Browsing by Subject "access control"
Now showing 1 - 5 of 5
Results Per Page
Sort Options
Item Context-dependent privacy and security management on mobile devices(2017-01-01) Das, PrajitDas, Prajit Kumar; Joshi, Anupam; Finin, Tim; Computer Science and Electrical Engineering; Computer ScienceThere are ongoing security and privacy concerns regarding mobile platforms that are being used by a growing number of citizens. Security and privacy models typically used by mobile platforms use one-time permission acquisition mechanisms. However, modifying access rights after initial authorization in mobile systems is often too tedious and complicated for users. User studies show that a typical user does not understand permissions requested by applications or are too eager to use the applications to care to understand the permission implications. For example, the Brightest Flashlight application was reported to have logged precise locations and unique user identifiers, which have nothing to do with a flashlight application's intended functionality, but more than 50 million users used a version of this application which would have forced them to allow this permission. Given the penetration of mobile devices into our lives, a fine-grained context-dependent security and privacy control approach needs to be created. We have created Mithril as an end-to-end mobile access control framework that allows us to capture access control needs for specific users, by observing violations of known policies. The framework studies mobile application executables to better inform users of the risks associated with using certain applications. The policy capture process involves an iterative user feedback process that captures policy modifications required to mediate observed violations. Precision of policy is used to determine convergence of the policy capture process. Policy rules in the system are written using Semantic Web technologies and the Platys ontology to define a hierarchical notion of context. Policy rule antecedents are comprised of context elements derived using the Platys ontology employing a query engine, an inference mechanism and mobile sensors. We performed a user study that proves the feasibility of using our violation driven policy capture process to gather user-specific policy modifications. We contribute to the static and dynamic study of mobile applications by defining "application behavior" as a possible way of understanding mobile applications and creating access control policies for them. Our user study also shows that unlike our behavior-based policy, a "deny by default" mechanism hampers usability of access control systems. We also show that inclusion of crowd-sourced policies leads to further reduction in user burden and need for engagement while capturing context-based access control policy. We enrich knowledge about mobile "application behavior" and expose this knowledge through the Mobipedia knowledge-base. We also extend context synthesis for semantic presence detection on mobile devices by combining Bluetooth, low energy beacons and Nearby Messaging services from Google.Item Context-Sensitive Policy Based Security in Internet of Things(IEEE, 2016-05-18) Das, Prajit Kumar; Narayanan, Sandeep Nair; Sharma, Nitin Kumar; Joshi, Anupam; Joshi, Karuna Pande; Finin, TimAccording to recent media reports, there has been a surge in the number of devices that are being connected to the Internet. The Internet of Things (IoT), also referred to as Cyber-Physical Systems, is a collection of physical entities with computational and communication capabilities. The storage and computing power of these devices is often limited and their designs currently focus on ensuring functionality and largely ignore other requirements, including security and privacy concerns. We present the design of a framework that allows IoT devices to capture, represent, reason with, and enforce information sharing policies. We use Semantic Web technologies to represent the policies, the information to be shared or protected, and the IoT device context. We discuss use-cases where our design will help in creating an "intelligent" IoT device and ensuring data security and privacy using context-sensitive information sharing policies.Item Ontology driven AI and Access Control Systems for Smart Fisheries(Association for Computing Machinery, 2021-04-28) Chukkapalli, Sai Sree Laya; Aziz, Shaik; Alotaibi, Nouran; Mittal, Sudip; Gupta, Maanak; Abdelsalam, MahmoudIncreasing number of internet connected devices has paved a path for smarter ecosystems in various sectors such as agriculture, aquaculture, manufacturing, healthcare, etc. Especially, integrating technologies like big data, artificial intelligence (AI), blockchain, etc. with internet connected devices has increased efficiency and productivity. Therefore, fishery farmers have started adopting smart fisheries technologies to better manage their fish farms. Despite their technological advancements smart fisheries are exposed and vulnerable to cyber-attacks that would cause negative impact on the ecosystem both physically and economically. Therefore in this paper, we present a smart fisheries ecosystem where the architecture describes various interactions that happen between internet connected devices. We develop a smart fisheries ontology based on the architecture and implement Attribute Based Access Control System (ABAC) where access to resources of smart fisheries is granted by evaluating the requests. We also discuss how access control decisions are made in multiple use case scenarios of a smart fisheries ecosystem. Furthermore, we elaborate some AI applications that would enhance the smart fisheries ecosystem.Item Policy based Access Control for a RDF Store(2005-05-10) Reddivari, Pavan; Finin, Tim; Joshi, AnupamResource Description Format (RDF) stores have formed an essential part of many semantic web applications. Current RDF store systems have primarily focused on efficiently storing and querying large numbers of triples. Little attention has been given to how triples would be updated and maintained or how access to store can be controlled. In this paper we describe the motivation for an RDF store with complete maintenance capabilities and access control. We propose a policy based access control model providing control over the various actions possible on an RDF store. Finally, we discuss on how the Hypertext Transport Protocol (HTTP) and its extensions can be used to provide communication with the store.Item Security and Privacy Challenges in Open and Dynamic Environments(IEEE, 2006-06-19) Kagal, Lalana; Finin, Tim; Greenspan, Sol; Joshi, AnupamInformation system security and privacy, once narrow topics primarily of interest to IS designers, have become critically important to society at large. The scope of associated challenges and applications is broadening accordingly, leading to new requirements and approaches. Information networks are evolving into more open and dynamic systems. Security and privacy enforcement is problematic in these systems due to the lack of a common understanding of requirements and information as well as user unpredictability. Shared ontologies, declarative policies, and trust models offer the most promising approaches to meet these challenges.