Geetanjali Sampemane, Prasad Naldurg and Roy H. Campbell
University of Illinois at Urbana-Champaign
Active Spaces are physical spaces, rich in heterogeneous computing and communication devices, with supporting software services to facilitate collaboration between users and interaction with the space. Such spaces are usually shared by different groups of users, for different types of applications. Access control techniques for these ``intelligent'' environments must recognize the existence of task-related groups, and take into account the physical location of users and devices, to enable useful modes of co-operation and sharing of Active Spaces between multiple groups of users. We present an access control system designed for Active Space environments. Our system dynamically establishes protection domains based on the users and activities in the space. Users are assigned permissions based on the activity they are undertaking, and the current group they are working with. User and permission management in our system is simplified by using role-based access control techniques, and the access control system can automatically assign permissions to groups of users in a secure and meaningful fashion. We provide a semi-formal specification of our system, present a proof of the safety properties, and describe a prototype implementation. We believe that this model is suitable for typical Active Space applications, and present an example usage scenario.
Keywords: access control, collaborative environments, customizable policies
Read Paper (in PDF)