Skip to Main content Skip to Navigation
Conference papers

Sensor Enhanced Access Control: Extending Traditional Access Control Models with Context-Awareness

Abstract : Access control models generally distinguish between physical access control that mediates access to physical resources such as buildings, sections of buildings or individual rooms, and logical access control that mediates access to logical objects such as information stored in files or databases. All logical access control models make some, more or less implicit, assumptions about the physical access control model, e.g. that servers are locked in a room with restricted access. However, problems arise when a logical object gets a physical representation, e.g. when a file is displayed on a screen or printed, because the logical access control model has no way to ensure, or even to monitor, that the physical access control policies are being enforced.Traditionally, physical access control policies are enforced by compartmentalization. Users are separated from other users and resources by placing them in different physical locations such as different offices in a building. Access from one to the other is impossible without passing a guard or a door lock, i.e., guards or distribution of keys/access-cards effectively enforce the physical access control policy. However, these mechanisms are generally coarse-grained, inflexible and expensive.In this paper, we propose a Sensor Enhanced Access Control (SEAC) model that extends existing logical access control models with context-awareness. This allows the model to incorporate information about the physical environment and to explicitly define and enforce physical access control policies for logical objects that have physical representations. A prototype implementation of the SEAC model has been developed for the Unix platform. The prototype protects file data when displayed on a computer screen by managing the visibility of windows in the X Window System. Context-awareness is provided by a simple motion detection system build using cheap web-cameras. However, the system is designed so that the sensor component easily can be replaced, making it possible to deploy advanced sensor technologies.
Document type :
Conference papers
Complete list of metadata

Cited literature [24 references]  Display  Hide  Download

https://hal.inria.fr/hal-01468170
Contributor : Hal Ifip <>
Submitted on : Wednesday, February 15, 2017 - 11:33:16 AM
Last modification on : Wednesday, February 15, 2017 - 11:41:01 AM
Long-term archiving on: : Tuesday, May 16, 2017 - 1:25:12 PM

File

978-3-642-38323-6_13_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Christian Jensen, Kristine Geneser, Ida Willemoes-Wissing. Sensor Enhanced Access Control: Extending Traditional Access Control Models with Context-Awareness. 7th Trust Management (TM), Jun 2013, Malaga, Spain. pp.177-192, ⟨10.1007/978-3-642-38323-6_13⟩. ⟨hal-01468170⟩

Share

Metrics

Record views

149

Files downloads

258