skip to main content
10.1145/2036146.2036153acmotherconferencesArticle/Chapter ViewAbstractPublication PagescasemansConference Proceedingsconference-collections
research-article

CA-UCON: a context-aware usage control model

Published: 17 September 2011 Publication History

Abstract

Usage CONtrol (UCON) model is the latest major enhancement of the traditional access control models which enables mutability of subject and object attributes, and continuity of control on usage of resources. In UCON, access permission decision is based on three factors: authorisations, obligations and conditions. While authorisations and obligations are requirements that must be fulfilled by the subject and the object, conditions are subject and object independent requirements that must be satisfied by the environment. As a consequence, access permission may be revoked (and the access stopped) as a result of changes in the environment regardless of whether the authorisations and obligations re-quirements are met. This constitutes a major shortcoming of the UCON model in pervasive computing systems which constantly strive to adapt to environmental changes so as to minimise disruptions to the user. To overcome this limitation, this paper proposes a Context-Aware Usage CONtrol (CA-UCON) model which extends the traditional UCON model to enable adaptation to environmental changes in the aim of preserving continuity of access. When the authori-sations and obligations requirements are met by the subject and the object, and the conditions requirements fail due to changes in the environment or the system context, CA-UCON model triggers specific actions to adapt to the new situation. Besides the data protection. CA-UCON model so enhances the quality of services, striving to keep explicit interactions with the user at a minimum.

References

[1]
L.-C. F. Chun-Dong Wang, Ting Li. Context-aware environment-role-based access control model for web services. In 2008 International Conference on Multimedia and Ubiquitous Engineering, 2008.
[2]
H. M. José Bringel Filho. A generalized context-based access control model for pervasive environments. In Proceedings of the 2nd SIGSPATIAL ACM GIS 2009 International Workshop on Security and Privacy in GIS and LBS, 2009.
[3]
H. J. Jung Hwan Choi, Dong Hyun Kang and Y. I. Eom. Adaptive access control scheme utilizing context awareness in pervasive computing environments. In Performance, Computing and Communications Conference, 2008. IPCCC 2008. IEEE International, 2008.
[4]
J. Park and R. Sandhu. The UCON ABC usage control model. ACM Transactions on Information and System Security, 7(1):128--174, February 2004.
[5]
S. Z. Sareh Sadat Emami, Morteza Amini. A context-aware access control model for pervasive computing environments. In 2007 International Conference on Intelligent Pervasive Computing, 2007.
[6]
H. F. SHEN Haibo. A context-aware role-based access control model for web services. In Proceedings of the 2005 IEEE International Conference on e-Business Engineering (ICEBEŠ05), 2005.
[7]
D. K. S. K. Vassilis Kapsalisa, Loukas Hadellisb. A dynamic context-aware access control architecture for e-services. Computers & Security, 25:507--521, 2006.
[8]
R. X. Zhou Zhu. A context-aware access control model for pervasive computing in enterprise environments. In Wireless Communications, Networking and Mobile Computing, 2008. WiCOM '08. 4th International Conference on, 2008.

Cited By

View all
  • (2024)Continuous Authorization Architecture for Dynamic Trust EvaluationTrust Management XIV10.1007/978-3-031-76714-2_1(1-18)Online publication date: 22-Dec-2024
  • (2022)The Enhanced Usage Control for data sharing in Industrial InternetProceedings of the 8th International Conference on Communication and Information Processing10.1145/3571662.3571689(184-190)Online publication date: 3-Nov-2022
  • (2022)WiP: Metamodel for Continuous Authorisation and Usage ControlProceedings of the 27th ACM on Symposium on Access Control Models and Technologies10.1145/3532105.3535039(43-48)Online publication date: 7-Jun-2022
  • Show More Cited By

Recommendations

Reviews

Edgar R. Weippl

Usage control (UCON) models are improvements on traditional access control models. The decision as to whether a subject may perform a certain operation on an object depends not only on the authorizations it has, but also-and this is the enhancement-on obligations and conditions. Obligations include pre-obligations that must be fulfilled before the access is granted and ongoing obligations that must be fulfilled during access; conditions usually encompass environmental constraints. One characteristic of usage control models is that if the environmental conditions change, access to an object will be revoked immediately. When used in pervasive systems, this is a problem because the system has no time to acclimate to the environmental changes without losing access to the object. In such a case, the authors' proposed improvements trigger specific actions to adapt to the new situation. Adaptation actions are, for example, retry, duplicate service, substitute service, or choose alternative service. The paper describes a useful extension of Park's UCONABC model and is straightforward. However, there are almost no examples to help readers quickly understand some of the concepts. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
CASEMANS '11: Proceedings of the 5th ACM International Workshop on Context-Awareness for Self-Managing Systems
September 2011
48 pages
ISBN:9781450308779
DOI:10.1145/2036146
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 September 2011

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. adaptive systems
  2. context-aware
  3. pervasive computing
  4. usage control

Qualifiers

  • Research-article

Conference

Casemans '11

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)7
  • Downloads (Last 6 weeks)1
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Continuous Authorization Architecture for Dynamic Trust EvaluationTrust Management XIV10.1007/978-3-031-76714-2_1(1-18)Online publication date: 22-Dec-2024
  • (2022)The Enhanced Usage Control for data sharing in Industrial InternetProceedings of the 8th International Conference on Communication and Information Processing10.1145/3571662.3571689(184-190)Online publication date: 3-Nov-2022
  • (2022)WiP: Metamodel for Continuous Authorisation and Usage ControlProceedings of the 27th ACM on Symposium on Access Control Models and Technologies10.1145/3532105.3535039(43-48)Online publication date: 7-Jun-2022
  • (2019)Security Issues in Context-Aware SystemsContext-Aware Pervasive Systems and Applications10.1007/978-981-32-9952-8_7(137-149)Online publication date: 20-Sep-2019
  • (2013)Modelling Usage Control of a U-Learning System Using CA-UCONTrends in Mobile Web Information Systems10.1007/978-3-319-03737-0_11(95-109)Online publication date: 2013
  • (2012)Privacy context model for dynamic privacy adaptation in ubiquitous computingProceedings of the 2012 ACM Conference on Ubiquitous Computing10.1145/2370216.2370383(752-757)Online publication date: 5-Sep-2012
  • (2012)Specifying security requirements of context aware system using UMLSeventh International Conference on Digital Information Management (ICDIM 2012)10.1109/ICDIM.2012.6360140(259-265)Online publication date: Aug-2012

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media