• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.37-52
• /
• 2005

Traditional access control models like role-based access control model are insufficient in security needs in ubiquitous computing environment because they take no thought of access control based on user's context or environment condition. In these days, although researches on context-aware access control using user's context or environment conditions based on role-based access control are emerged, they are on the primary stage. We present context definitions md an access control model to provide more flexible and dynamic context-aware access control based on role-based access control. Specially, we describe the conflict problems occurred in the middle of making an access decision. After classifying the conflict problems, we show some resolutions to solve them. In conclusion, we will lay the foundations of the development of security policy and model assuring right user of right object(or resource) and application service through pre-defined context and context classification in ubiquitous computing environments. Beyond the simplicity of access to objects by authorized users, we assure that user can access to the object, resource, or service anywhere and anytime according to right context.

• The KIPS Transactions:PartA
• /
• v.15A no.1
• /
• pp.35-44
• /
• 2008

It is important to manage access control for secure ubiquitous applications. In this paper, we present an access-control system for executing policy file which includes access control rules. We implemented Context-aware Access Control Manager(CACM) based on Java Context-Awareness Framework(JCAF) which provides infrastructure and API for creating context-aware applications. CACM controls accesses to method call based on the access control rules in the policy file. We also implemented a support tool to help programmers modify incorrect access control rules using static analysis information, and a simulator for simulating ubiquitous applications. We describe simulation results for several ubiquitous applications.

• KSCI Review
• /
• v.14 no.1
• /
• pp.175-184
• /
• 2006

In this paper, we study to two research direction about information security in ubiquitous computing environment. First, researches on context-aware access control using user's context or environment conditions based on role-based control. Second, researches on model for access control about context information in ubiquitous computing utilizing role base access control model. Two research directions are the one of the most important point technology in that embody ubiquitous environment in the actual world.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.4
• /
• pp.205-211
• /
• 2008

Conventional context-aware service models permit the access of resources only by user authentication, but the ubiquitous environments where the context information around users is changing frequently require the resource access control according to the rapid changes. This paper proposes a scheme to control access permission of resource dynamically as context information of user changes. Our access control model is based on traditional CASA (Context-Aware Security Architecture), but can restrict the access of the user already has been authorized. With the real-time checking of context information, our scheme gives different access controls according to changes in environmental information, and provides more secure services than conventional context-aware models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.71-81
• /
• 2008

In the paper, we designed a context aware task-role based access control system(CAT-RACS) which can control access and prevent illegal access efficiently for various information systems in ubiquitous computing environment. CAT-RACS applied CA-TRBAC, which adds context-role concept for achieve policy composition by context information and security level attribute to be kept confidentiality of information. CA-TRBAC doesn't permit access when context isn't coincident with access control conditions, or role and task's security level aren't accord with object's security level or their level is a lower level, even if user's role and task are coincident with access control conditions. It provides security services of user authentication and access control, etc. by a context-aware security manager, and provides context-aware security services and manages context information needed in security policy configuration by a context information fusion manager. Also, it manages CA-TRBAC policy, user authentication policy, and security domain management policy by a security policy manager.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.493-506
• /
• 2008

In this paper we suggest dynamic access control model based on context satisfied with requirement of u-healthcare environment through researching the role based access control model. For the dynamic security domain management, we used a distributed object group framework and context information for dynamic access control used the constructed database. We defined decision rule by knowledge reduction in decision making table, and applied this rule in our model as a rough set theory. We showed the executed results of context based dynamic security service through u-healthcare application which is based on distributed object group framework. As a result, our dynamic access control model provides an appropriate security service according to security domain, more flexible access control in u-healthcare environment.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.8 no.5
• /
• pp.211-219
• /
• 2008

This paper is proposed context-aware based access control, model by extending original access control model. In this paper, we survey the recent researches about security model based context-aware such as xoRBAC and CAAC. For exactly policy evaluation, we make an addition Context Broker and Finder in existing CAAC security model. By this security model, Context information and context decision information is able to be collected easily for more correct policy decision. This paper controlled access of possible every resources that is able to access by user's event and constraint from primitive access resources. In this paper proposed security model can be offer dynamically various security level and access authority method alone with specified policy and constraint adjustment at user's role.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.5
• /
• pp.233-242
• /
• 2009

The security of medical information need continued research about steady and flexible security model because of privacy of patient's as well as directly relation in the patient's life. In particular, u-healthcare environment is need flexible and detailed access control by variety changes of context. Control model analyzed relation of resource and authority, and analyzed authority about all accessible resource from access point using K2BASE. The context-based access control model can change flexibly authority change and role, and can obtain resource of authority granted and meaningly connected resource. As a result, this thesis can apply flexible and adaptive access control model at u-healthcare domain which context change various.

• Journal of Information Processing Systems
• /
• v.2 no.1
• /
• pp.28-33
• /
• 2006

The initial research of Task Computing in the ubiquitous computing (UbiComp) environment revealed the need for access control of services. Context-awareness of service requests in ubiquitous computing necessitates a well-designed model to enable effective and adaptive invocation. However, nowadays little work is being undertaken on service access control under the UbiComp environment, which makes the exposed service suffer from the problem of ill-use. One of the research focuses is how to handle the access to the resources over the network. Policy-Based Access Control is an access control method. It adopts a security policy to evaluate requests for resources but has a light-weight combination of the resources. Motivated by the problem above, we propose a universal model and an algorithm to enhance service access control in UbiComp. We detail the architecture of the model and present the access control implementation.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.9
• /
• pp.409-418
• /
• 2015

In order to delivery of the correct information in IoT environment, it is important to deduce collected information according to a user's situation and to create a new information. In this paper, we propose a control access scheme of information through context-aware to protect sensitive information in IoT environment. It focuses on the access rights management to grant access in consideration of the user's situation, and constrains(access control policy) the access of the data stored in network of unauthorized users. To this end, after analysis of the existing research 'CP-ABE-based on context information access control scheme', then include dynamic conditions in the range of status information, finally we propose a access control policy reflecting the extended multi-dimensional context attribute. Proposed in this paper, access control policy considering the dynamic conditions is designed to suit for IoT sensor fusion environment. Therefore, comparing the existing studies, there are advantages it make a possible to ensure the variety and accuracy of data, and to extend the existing context properties.