Abstract
The mobile workforce is rapidly increasing, and technological advances make it feasible for these workers to have ubiquitous access to a variety of resources with various protection requirements. The dynamic computing environment of these workers mandates a security paradigm in which security is tightly coupled with a user's current situation. We have proposed a security paradigm to achieve this, called Shrink-Wrapped Security, in which security is constantly adapting to a user's current situation, and a comprehensive amount of security-relevant context is used to characterize a user's situation. We present an approach that uses generalized annotated programs (GAPs) to practically incorporate such context into security services, with a focus on access control. This allows us to represent context in a principled manner; consistently make security-related decisions; easily make temporary, ad-hoc changes to a security policy; and give a user feedback when access is denied so that she can make the appropriate adjustments.
Original language | English (US) |
---|---|
Title of host publication | Procedia Computer Science |
Pages | 782-787 |
Number of pages | 6 |
Volume | 5 |
DOIs | |
State | Published - 2011 |
Externally published | Yes |
Event | 2nd International Conference on Ambient Systems, Networks and Technologies, ANT-2011 and 8th International Conference on Mobile Web Information Systems, MobiWIS 2011 - Niagara Falls, ON, Canada Duration: Sep 19 2011 → Sep 21 2011 |
Other
Other | 2nd International Conference on Ambient Systems, Networks and Technologies, ANT-2011 and 8th International Conference on Mobile Web Information Systems, MobiWIS 2011 |
---|---|
Country/Territory | Canada |
City | Niagara Falls, ON |
Period | 9/19/11 → 9/21/11 |
Keywords
- Access control
- Dynamic
- Generalize annotated programs
- Mobile users
- Shrink-wrapped security
ASJC Scopus subject areas
- General Computer Science