Policy-based Access Control in Mobile Social Ecosystems

Abstract : The novel scenarios enabled by emerging mobile social applications raise serious concerns regarding access control of users' contextual and social data. Given the variety of existing and upcoming social applications, it is important to provide (i) generic yet flexible policy models that combine expressivity with personalization, (ii) actual running infrastructures to en- force policy-based access control on heterogenous devices with minimal development/deployment effort, and (iii) user-interfaces to allow the easy specification of policies without dealing with the complexity of the underlying policy and data models. Toward this goal, in this paper we make three contributions. First, we present a novel policy framework for controlling access to social data in mobile applications. The framework allows the representation of expressive policies based on users' social interactions, which can be easily extended with new domain data models, while keeping policy model compatibility intact. Secondly, we demonstrate how we integrated the policy framework as part of Yarta, a middleware for managing mobile users' social ecosystems, implemented and deployed on laptops and smart phones. Third, we show the graphical policy editor provided with the policy framework to allow non-technology savvy users to easily specify and manage their access control policies.
Document type :
Conference papers
Complete list of metadatas

https://hal.inria.fr/inria-00608201
Contributor : Sara Hachem <>
Submitted on : Tuesday, July 12, 2011 - 2:16:00 PM
Last modification on : Friday, May 25, 2018 - 12:02:02 PM

Identifiers

  • HAL Id : inria-00608201, version 1

Collections

Citation

Sara Hachem, Alessandra Toninelli, Animesh Pathak, Valérie Issarny. Policy-based Access Control in Mobile Social Ecosystems. IEEE International Symposium on Policies for Distributed Systems and Networks, Jun 2011, Pisa, Italy. ⟨inria-00608201⟩

Share

Metrics

Record views

236