• Home

  • Documents

  • 1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10
9
1 Context-base Access Management in Ubiquitous Environment 윤윤윤 2007-08-10

1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10

Embed Size (px)

Citation preview

Page 1: 1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10

1

Context-base Access Management in Ubiquitous Environment

윤혜진

2007-08-10

Page 2: 1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10

2

Cotnents Access Control Issues in Ubiquitous Environments

UbiCOSM Security FrameworkSecurity ModelAccess Control Middleware

Case Study: Mobile Office Application

Conclusions and Future Work

Page 3: 1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10

3

introduction

Wireless network connectivity and portable devicesanywhere and at anytime access from variousaccess devices

Novel access control challenges:Paradigm shift from subject-centricto context-centric access control

Un-informative identity or not trustworthy Traditional identity-based access control models are inadequate for Ubiquitous Environments Static characterization of context

Page 4: 1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10

4

UbiCOSM Security Framework

UbiCOSM(Ubiquitous Context-based Security Middleware)

Permissions are directly associated with contextsContext=grouping mechanism for applicable permissions

Goal: Immediate Controlled visibility of accessible resources and of other mobile users locally executing

Page 5: 1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10

5

UbiCOSM Context Model

context

Physical Context Logical Context

Resource

<security:context rdf:about=“http://lia.deis.unibo.it/XXX/security#context#> <security:context_Name>Tourist</security:context_Name> <security:context_Type>Logical</security:context_Type> <security:context_Activation_Condition>MonitoringSystem.GetVisitNumber.IsLess(N) </security:context_Activation_Condition></security:context>

<security:resource rdf:about=“http://lia.deis.unibo.it/XXX/security#resource#> <security:resource_Name rdf:resource=“Spiderman Movie”/> <security:resource_Description>ResourceManager.GetInfo(Spiderman Movie) </security:resource_Description></security:resource>

<security:context rdf:about=“http://lia.deis.unibo.it/XXX/security#context#> <security:context_Name>Cinema</security:context_Name> <security:context_Type>Physical</security:context_Type> <security:context_Activation_Condition>GeoCoordinate.IsEqual(Area.GetInfo) </security:context_Activation_Condition></security:context>

Page 6: 1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10

6

Metadata

Profiles Access Control Policies

System Control Policies Security Waves

a <?xml version=“1.0”?><Description about=“User Profiles”> <Description about=“User Properties”> ….. </Description> <Description about=“User Desired View”> <objects> <object1>nearby cinemas</object1> <object2>Spiderman movie</object2> <objects> <actions> <action1 on=“object1”>find vacant seats</action1> </actions> <active_context> <time>always</time> <my position>anywhere</my position> <position on=“object1”>within 3 km</position> </active_context> </Description></Desription>

b

UbiCOSM Security Model

Page 7: 1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10

7

<security:permission rdf:about=“http://lia.deis.unibo.it/XXX/security#permission”> <security:Name>p1</security:Name> <security:Target rdf:resource=“Horror Movie”/> <security:Action>see</security:Action> <security:Kind>pos</security:Kind></security:permission>

a

bAdult P1 <Simple(Adult,P1)

Waiting RoomP2

Cinema Hall

P3

P4

Tourist

<Or(Waiting Room, Cinema, Hall), P2>

<And(Tourist, Waiting Room), P3>

<Dependence(Tourist, Tour Guide), P4>

Waiting Room

Tourist

Tour Guide

Access Control Policy

Specific context conditions specific permissions

<association_Name(cotnext_collection), permissions>

Page 8: 1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10

8

UbiCOSM architecture

Page 9: 1 Context-base Access Management in Ubiquitous Environment 윤혜진 2007-08-10

9

And(hasSeat(N), desireMovie(movieName)

Simple(isNotFull)

And(FarFromCinema, InQueue)

And(friend, relative)

<security:permission rdf:about=“http://lia.deis.unibo.it/XXX/security#permission”> <security:Name>p2</security:Name> <security:Target rdf:resource=“CMAService”/> <security:Action>find_a_cinema</security:Action> <security:Kind>pos</security:Kind></security:permission>

<security:permission rdf:about=“http://lia.deis.unibo.it/XXX/security#permission”> <security:Name>p3</security:Name> <security:Target rdf:resource=“OpinionManager”/> <security:Action>insert_an_opinion(myOpinion)</security:Action> <security:Kind>pos</security:Kind></security:permission>

