An Ontology-Based Approach to Dynamic Contextual Role for Pervasive Access Control

In role-based access control, roles are mostly organized in static hierarchies and users are authorized to play such roles in order to exercise the organizational functions. However, some of these roles cannot be organized in the same way in static hierarchies as the authorizations granted to such roles are strictly related to the dynamically changing contextual conditions (e.g., health profile information). Users need to satisfy these conditions in order to exercise the functions of such dynamic contextual roles. While several research works have been done in dynamic activation of static roles, no extensive research has been undertaken in the area of dynamic specification of contextual roles. This article makes a significant research contribution to the dynamic contextual role modeling and activation. We introduce both formal and ontology-based approaches in order to model the dynamic contextual roles and specify the context-aware access control policies by activating such dynamic roles at runtime. These contextual roles are equally important because of the demands of large-scale (pervasive) environments to control context-sensitive access to resources at different granularity levels with low processing overheads. We develop a software prototype to demonstrate the feasibility of our proposal and provide a walkthrough of the whole mechanism. Experimental results demonstrate the satisfactory performance of our proposed approach compared to our previous approach.