Ubiquitous computing environments and its usage access control

Abstract

Ubiquitous computing aims to enhance computer use by utilizing many computer resources available through physical environments, but also making them invisible to users. The purpose of ubiquitous computing is anywhere and anytime access to information within computing infrastructures that is blended into a background and no longer be reminded. This ubiquitous computing poses new security challenges while the information can be accessed at anywhere and anytime because it may be applied by criminal users. The information may contain private information that cannot be shared by all user communities. Several approaches are designed to protect information for pervasive environments. However, ad-hoc mechanisms or protocols are typically added in the approaches by compromising disorganized policies or additional components to protect from unauthorized access. Usage control has been considered as the next generation access control model with distinguishing properties of decision continuity. In this paper, we present a usage control model to protect services and devices in ubiquitous computing environments, which allows the access restrictions directly on services and object documents. The model not only supports complex constraints for pervasive computing, such as services, devices and data types but also provides a mechanism to build rich reuse relationships between models and objects. Finally, comparisons with related works are analysed.