{"title":"移动和泛在环境中的访问控制","authors":"L. Gomez, Annett Laube, A. Sorniotti","doi":"10.4018/978-1-60566-290-9.CH012","DOIUrl":null,"url":null,"abstract":"Access control is the process of granting permissions in accordance to an authorization policy. Mobile and ubiquitous environments challenge classical access control solutions like Role-Based Access Control. The use of context-information during policy definition and access control enforcement offers more adaptability and flexibility needed for these environments. When it comes to low-power devices, such as wireless sensor networks, access control enforcement is normally too heavy for such resource-constrained devices. Lightweight cryptography allows encrypting the data right from its production and the access is therefore intrinsically restricted. In addition, all access control mechanisms require an authenticated user. Traditionally, user authentication is performed by means of a combination of authentication factors, statically specified in the access control policy of the authorization service. Within ubiquitous and mobile environment, there is a clear need for a flexible user authentication using the available authentication factors. In this chapter, different new techniques to ensure access control are discussed and compared to the state-of-the-art.","PeriodicalId":387773,"journal":{"name":"Context-Aware Mobile and Ubiquitous Computing for Enhanced Usability","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Access Control in Mobile and Ubiquitous Environments\",\"authors\":\"L. Gomez, Annett Laube, A. Sorniotti\",\"doi\":\"10.4018/978-1-60566-290-9.CH012\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Access control is the process of granting permissions in accordance to an authorization policy. Mobile and ubiquitous environments challenge classical access control solutions like Role-Based Access Control. The use of context-information during policy definition and access control enforcement offers more adaptability and flexibility needed for these environments. When it comes to low-power devices, such as wireless sensor networks, access control enforcement is normally too heavy for such resource-constrained devices. Lightweight cryptography allows encrypting the data right from its production and the access is therefore intrinsically restricted. In addition, all access control mechanisms require an authenticated user. Traditionally, user authentication is performed by means of a combination of authentication factors, statically specified in the access control policy of the authorization service. Within ubiquitous and mobile environment, there is a clear need for a flexible user authentication using the available authentication factors. In this chapter, different new techniques to ensure access control are discussed and compared to the state-of-the-art.\",\"PeriodicalId\":387773,\"journal\":{\"name\":\"Context-Aware Mobile and Ubiquitous Computing for Enhanced Usability\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Context-Aware Mobile and Ubiquitous Computing for Enhanced Usability\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/978-1-60566-290-9.CH012\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Context-Aware Mobile and Ubiquitous Computing for Enhanced Usability","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/978-1-60566-290-9.CH012","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Access Control in Mobile and Ubiquitous Environments
Access control is the process of granting permissions in accordance to an authorization policy. Mobile and ubiquitous environments challenge classical access control solutions like Role-Based Access Control. The use of context-information during policy definition and access control enforcement offers more adaptability and flexibility needed for these environments. When it comes to low-power devices, such as wireless sensor networks, access control enforcement is normally too heavy for such resource-constrained devices. Lightweight cryptography allows encrypting the data right from its production and the access is therefore intrinsically restricted. In addition, all access control mechanisms require an authenticated user. Traditionally, user authentication is performed by means of a combination of authentication factors, statically specified in the access control policy of the authorization service. Within ubiquitous and mobile environment, there is a clear need for a flexible user authentication using the available authentication factors. In this chapter, different new techniques to ensure access control are discussed and compared to the state-of-the-art.