Sensor Enhanced Access Control: Extending Traditional Access Control Models with Context-Awareness

Abstract : Access control models generally distinguish between physical access control that mediates access to physical resources such as buildings, sections of buildings or individual rooms, and logical access control that mediates access to logical objects such as information stored in files or databases. All logical access control models make some, more or less implicit, assumptions about the physical access control model, e.g. that servers are locked in a room with restricted access. However, problems arise when a logical object gets a physical representation, e.g. when a file is displayed on a screen or printed, because the logical access control model has no way to ensure, or even to monitor, that the physical access control policies are being enforced.Traditionally, physical access control policies are enforced by compartmentalization. Users are separated from other users and resources by placing them in different physical locations such as different offices in a building. Access from one to the other is impossible without passing a guard or a door lock, i.e., guards or distribution of keys/access-cards effectively enforce the physical access control policy. However, these mechanisms are generally coarse-grained, inflexible and expensive.In this paper, we propose a Sensor Enhanced Access Control (SEAC) model that extends existing logical access control models with context-awareness. This allows the model to incorporate information about the physical environment and to explicitly define and enforce physical access control policies for logical objects that have physical representations. A prototype implementation of the SEAC model has been developed for the Unix platform. The prototype protects file data when displayed on a computer screen by managing the visibility of windows in the X Window System. Context-awareness is provided by a simple motion detection system build using cheap web-cameras. However, the system is designed so that the sensor component easily can be replaced, making it possible to deploy advanced sensor technologies.
Type de document :
Communication dans un congrès
Carmen Fernández-Gago; Fabio Martinelli; Siani Pearson; Isaac Agudo. 7th Trust Management (TM), Jun 2013, Malaga, Spain. Springer, IFIP Advances in Information and Communication Technology, AICT-401, pp.177-192, 2013, Trust Management VII. 〈10.1007/978-3-642-38323-6_13〉
Liste complète des métadonnées

Littérature citée [24 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01468170
Contributeur : Hal Ifip <>
Soumis le : mercredi 15 février 2017 - 11:33:16
Dernière modification le : mercredi 15 février 2017 - 11:41:01
Document(s) archivé(s) le : mardi 16 mai 2017 - 13:25:12

Fichier

978-3-642-38323-6_13_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Christian Jensen, Kristine Geneser, Ida Willemoes-Wissing. Sensor Enhanced Access Control: Extending Traditional Access Control Models with Context-Awareness. Carmen Fernández-Gago; Fabio Martinelli; Siani Pearson; Isaac Agudo. 7th Trust Management (TM), Jun 2013, Malaga, Spain. Springer, IFIP Advances in Information and Communication Technology, AICT-401, pp.177-192, 2013, Trust Management VII. 〈10.1007/978-3-642-38323-6_13〉. 〈hal-01468170〉

Partager

Métriques

Consultations de la notice

74

Téléchargements de fichiers

42