Call for Paper - January 2023 Edition
IJCA solicits original research papers for the January 2023 Edition. Last date of manuscript submission is December 20, 2022. Read More

Decision Theory based Auto-delegation (DTA-d) scheme for Ubiquitous Computing

Print
PDF
International Journal of Computer Applications
© 2013 by IJCA Journal
Volume 79 - Number 7
Year of Publication: 2013
Authors:
Priyanka N. Kamble
Parikshit N. Mahalle
10.5120/13750-1571

Priyanka N Kamble and Parikshit N Mahalle. Article: Decision Theory based Auto-delegation (DTA-d) scheme for Ubiquitous Computing. International Journal of Computer Applications 79(7):1-6, October 2013. Full text available. BibTeX

@article{key:article,
	author = {Priyanka N. Kamble and Parikshit N. Mahalle},
	title = {Article: Decision Theory based Auto-delegation (DTA-d) scheme for Ubiquitous Computing},
	journal = {International Journal of Computer Applications},
	year = {2013},
	volume = {79},
	number = {7},
	pages = {1-6},
	month = {October},
	note = {Full text available}
}

Abstract

Access control is a fundamental and essential mechanism to maintain security in ubiquitous computing (UbiComp). Flexibility is an important property for general access control system, which can be achieved by access or authority delegation. Existing delegation mechanisms are "subject-centered", thus in order to make sure that the unavailability of some users does not prevent the system to be functional; auto-delegation mechanisms are introduced, in particular for emergency-prone environments, such as healthcare, military systems auto-delegation mechanisms are required. Auto-delegation mechanism combines the strengths of delegation systems and "break-the-glass" policies, by stating that the most qualified available user for a resource can access this resource. Further this work is extended by considering availability as a quantitative measure, such that each user is associated with a probability of availability. The main contribution of this paper is to present decision theory based auto-delegation scheme (DTA-d) for UbiComp. UbiComp poses new security challenges while the information can be accessed anywhere and anytime, hence the access control is required to maintain the security in UbiComp, but along with the strong access control, auto-delegation is also necessary to provide flexibility. While performing the auto-delegation, numbers of alternatives are available, among these alternatives selecting one as best is the important issue and this is addressed in this paper. Decision theory is used to select the best alternative when numbers of alternatives are available and their consequences cannot be forecast with certainty. Using Bayesian decision theory and by applying bays rule access is granted or denied for particular subject to object.

References

  • Crampton, J. , Morisset, C. : An Auto-delegation Mechanism for Access Control Systems. In: Cuellar, J. , Lopez, J. , Barthe, G. , Pretschner, A. (eds. ) STM 2010. LNCS, vol. 6710, pp. 1–16. Springer, Heidelberg (2011)
  • Leanid Krautsevich1, Fabio Martinelli2, Charles Morisset2, and Artsiom Yautsiukhin2, Risk-Based Auto-delegation for Probabilistic Availability *, J. Garcia-Alfaro et al. (Eds. ): DPM 2011 and SETOP 2011, LNCS 7122, pp. 206–220, 2012. Springer-Verlag Berlin Heidelberg 2012.
  • Wang, Hua, Yanchun Zhang, and Jinli Cao. "Access control management for ubiquitous computing. " Future Generation Computer Systems 24. 8 (2008): 870-878.
  • Hanson, S. O. : Decision theory: A brief introduction (August 1994)
  • Lampson, B. : Protection. In: Proceedings of the 5th Annual Princeton Conference on Information Sciences and Systems, pp. 437–443. Princeton University (1971)
  • Harrison, M. A. , Ruzzo, W. L. , Ullman, J. D. : Protection in operating systems. Communications of the ACM 19(8), 461–471 (1976)
  • LaPadula, L. J. , Bell, D. E. : Secure Computer Systems: A Mathematical Model. Journal of Computer Security 4, 239–263 (1996)
  • Ferraiolo, D. F. , Kuhn, D. R. : Role-based access control. In: Proceedings of the 15th National Computer Security Conference, pp. 554–563 (1992)
  • Ardagna, C. A. , De Capitani di Vimercati, S. , Grandison, T. , Jajodia, S. , Samarati, P. : Regulating Exceptions in Healthcare Using Policy Spaces. In: Atluri, V. (ed. ) DAS 2008. LNCS, vol. 5094, pp. 254–267. Springer, Heidelberg (2008)
  • Wainer, J. , Barthelmess, P. , Kumar, A. : W-RBAC - a workflow security model incorporating controlled overriding of constraints. International Journal of Cooperative Information Systems 12, 455–485 (2003)
  • Chander, A. , Mitchell, J. C. , Dean, D. : A state-transition model of trust management and access control. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop, pp. 27-43. IEEE Computer Society Press, Los Alamitos(2001).
  • Krautsevich, L. , Lazouski, A. , Martinelli, F. ,Yautsiukhin, A. : Influence of Attribute Freshness on Decision Making in Usage Control. In: Cuellar, J. , Lopez, J. ,Barthe, G. , Pretschner, A. (eds. ) STM 2010. LNCS, vol. 6710, pp. 35–50. Springer,Heidelberg (2011)
  • Krautsevich, L. , Lazouski, A. , Martinelli, F. ,Yautsiukhin, A. : Risk-aware usage decision making in highly dynamic systems. In: Proceedings of the Fifth International Conference on Internet Monitoring and Protection. IEEE (2010)
  • Liscano, Ramiro, and Kaining Wang. "A context-based delegation access control model for pervasive computing. " Advanced Information Networking and Applications Workshops, 2007, AINAW'07. 21st International Conference on. Vol. 2. IEEE, 2007.
  • E. Freudenthal, T. Pesin, L. Port, and E. Keenan, "dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments", In 22nd Int. Conf. on Distributed Computing Systems (ICDCS '02), pp. 411- 420, IEEE, July 2002.