<security:permission rdf:about=“http://lia.deis.unibo.it/XXX/security#permission”> <security:Name>p4</security:Name> <security:Target rdf:resource=“Ticket Booking Service”/> <security:Action>book_Ticket(N)</security:Action> <security:Kind>neg</security:Kind></security:permission>

<security:permission rdf:about=“http://lia.deis.unibo.it/XXX/security#permission”> <security:Name>p1</security:Name> <security:Target rdf:resource=“OpinionManager”/> <security:Action>retrieve_opinion</security:Action> <security:Kind>pos</security:Kind></security:permission>

a

b

c

d


UBIQUITOUS COMPUTING SYSTEMY I APLIKACJE BEZ GRANICfcds.cs.put.poznan.pl/MyWeb/Praca/Ubiquitous/UBIN180317hfi.pdf · Politechnika Poznańska, Instytut Informatyki, Informatyka - 6

UBIQUITOUS COMPUTING SYSTEMY I APLIKACJE BEZ GRANICfcds.cs.put.poznan.pl/MyWeb/Praca/Ubiquitous/UBIN180317hfi.pdf · Politechnika Poznańska, Instytut Informatyki, Informatyka - 6

Documents
The Foundations of Ubiquitous Computing

The Foundations of Ubiquitous Computing

Documents
Employee Readiness, Training Design and Work Environment ...hrmars.com/hrmars_papers/Employee_Readiness... · during any HRD intervention into the job context. Proper investment in

Employee Readiness, Training Design and Work Environment ...hrmars.com/hrmars_papers/Employee_Readiness... · during any HRD intervention into the job context. Proper investment in

Documents
Context-awareness Ubiquitous Learning Service Maiga Chang maiga@ms2.hinet.net School of Computing and Information Systems Athabasca

Context-awareness Ubiquitous Learning Service Maiga Chang [email protected] School of Computing and Information Systems Athabasca

Documents
Ubiquitous Computing - uni-hamburg.de

Ubiquitous Computing - uni-hamburg.de

Documents
ユビキタスネットワーク環境の 現状と将来動向 - Cabinet Office...6 研究グループの動向 • Computing Environment – Ubiquitous Computing (M. Weiser) –

ユビキタスネットワーク環境の 現状と将来動向 - Cabinet Office...6 研究グループの動向 • Computing Environment – Ubiquitous Computing (M. Weiser) –

Documents
PANCIT:THE UBIQUITOUS NOODLE

PANCIT:THE UBIQUITOUS NOODLE

Documents
Ipqos Ubiquitous

Ipqos Ubiquitous

Documents
Building of Ubiquitous Computing Spatial Environment of Local u …mcms.daegu.ac.kr/user/chodh/user_source/10(1)uenv(조).pdf · 2020. 5. 13. · environment in information technology,

Building of Ubiquitous Computing Spatial Environment of Local u …mcms.daegu.ac.kr/user/chodh/user_source/10(1)uenv(조).pdf · 2020. 5. 13. · environment in information technology,

Documents
 · Device SQL . 10T / M2M Ubiquitous DeviceSQL EnOcean, BLE etc. Ubiquitous LTE/3G dalchymia Ubiquitous DB DeviceSQL 7-5 539 539 ñ)lñk —5&53 bCPU DeviceSQL

 · Device SQL . 10T / M2M Ubiquitous DeviceSQL EnOcean, BLE etc. Ubiquitous LTE/3G dalchymia Ubiquitous DB DeviceSQL 7-5 539 539 ñ)lñk —5&53 bCPU DeviceSQL

Documents
Service Based Task Migration in Ubiquitous Environment Jari Porras 5th Workshop on Applications of Wireless Communications Lappeenranta, August 15th, 2007

Service Based Task Migration in Ubiquitous Environment Jari Porras 5th Workshop on Applications of Wireless Communications Lappeenranta, August 15th, 2007

Documents
Dual Priority Scheduling Based on Power Adjustment Context Switching for Ubiquitous Sensor Network

Dual Priority Scheduling Based on Power Adjustment Context Switching for Ubiquitous Sensor Network

