Enhancing Privacy-Preserving Access Control for Pervasive Computing Environments
نویسندگان
چکیده
The exchange of user-related sensitive data within a Pervasive Computing Environment (PCE) raises security and privacy concerns. On one hand, service providers require user authentication and authorization prior to the provision of a service, while at the same time users require anonymity, i.e., untraceability and unlinkability for their transactions. In this paper we discuss privacy and security requirements for access control in PCEs and show why a recently proposed efficient scheme [1] fails to satisfy these requirements. Furthermore, we discuss a generic approach for achieving a desired level of privacy against malicious insiders, while balancing with competing demands for access control and accountability.
منابع مشابه
A context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کاملA semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کاملSCN-SI-021 achieving privacy and access control in pervasive computing environments
This paper focuses on the inherent trade-off between privacy and access control in Pervasive Computing Environments (PCEs). On one hand, service providers require user authentication and authorization for the provision of a service, while at the same time end users require untraceability and unlinkability for their transactions. There are also cases where the anonymity of a specific credential ...
متن کاملPrivacy Preserving Dynamic Access Control Model with Access Delegation for eHealth
eHealth is the concept of using the stored digital data to achieve clinical, educational, and administrative goals and meet the needs of patients, experts, and medical care providers. Expansion of the utilization of information technology and in particular, the Internet of Things (IoT) in eHealth, raises various challenges, where the most important one is security and access control. In this re...
متن کاملA centralized privacy-preserving framework for online social networks
There are some critical privacy concerns in the current online social networks (OSNs). Users' information is disclosed to different entities that they were not supposed to access. Furthermore, the notion of friendship is inadequate in OSNs since the degree of social relationships between users dynamically changes over the time. Additionally, users may define similar privacy settings for their f...
متن کامل