Sticky policies for mobile devices

Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies Pub Date : 2013-06-12 DOI:10.1145/2462410.2462429

Francesco Di Cerbo, S. Trabelsi, Thomas Steingruber, Gabriella Dodero, M. Bezzi

{"title":"Sticky policies for mobile devices","authors":"Francesco Di Cerbo, S. Trabelsi, Thomas Steingruber, Gabriella Dodero, M. Bezzi","doi":"10.1145/2462410.2462429","DOIUrl":null,"url":null,"abstract":"Mobile devices consume significant amounts of information, from different sources. Thus they often deal also with sensitive or confidential data, in places or situations that could be not appropriate, or not compliant with a corporate policy: context-aware access/usage control solutions can counter such situations. We propose a prototype, called ProtectMe, that exploits \"Sticky Policies\" (SP) that are attached to resources and prescribe usage conditions.\n Since mobile devices cannot foresee usage conditions of collected data, ProtectMe integrates SPs within any information consumable by mobile devices, and dynamically enforces their usage constraints. It assists users in attaching access and usage control conditions stated by resource-specific SPs, and it enforces them by making use of contextual information collected by mobile devices.\n The aim of the prototype is to show the feasibility of the SP approach, merging security functionalities within a concept for expressing SPs in a user-friendly manner.","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"38 1","pages":"257-260"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2462410.2462429","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 15

Abstract

Mobile devices consume significant amounts of information, from different sources. Thus they often deal also with sensitive or confidential data, in places or situations that could be not appropriate, or not compliant with a corporate policy: context-aware access/usage control solutions can counter such situations. We propose a prototype, called ProtectMe, that exploits "Sticky Policies" (SP) that are attached to resources and prescribe usage conditions. Since mobile devices cannot foresee usage conditions of collected data, ProtectMe integrates SPs within any information consumable by mobile devices, and dynamically enforces their usage constraints. It assists users in attaching access and usage control conditions stated by resource-specific SPs, and it enforces them by making use of contextual information collected by mobile devices. The aim of the prototype is to show the feasibility of the SP approach, merging security functionalities within a concept for expressing SPs in a user-friendly manner.

查看原文本刊更多论文

移动设备粘接策略

移动设备消耗来自不同来源的大量信息。因此，它们还经常在可能不合适或不符合公司策略的位置或情况下处理敏感或机密数据:上下文感知访问/使用控制解决方案可以应对此类情况。我们提出了一个名为ProtectMe的原型，它利用了附加到资源并规定使用条件的“粘性策略”(SP)。由于移动设备无法预见所收集数据的使用情况，ProtectMe将sp集成到移动设备可消费的任何信息中，并动态地执行其使用约束。它帮助用户附加由资源特定的sp规定的访问和使用控制条件，并通过使用移动设备收集的上下文信息来执行这些条件。原型的目的是展示SP方法的可行性，在以用户友好的方式表示SP的概念中合并安全功能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies

自引率

0.00%

发文量