Presentation is loading. Please wait.

Presentation is loading. Please wait.

Context-Aware Security Gleneesha Johnson

Published byMalcolm Covil Modified over 9 years ago

Similar presentations

Presentation on theme: "Context-Aware Security Gleneesha Johnson"— Presentation transcript:

1 Context-Aware Security Gleneesha Johnson gjohnson@cs.umd.edu

2 Context Common definition from Dey et al. [DA99] …any information that can be used to characterize the situation of an entity. An entity is a person, place, or object that is considered relevant to the interaction between a user and an application, including the user and applications themselves Contextual Attribute - a measurable context primitive –Common examples are location and time

3 Context-Aware Systems A system is context-aware if it can discover and utilize context to adapt its behavior based on the current situation Context can be supplied from a variety of sources –sensors embedded in a computing device, external sensors in the environment, a context providing service, and system state

4 Context-Aware Systems Seminal Paper by Weiser “The Computer for the 21 st Century” [W99] –Many computers seamlessly integrated into the physical environment –Objective – to support and enhance a user’s experience by making life and tasks easier Significant body of research explores ways that objective can be accomplished –Location-aware application Less work on enhancing security

5 Traditional Security Coarse and context insensitive Based on relatively stable, well-defined, consistent configurations, and static contexts. [HSBER05] Shifting computing paradigm Anytime, anywhere, anyone access Rapidly and frequently changing context

6 Context-Aware Security Security mechanisms dynamically adapting to the user’s situation based on the provided context Context can be incorporated into various security services –Access control, encryption, authentication, etc. Context can incorporated into security in different ways –Supplement user attributes –Replace user attributes Majority of research focuses on access control

7 Access Control Objective is to prevent unauthorized access to protected resources Controls what subjects (active entities, such as users and processes) can access what resources (passive entities) and what operations they can perform (read, write)

8 Access Control Model

9 Context-Aware Access Control Incorporating context into access control allows decisions to be based on situation at time of resource request. Generalized RBAC (GRBAC)[CLSDAA00] – uses “environment roles” to capture security- relevant context of environment in which access request was made. Dynamic RBAC (DRBAC)[ZP04] – dynamically adjust user role and permissions based on context using state machines Many others

10 Context-Aware Security Issue Many of today’s context-aware security systems are either vague about their notion of context, or use limited context –Abstracts away important aspects of the situation –Lead to poor security decisions based on an incomplete picture

11 Shrink-Wrapped Security A security paradigm in which a tight coupling is provided between a user's current situation and security –not possible when only limited context is utilized Requires a more comprehensive notion of context than what is currently used by context-aware security systems –Only consider security-relevant context

12 Security-Relevant Context Security-relevant context consists of the set of contextual attributes that can be used to characterize the situation of an entity, whose value affects the choice of the most appropriate controls (measures) or the configuration of those controls to protect information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction in order to provide confidentiality, integrity and availability.

13 Security-Relevant Context The values of security-relevant contextual attributes affect the choice of the most appropriate controls because they impact the likelihood of certain threats to confidentiality, integrity, and availability being realized. Therefore, based on their values, the most appropriate controls and configuration of those controls can be employed to mitigate those threats.

14 Research Areas Secure context collection and management in a dynamic environment –Context authentication and integrity –Context privacy The formulation and enforcement of context-aware security policies Identifying relevant context

15 Identifying Relevant Context Exercise

16 References [DA99] Anind K. Dey and Gregory D. Abowd. Towards a Better Understanding of Context and Context-Awareness. Proceedings of the 1st International Workshop on Managing Interactions in Smart Environments. 1999. [W99] M. Weiser, "The Computer for the 21 st Century," ACM SIGMOBILE Mobile Computing and Communications Review, vol. 3, pp. 3-11, 1999. [HSBER05] R. Hulsebosch, A.H. Salden, M.S. Bargh, PWG Ebben, and J Reitsma. Context Sensitive Access Control [CLSDAA00] Michael J. Covington, Wende Long, Srividhya Srinivasan, Anind Dey, Mustaque Ahamad, and Gregory Abowd. Securing context aware applications using environment roles [ZP04] Guangsen Zhang and Manish Parashar. Context-Aware Dynamic Access Control for Pervasive Applications.

Download ppt "Context-Aware Security Gleneesha Johnson"

Similar presentations

A Usage-based Authorization Framework for Collaborative Computing Systems Xinwen Zhang George Mason University Masayuki Nakae NEC Corporation Michael J.

A Usage-based Authorization Framework for Collaborative Computing Systems Xinwen Zhang George Mason University Masayuki Nakae NEC Corporation Michael J.
Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.

Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.
- 1 -. - 2 - Mobile applications Mobile applications have been a domain for recommendation –small display sizes and space limitations –naturally require.

Mobile applications Mobile applications have been a domain for recommendation –small display sizes and space limitations –naturally require.
Operating System Security

Operating System Security
Service-Based Paradigm Anchoring the Indefinable Field Of Pervasive Computing Presenter: Vijay Dheap.

Service-Based Paradigm Anchoring the Indefinable Field Of Pervasive Computing Presenter: Vijay Dheap.
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Welcome to DEAS 2005 Design and Evolution of Autonomic Application Software David Garlan, CMU Marin Litoiu, IBM CAS Hausi A. Müller, UVic John Mylopoulos,

Welcome to DEAS 2005 Design and Evolution of Autonomic Application Software David Garlan, CMU Marin Litoiu, IBM CAS Hausi A. Müller, UVic John Mylopoulos,
Access Control Methodologies

Access Control Methodologies
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
A Context Framework for Ambient Intelligence. Context servers Motivation interoperable Machine processable Security & privacy.

A Context Framework for Ambient Intelligence. Context servers Motivation interoperable Machine processable Security & privacy.
Chapter 1 – Introduction

Chapter 1 – Introduction
Towards Security and Privacy for Pervasive Computing Author : Roy Campbell,Jalal Al-Muhtadi, Prasad Naldurg,Geetanjali Sampemane M. Dennis Mickunas.(2002)

Towards Security and Privacy for Pervasive Computing Author : Roy Campbell,Jalal Al-Muhtadi, Prasad Naldurg,Geetanjali Sampemane M. Dennis Mickunas.(2002)
Software Engineering Issues for Ubiquitous Computing Author: Gregory D. Abowd, Georgia Institute of Technology CSCI 599 Week 4 Paper 3 September 18 2001.

Software Engineering Issues for Ubiquitous Computing Author: Gregory D. Abowd, Georgia Institute of Technology CSCI 599 Week 4 Paper 3 September
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
An Approach for Configuring Ontology- based Application Context Model Chung-Seong Hong, Hyun Kim, Hyoung-Sun Kim Electronics and Telecommunication Research.

An Approach for Configuring Ontology- based Application Context Model Chung-Seong Hong, Hyun Kim, Hyoung-Sun Kim Electronics and Telecommunication Research.
CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine

CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine
Security Models for Trusting Network Appliances From : IEEE ( 2002 ) Author : Colin English, Paddy Nixon Sotirios Terzis, Andrew McGettrick Helen Lowe.

Security Models for Trusting Network Appliances From : IEEE ( 2002 ) Author : Colin English, Paddy Nixon Sotirios Terzis, Andrew McGettrick Helen Lowe.
Www.monash.edu.au CSE5610 Intelligent Software Systems Semester 1 Enabling Intelligent Systems in Pervasive Computing.

CSE5610 Intelligent Software Systems Semester 1 Enabling Intelligent Systems in Pervasive Computing.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Similar presentations

Ads by Google