Context-Aware Identity Delegation
نویسندگان
چکیده
In emerging ubiquitous computing, related nomadic users often perform similar tasks and share the same computing infrastructure. This means that security of the shared resources is of prime importance. Frequent delegation of tasks among users must be anticipated as most nomadic environments are hectic and very dynamic. A delegation mechanism with a slightly complicated user interface will not only reduce the productivity but also provide nomadic users with a strong motivation to circumvent the mechanism itself. Delegation in access control domain is not practical for the most of nomadic users due to its complicated and complex structure. Identity delegation at authentication level provides improved usability, which reduces the risk of circumventing the delegation mechanism; at the same time, however, identity delegation violates the principle of least privileges. We use contextual information of a delegatee to mitigate this violation, which helps to achieve a higher level of practical security in nomadic environments.
منابع مشابه
European Context-awareness and Trust (eurocat09) 3 Rd Workshop on Combining Context with Trust, Security, and Privacy Program Commitee Trust Management in Context-aware and Service-oriented Architectures (invited Talk) Context-aware Identity Delegation
In emerging ubiquitous computing, related nomadic users often perform similar tasks and share the same computing infrastructure. This means that security of the shared resources is of prime importance. Frequent delegation of tasks among users must be anticipated as most nomadic environments are hectic and very dynamic. A delegation mechanism with a slightly complicated user interface will not o...
متن کاملCross-Context Delegation through Identity Federation
We present in this paper a basic scheme for delegation in a federated setting and two more advanced schemes, transferable and corporate delegation. By transferable delegation delegatees are able to delegate the received privileged actions further to someone else. Corporate delegation is delegation within a business context. Our schemes are generic and user-centric. We elaborate on the different...
متن کاملAn Approach for Consistent Delegation in Process-Aware Information Systems
Delegation is an important concept to increase flexibility in authorization and obligation management. Due to the complexity of potential delegation relations, there is a strong need to systematically check the consistency of all delegation assignments. In this paper, we discuss the detection of delegation conflicts based on the formal definitions of a model that supports the delegation of role...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کاملSolving identity delegation problem environment
At present, many countries allow citizens or entities to interact with the government outside the telematic environment through a legal representative who is granted powers of representation. However, if the interaction takes place through the Internet, only primitive mechanisms of representation are available, and these are mainly based on nondynamic offline processes that do not enable quick ...
متن کامل