Documents
Ubiquitous Environment

Ubiquitous Environment

Documents
Ubiquitous CRM NJIT

Ubiquitous CRM NJIT

Documents
Heavy Metals in Blubber and Skin of Mediterranean Monk ... · ubiquitous in the environment and occur naturally in rock-forming and ore minerals (Freedman, 1995). Consequently, there

Heavy Metals in Blubber and Skin of Mediterranean Monk ... · ubiquitous in the environment and occur naturally in rock-forming and ore minerals (Freedman, 1995). Consequently, there

Documents
Intelligent Database Systems Lab N.Y.U.S.T. I. M. Using annotation services in a ubiquitous Jigsaw cooperative learning environment Presenter : Su, Wun-Huei

Intelligent Database Systems Lab N.Y.U.S.T. I. M. Using annotation services in a ubiquitous Jigsaw cooperative learning environment Presenter : Su, Wun-Huei

Documents
Ubiquitous computing

Ubiquitous computing

Technology
Vorlesung: Algorithms for context prediction in ubiquitous ... · 1 Introduction History has shown that forecasting the future has become a science and perhaps even an art. (P. Duin

Vorlesung: Algorithms for context prediction in ubiquitous ... · 1 Introduction History has shown that forecasting the future has become a science and perhaps even an art. (P. Duin

Documents
EBOOK Ubiquitous Learning

EBOOK Ubiquitous Learning

Documents
Outdoor Natural Science Learning with an RFID-Supported ... · Outdoor Natural Science Learning with an RFID-Supported Immersive Ubiquitous Learning Environment Educational Technology

Outdoor Natural Science Learning with an RFID-Supported ... · Outdoor Natural Science Learning with an RFID-Supported Immersive Ubiquitous Learning Environment Educational Technology

Documents
Note du Secrétariat exécutif du SMSI - ITU · adpe@hexabyte.tn 1993 The ADPE is basically environment conservation oriented. The association seeks to contribute to ubiquitous development

Note du Secrétariat exécutif du SMSI - ITU · [email protected] 1993 The ADPE is basically environment conservation oriented. The association seeks to contribute to ubiquitous development

Documents
การพัฒนาสถานศึกษาให้เป็น UBIQUITOUS EDUCATION AREA

การพัฒนาสถานศึกษาให้เป็น UBIQUITOUS EDUCATION AREA

Education
Digital Media For Ubiquitous Learning

Digital Media For Ubiquitous Learning

Education
Ubiquitous Computing: Wie “intelligente Dinge” die As ... · M-Lab – The Mobile and Ubiquitous Computing Lab 2 Worten: Sie sind Anwendungen des so genannten Ubiquitous Computing,

Ubiquitous Computing: Wie “intelligente Dinge” die As ... · M-Lab – The Mobile and Ubiquitous Computing Lab 2 Worten: Sie sind Anwendungen des so genannten Ubiquitous Computing,

Documents
Context -aware ness Ubiquitous Learning Service

Context -aware ness Ubiquitous Learning Service

Documents
Ubiquitous approfondimento

Ubiquitous approfondimento

Technology
Context-Aware Support for Computer-Supported Ubiquitous Learning

Context-Aware Support for Computer-Supported Ubiquitous Learning

Documents
OmniSuggest: A Ubiquitous Cloud-Based Context-Aware Recommendation System for Mobile Social Networks

OmniSuggest: A Ubiquitous Cloud-Based Context-Aware Recommendation System for Mobile Social Networks

Technology
A Study on Low-Power Circuit Design for Silicon …kawapy/publications/...A Study on Low-Power Circuit Design for Silicon VLSI’s and Organic IC’s in Ubiquitous Electronics Environment

A Study on Low-Power Circuit Design for Silicon …kawapy/publications/...A Study on Low-Power Circuit Design for Silicon VLSI’s and Organic IC’s in Ubiquitous Electronics Environment

Documents
A Hybrid Peer-to-Peer Solution for Context Distribu- tion ...george/files/ISD08b.pdf · 31 A Hybrid Peer-to-Peer Solution for Context Distribu-tion in Mobile and Ubiquitous Environments

A Hybrid Peer-to-Peer Solution for Context Distribu- tion ...george/files/ISD08b.pdf · 31 A Hybrid Peer-to-Peer Solution for Context Distribu-tion in Mobile and Ubiquitous Environments

Documents