What's on Users' Minds? Toward a Usable Smart Phone Security Model

Toninelli, Alessandra; Montanari, Rebecca; Lassila, O.; Khushraj, Deepali

doi:10.1109/mprv.2009.39

Cited by 19 publications

(19 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The possibility of managing the security policies by the users has become steadily more important in the design of security solutions that aim to align the usability to the capacity of maintaining acceptable levels of integrity, reliability and availability in mobile applications (Toninelli et al, 2009). However, security and usability have been rarely integrated in a satisfactory way in the design and in the development of mobile systems (Hong et al, 2007).…”

Section: Analysis Of the Approachesmentioning

confidence: 99%

CARS-AD Project: Context-Aware Recommender System for Authentication Decision in Pervasive and Mobile Environments

Lima¹,

Rocha²,

Augustin³

et al. 2012

Advances and Applications in Mobile Computing

View full text Add to dashboard Cite

Section: Analysis Of the Approachesmentioning

confidence: 99%

CARS-AD Project: Context-Aware Recommender System for Authentication Decision in Pervasive and Mobile Environments

Lima¹,

Rocha²,

Augustin³

et al. 2012

Advances and Applications in Mobile Computing

View full text Add to dashboard Cite

“…Policies are completely decoupled from both the application logic and the KB management, to allow fine-grained and customizable security behavior. Policies allow read/add/remove actions on triples or graphs (i.e., sets of triples) and are modeled based on the socially aware policy model presented in [19]. As a key feature, they define access rules to data based on social information.…”

Section: Controlling Access To Mse Knowledgementioning

confidence: 99%

“…Policies are currently represented as a combination of SPARQL queries and RDF statements. For the sake of conciseness we do not describe the policy model in detail, but refer the reader to [19].…”

Section: Controlling Access To Mse Knowledgementioning

confidence: 99%

Yarta: A Middleware for Managing Mobile Social Ecosystems

Toninelli

Pathak

Issarny

2011

Advances in Grid and Pervasive Computing

Self Cite

View full text Add to dashboard Cite

Abstract. With the increased prevalence of advanced mobile devices (the so-called "smart" phones), interest has grown in mobile social ecosystems, where users not only access traditional Web-based social networks using their mobile devices, but are also able to use the context information provided by these devices to further enrich their interactions. In complex mobile social ecosystems of the future the heterogeneity of software platforms on constituent nodes, combined with their intrinsic distributed nature and heterogeneity of representation of data and context raises the need for middleware support for the development of mobile social applications. In this paper, we propose Yarta, a novel middleware designed for mobile social ecosystems (MSE), which takes into account the heterogeneity of both deployment nodes and available data, the intrinsic decentralized nature of mobile social applications, as well as users' privacy concerns. To validate our approach, we show how we developed two mobile social applications over Yarta, and report on both its efficiency and ease-of use by way of extensive evaluation on smart phones and laptops.

show abstract

“…We use the representational model presented in [10] to specify policies. In particular, a policy is represented as a set of attributes with predetermined values, either constant or variable with constraints over the range of values.…”

Section: A Policy Representation Detailsmentioning

confidence: 99%

“…First, we have designed a novel policy framework for controlling access to social data in mobile applications. The framework is based on the semantic policy model presented in [10] and allows the representation of expressive policies based on users' mobile social ecosystem (MSE), that is, the rich set of social interactions occuring between people in mobile environments, according to various social relationships (e.g., friends, family or co-workers), different activities performed on content (commenting, tagging, etc. ), as well as formation of groups and organization of events.…”

Section: Introductionmentioning

confidence: 99%

Policy-Based Access Control in Mobile Social Ecosystems

Hachem

Toninelli

Pathak

et al. 2011

2011 IEEE International Symposium on Policies for Distributed Systems and Networks

Self Cite

View full text Add to dashboard Cite

Abstract-The novel scenarios enabled by emerging mobile social applications raise serious concerns regarding access control of users' contextual and social data. Given the variety of existing and upcoming social applications, it is important to provide (i) generic yet flexible policy models that combine expressivity with personalization, (ii) actual running infrastructures to enforce policy-based access control on heterogenous devices with minimal development/deployment effort, and (iii) user-interfaces to allow the easy specification of policies without dealing with the complexity of the underlying policy and data models. Toward this goal, in this paper we make three contributions. First, we present a novel policy framework for controlling access to social data in mobile applications. The framework allows the representation of expressive policies based on users' social interactions, which can be easily extended with new domain data models, while keeping policy model compatibility intact. Secondly, we demonstrate how we integrated the policy framework as part of Yarta, a middleware for managing mobile users' social ecosystems, implemented and deployed on laptops and smart phones. Third, we show the graphical policy editor provided with the policy framework to allow non-technology savvy users to easily specify and manage their access control policies.

show abstract

What's on Users' Minds? Toward a Usable Smart Phone Security Model

Cited by 19 publications

References 10 publications

CARS-AD Project: Context-Aware Recommender System for Authentication Decision in Pervasive and Mobile Environments

CARS-AD Project: Context-Aware Recommender System for Authentication Decision in Pervasive and Mobile Environments

Yarta: A Middleware for Managing Mobile Social Ecosystems

Policy-Based Access Control in Mobile Social Ecosystems

Contact Info

Product

Resources

About