2nd IEEE International Conference on Collaboration and Internet Computing (CIC 2016), Pittsburgh, PA, USA, November 1-3, 2016

Capturing policies for fine-grained access control on mobile devices

Prajit Kumar Das, Anupam Joshi, and Tim Finin

November 1, 2016

As of 2016, there are more mobile devices than humans on earth. Today, mobile devices are a critical part of our lives and often hold sensitive corporate and personal data. As a result, they are a lucrative target for attackers, and managing data privacy and security on mobile devices has become a vital issue. Existing access control mechanisms in most devices are restrictive and inadequate. They do not take into account the context of a device and its user when making decisions. In many cases, the access granted to a subject should change based on context of a device. Such fine-grained, context-sensitive access control policies have to be personalized too. In this paper, we present the Mithril system, that uses policies represented in Semantic Web technologies and captured using user feedback, to handle access control on mobile devices. We present an iterative feedback process to capture user specific policy. We also present a policy violation metric that allows us to decide when the capture process is complete.

BibTeX OWL Tweet Scholar

Tags: abac, access control, android, context modeling, context-sensitive, mobile, policy capture, privacy, swrl rules

Type: InProceedings

Publisher: IEEE Computer Society

Downloads: 1352 downloads