UMBC ebiquity

Enforcing Policies in Pervasive Environments

Authors: Anand Patwardhan, Vladimir Korolev, Lalana Kagal, and Anupam Joshi

Book Title: International Conference on Mobile and Ubiquitous Systems: Networking and Services

Date: August 22, 2004

Abstract: This paper presents a proof of concept implementation of a security infrastructure for mobile devices in a pervasive environment. The security infrastructure primarly consists of two parts, the policy engine and the policy enforcement mechanism. Each mobile device within a pervasive environment is equipped with its own policy enforcement mechanism and is responsible for protecting its resources. A mobile device consults the nearest policy server, notifies its current state including its present user, network presence, other accessible devices and location information if available. Using this information the policy server queries the Rei engine to dynamically create a policy certificate and issues it to the requesting device. The system wide policy is described in a semantic language Rei, a lightweight and extensible language that is able to express comprehensive policies using domain specific information. The Rei policy engine is able to dynamically decide what rights, prohibitions, obligations, dispensations an actor has on the domain actions. A policy certificate, which contains the set of granted permissions and the scope within which the permissions are valid, is created and issued to the device. The policy certificate can be revoked by the policy enforcer based on expiration of the validity period or a combination of timeout, loss of contact with an assigned network. X.509 based Public Key Infrastructure is used to provide identification and authentication.

Type: InProceedings

Address: Cambridge, MA

Organization: IEEE

Google Scholar: KDY786S7uMAJ

Number of Google Scholar citations: 30 [show citations]

Number of downloads: 4711


Available for download as

size: 187235 bytes

Related Projects:

Past Project

 Rei : A Policy Specification Language.