User-Centric Adaptive Access Control and Resource Configuration for Ubiquitous Computing Environments
7th Int’l Conf. on Enterprise Information Systems (ICEIS05)
Access Control,Policy Based Management,Conflict Detection and Resolution,Ubiquitous Computing.
Provision of adaptive access control is key to allowing users harness the full potential of ubiquitous computing environments. In this paper, we introduce the M-Zones Access Control (MAC) process, which provides user-centric attribute-based access control, together with automatic reconfiguration of resources in response to the changes in the set of users physically present in the environment. User control is realised via user-specified policies, which are analysed in tandem with system policies and policies of other users, whenever events occur that require policy decisions and associated configuration operations. In such a system users’ policies may habitually conflict with system policies, or indeed other users’ policies; thus, policy conflict detection and resolution is a critical issue. To address this we describe a conflict detection/resolution method based on a policy precedence scheme. To illustrate the operation of the MAC process and its conflict detection/resolution method, we discuss its realisation in a test bed emulating an office-based ubiquitous computing environment.