Skip to main content
SpringerLink
Log in

An Improved UCONA-Based Authorization Policy Specification for Ubiquitous Systems

  • Conference paper
Computer Science for Environmental Engineering and EcoInformatics (CSEEE 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 158))

  • 1297 Accesses

Abstract

Anywhere and anytime access to information within computing infrastructures is a purpose of ubiquitous computing. The new security challenges are posed while the information can be accessed at anywhere and anytime since it may be applied by malicious users. A key issue in ubiquitous systems is not who can use sharing resources, but how to control the usage of sharing resources. Usage CONtrol (UCON) is a consolidated solution for this problem. However, the authorization mechanisms of ubiquitous systems do not offer elaborate authorization responses. We extend and improve the UCONA-based authorization policy specification based on a delegation certification offering an elaborate authorization response. Then we show the flexibility and expressive capability of our policy specification through an application example.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Park, J., Sandhu, R.: Towards Usage Control Models: Beyond Traditional Access Control. In: Proceedings of the 7th ACM Symposium on Access Control Models and Technologies (SACMAT 2002), Monterey, California, pp. 57–64. ACM, New York (2002)

    Google Scholar 

  2. Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-based Access Control. ACM Transactions on Information and System Security 4, 224–274 (2001)

    Article  Google Scholar 

  3. Park, J., Sandhu, R.: The UCONABC Usage Control Model. ACM Transactions on Information and System Security 7, 128–174 (2004)

    Article  Google Scholar 

  4. Zhang, X., Parisi-Presicce, F., Sandhu, R., et al.: Formal Model and Policy Specification of Usage Control. ACM Transactions on Information and System Security (TISSEC) 8, 351–387 (2005)

    Article  Google Scholar 

  5. Lamport, L.: The Temporal Logic of Actions. ACM Transactions on Programming Languages and Systems 16, 872–923 (1994)

    Article  Google Scholar 

  6. Martinelli, F., Mori, P.: A Model for Usage Control in Grid Systems. In: Proceedings of International Conference on Security, Trust and Privacy in Grid Systems (Grid-STP 2007), Nice, France, pp. 169–175. IEEE Press, Los Alamitos (2007)

    Google Scholar 

  7. Stagni, F., Arenas, A.E., Aziz, B.: On Usage Control in Data Grids. Technical Report, CoreGRID (2008)

    Google Scholar 

  8. Vardi, M.Y.: Branching vs. Linear Time: Final Showdown. In: Margaria, T., Yi, W. (eds.) TACAS 2001. LNCS, vol. 2031, pp. 1–22. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  9. Chen, Z., Gui, J., Guo, Y.: Hierarchical-role Based Delegation Authorization Execution Model for Service Grid. Journal of Software 20, 2495–2510 (2009)

    Article  Google Scholar 

  10. Zhang, X., Nakae, M., Covington, M.J., Sandhu, R.: Toward a Usage-based Security Framework for Collaborative Computing Systems. ACM Transactions on Information and System Security (TISSEC) 11, 1–36 (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Science and Engineering, Central South University, Changsha, China

    Jinsong Gui, Zhigang Chen & Xiaoheng Deng

Authors
  1. Jinsong Gui
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhigang Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiaoheng Deng
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dalian University of Technology, Dalian, China

    Yuanxu Yu

  2. Kunming University of Science and Technology, Kunming, China

    Zhengtao Yu

  3. International Association for Scientific and High Technology, Kunming, China

    Jingying Zhao

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gui, J., Chen, Z., Deng, X. (2011). An Improved UCONA-Based Authorization Policy Specification for Ubiquitous Systems. In: Yu, Y., Yu, Z., Zhao, J. (eds) Computer Science for Environmental Engineering and EcoInformatics. CSEEE 2011. Communications in Computer and Information Science, vol 158. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22694-6_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22694-6_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22693-9

  • Online ISBN: 978-3-642-22694-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation