Evaluating Security Policies in Pervasive Mobile Environments Using Context Information
نویسندگان
چکیده
Due to both the number of entities and the nature of the interactions and collaborations amongst them, conventional security models are inadequate for regulating access to data and services in a pervasive mobile computing environment. Since many of these interactions occur between entities that have not interacted with each other previously, new security paradigms rely on context information in order to arrive at a security and decision. However, these new systems fail to take into account the variability, correlation and uncertainty of the context variables composing a security policy when making a security decision. In this paper, we propose a Monte Carlo based framework to evaluate security policies that are based on the changes in multiple context variables. In this framework, context variables are modeled and risk in security decisions is measured.
منابع مشابه
A semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کاملCAMAC: a context-aware mandatory access control model
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کاملThe dynamic adaptation of security policies in pervasive environments, with contextual information as the catalyst
The concept of exploiting context information to produce dynamically adapting, accurate and timely security policies for pervasive environments and the entities of these environments are discussed briefly in this paper. The challenges relating to the effective establishment and enforcement of security policies in unpredictable pervasive environments are outlines, along with issues faced in the ...
متن کاملA Dynamic Mandatory Access Control Model
Mandatory access control has traditionally been employed as a robust security mechanism in critical environments like military ones. As computing technology becomes more pervasive and mobile services are deployed, applications will need flexible access control mechanisms. Aggregating mandatory models with context-awareness would provide us with essential means to define dynamic policies needed ...
متن کامل