 150

JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SN - 0302-9743

ER -