By Topic

Context-Dependent Access Control for Contextual Information

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Christin Groba ; Technische Universitat Dresden, Germany ; Stephan Grob ; Thomas Springer

Following Mark Weiser's vision of ubiquitous computing and calm technology, computer systems should run in the background, preferably without the user noticing it at all. The gathering and disclosure of contextual information on the one hand enables the improvement of system behaviour towards a more autonomous and adaptive behaviour but on the other hand raises privacy issues by disclosing personal data. Thus, a major challenge in ubiquitous computing environments is achieving a good balance between convenience and control over personal data. In this paper we describe an access control mechanism for context data that enables the user to control his personal data in a convenient and non-intrusive way. The approach is based on existing role-based access control mechanisms but extends them as follows. Firstly, our approach is owner-centric, i.e. it is under control of each user, to whom his context is propagated throughout the system. Secondly, our approach does not only control the access to context data but also utilizes context information to simplify the management of these control mechanisms to make the handling of access control more convenient to the user. And thirdly, it introduces individual roles for each user and thus replaces the centrally defined role model of common role-based access control by distinct models for each user. We have validated our approach based on an extended instant messaging system called Adaptive Multimedia Messenger, providing varying buddy information dependent on the access permission of the requesting user

Published in:

Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on

Date of Conference:

10-13 April 2007