{"title":"面向泛在环境的上下文风险感知访问控制模型","authors":"A. Ahmed, Ning Zhang","doi":"10.1109/IMCSIT.2008.4747331","DOIUrl":null,"url":null,"abstract":"This paper reports our ongoing work to design a context-risk-aware access control (CRAAC) model for ubiquitous computing (UbiComp) environments. CRAAC is designed to augment flexibility and generality over the current solutions. Risk assessment and authorization level of assurance play a key role in CRAAC. Through risk assessment, resources are classified into groups according to their sensitivity levels and potential impacts should any unauthorized access occurs. The identified risks are mapped onto their required assurance levels, called object level of assurance (OLoA). Upon receiving an object access request, the requesterpsilas run-time contextual information is assessed to establish a requesterpsilas level of assurance (RLoA) denoting the level of confidence in identifying that requester. The access request is granted if RLoA ges OLoA. This paper describes the motivation for, and the design of, the CRAAC model, and reports a case study of further illustrate the model.","PeriodicalId":267715,"journal":{"name":"2008 International Multiconference on Computer Science and Information Technology","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"A Context-Risk-Aware Access Control model for Ubiquitous environments\",\"authors\":\"A. Ahmed, Ning Zhang\",\"doi\":\"10.1109/IMCSIT.2008.4747331\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper reports our ongoing work to design a context-risk-aware access control (CRAAC) model for ubiquitous computing (UbiComp) environments. CRAAC is designed to augment flexibility and generality over the current solutions. Risk assessment and authorization level of assurance play a key role in CRAAC. Through risk assessment, resources are classified into groups according to their sensitivity levels and potential impacts should any unauthorized access occurs. The identified risks are mapped onto their required assurance levels, called object level of assurance (OLoA). Upon receiving an object access request, the requesterpsilas run-time contextual information is assessed to establish a requesterpsilas level of assurance (RLoA) denoting the level of confidence in identifying that requester. The access request is granted if RLoA ges OLoA. This paper describes the motivation for, and the design of, the CRAAC model, and reports a case study of further illustrate the model.\",\"PeriodicalId\":267715,\"journal\":{\"name\":\"2008 International Multiconference on Computer Science and Information Technology\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 International Multiconference on Computer Science and Information Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IMCSIT.2008.4747331\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Multiconference on Computer Science and Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IMCSIT.2008.4747331","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Context-Risk-Aware Access Control model for Ubiquitous environments
This paper reports our ongoing work to design a context-risk-aware access control (CRAAC) model for ubiquitous computing (UbiComp) environments. CRAAC is designed to augment flexibility and generality over the current solutions. Risk assessment and authorization level of assurance play a key role in CRAAC. Through risk assessment, resources are classified into groups according to their sensitivity levels and potential impacts should any unauthorized access occurs. The identified risks are mapped onto their required assurance levels, called object level of assurance (OLoA). Upon receiving an object access request, the requesterpsilas run-time contextual information is assessed to establish a requesterpsilas level of assurance (RLoA) denoting the level of confidence in identifying that requester. The access request is granted if RLoA ges OLoA. This paper describes the motivation for, and the design of, the CRAAC model, and reports a case study of further illustrate the model.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
