The sensors of a context-aware system extract contextual information from the environment and relay that information to higher-level processes of the system so to influence the system’s control decisions. However, an adversary can maliciously influence such controls indirectly by manipulating the environment in which the sensors are monitoring, thereby granting privileges the adversary would otherwise not normally have. To address such context monitoring issues, we extend CASSEC by incorporating sentience-like constructs, which enable the emulation of ”confidence”, into our proximity-based access control model to grant the system the ability to make more inferable decisions based on the degree of reliability of extracted contextual information. In CASSEC 2.0, we evaluate our confidence constructs by implementing two new authentication mechanisms. Co-proximity authentication employs our time-based challenge-response protocol, which leverages Bluetooth Low Energy beacons as its underlying occupancy detection technology. Biometric authentication relies on the accelerometer and fingerprint sensors to measure behavioral and physiological user features to prevent unauthorized users from using an authorized user’s device. We provide a feasibility study demonstrating how confidence constructs can improve the decision engine of context-aware access control systems.
A Context-Aware System to Secure Enterprise Content: Incorporating Reliability Specifiers / O. Oluwatimi, M.L. Damiani, E. Bertino. - In: COMPUTERS & SECURITY. - ISSN 0167-4048. - 77(2018), pp. 162.162-162.178.
A Context-Aware System to Secure Enterprise Content: Incorporating Reliability Specifiers
M.L. Damiani;E. Bertino
2018
Abstract
The sensors of a context-aware system extract contextual information from the environment and relay that information to higher-level processes of the system so to influence the system’s control decisions. However, an adversary can maliciously influence such controls indirectly by manipulating the environment in which the sensors are monitoring, thereby granting privileges the adversary would otherwise not normally have. To address such context monitoring issues, we extend CASSEC by incorporating sentience-like constructs, which enable the emulation of ”confidence”, into our proximity-based access control model to grant the system the ability to make more inferable decisions based on the degree of reliability of extracted contextual information. In CASSEC 2.0, we evaluate our confidence constructs by implementing two new authentication mechanisms. Co-proximity authentication employs our time-based challenge-response protocol, which leverages Bluetooth Low Energy beacons as its underlying occupancy detection technology. Biometric authentication relies on the accelerometer and fingerprint sensors to measure behavioral and physiological user features to prevent unauthorized users from using an authorized user’s device. We provide a feasibility study demonstrating how confidence constructs can improve the decision engine of context-aware access control systems.File | Dimensione | Formato | |
---|---|---|---|
COMPUTERS_SECURITY_ContextAwareSystem_EpubAheadofPrint.pdf
accesso aperto
Tipologia:
Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione
4.79 MB
Formato
Adobe PDF
|
4.79 MB | Adobe PDF | Visualizza/Apri |
1-s2.0-S0167404818303018-main.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
2.13 MB
Formato
Adobe PDF
|
2.13 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.