Abstract. Context-aware systems acquire and integrate multi-faceted knowledge about their environments in order to make decisions. A number of attempts to build frameworks for context-aware systems have been made, but these have not provided adequate support for context-aware access control. In this paper, we present a framework for context-aware access control and its prototype implementation. The framework includes a context model for classifying and capturing access control-oriented contextual information, a situation model for identifying and defining contextual conditions of concern, and a policy model for specifying context-aware access control policies.Keywords: Context-aware access control, context modeling, context reasoning, situation modeling, access control policy
IntroductionComputer systems have shifted from fixed desktop environments to pervasive computing environments in which, as Weiser [1] describes, resources or services should be available for the life of everyday users in an 'anywhere, anytime' fashion even when they are on the move. A key challenge in such pervasive environments is the control over access to these resources or services. Unlike traditional access control, access control decisions in pervasive environments need to take into account the relevant contextual information such as time and location that reflect the dynamically changing conditions of the environments [2].Access control is a mechanism to determine whether a request to access resources in a system should be permitted or denied. The traditional access control models (e.g., [3]) do not provide adequate functionality to adapt to and incorporate dynamically changing contexts. More recently, a number of research efforts (e.g., [4][5][6]) have attempted to design access control models that consider context information, focusing on time and location. In general, there are also other types of environmental factors or context information that need to be considered. When considering whether or not a doctor can access a patient's medical records, for example, the purpose of the request, the health condition of the patient and the relationship between the doctor and the patient (treating physician or not) are all possible additional factors that need to be considered beyond the time and location of the particular request.