Context-aware Access Control Using Semantic Policies

One of the aspects of autonomic computing is self-protecting where systems are required to consistently enforce security policies in order to allow legitimate actions. The information that comes through the feedback loop after being monitored and analayzed tells the systems what is happening in the environments. The analyzed information describes situation and it is called context. The challenge lies in the question of how the autonomic system protects itself through changes of the situation or context, in other words, how access control policies can be properly written and enforced based on the context. Moreover, when the situation or context changes the policies must also reflect this change. A rudimentary approach is to manually write access control policies for all possible instantiations of the context. This is a cumbersome process and difficult to maintain with a large complex system. This paper focuses on access control policies and addresses these issues by representing context in semantic knowledge and extending a standard access control policy language, XACML, to incorporate the semantic knowledge. The work is validated by a proof of concept implementation.