CA-RBAC: Context Aware RBAC Scheme in Ubiquitous Computing Environments

Role based access control (RBAC) assigns access permissions to a role rather than a user. This simplifies access control management by simply assigning appropriate roles to users and by modifying the permissions of the roles. With the advent of ubiquitous computing, many kinds of services, especially personalized services to give convenience to users, have been introduced. Among them, providing proper access permissions to users based on the current context has become an important issue because their status and access privilege should be dynamically changed. Previously, various access control methods utilizing context awareness have been proposed; however, their constraint description methods, used to assign a role to a user, are quite complex and not enough to express detailed context. Also, they do not fully cover the various situations that can be occurred in ubiquitous computing environments. In this paper, we propose an access control scheme, combining RBAC with context awareness, to give proper privilege to users based on their current context in ubiquitous computing environments. Our scheme defines the constraints for assigning a role and modifying the permissions of each role, enabling more detailed descriptions. We also provide various access control algorithms to support diverse situations which occur in ubiquitous computing environments.