Home // ICONS 2016, The Eleventh International Conference on Systems // View article

Can I Let You In? On Event-Centric Context-Aware Authorization

Authors:
Philip Attfield
Paul Chenard
Marta Piekarska
Julia Narvaez
Mike Hendrick
Simon Curry

Keywords: Mobile Operating Systems, Access Control, Mobile Device Management, Internet of Things.

Abstract:
Current mechanisms for control and protection of computing resources were conceived decades ago. At that time constraints on power management, connectivity and the types of computing assets were far simpler. Today's mobile and distributed information systems are vulnerable to much wider and sophisticated threats. Thus, they require more flexible, extensive and powerful policy-based protection. This paper contributes a framework for policy-based authorization and illustrates its implementation. Details describing the architecture, methodology and tool flow for reliable synthesis of custom policy-based authorization are presented. The hypothesis is that access control applicable to a variety of devices should be event-centric and context-driven. The integrity and security of the authorization systems as well as the end-to-end trust that is guaranteed in the process used to create them are discussed. The applicability of the solution and its ability to mitigate the threats are discussed. A wide range of systems from simple to complex, including the emerging Internet of Things is covered.

Pages: 20 to 25

Copyright: Copyright (c) IARIA, 2016

Publication date: February 21, 2016

Published in: conference

ISSN: 2308-4243

ISBN: 978-1-61208-451-0

Location: Lisbon, Portugal

Dates: from February 21, 2016 to February 25, 2016