Effectively enforcing authorization constraints for emerging space-sensitive technologies

Carlos E. Rubio-Medrano, Shaishavkumar Jogani, Maria Leitner, Ziming Zhao, Gail Joon Ahn

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Recently, applications that deliver customized content to end-users, e.g., digital objects on top of a video stream, depending on information such as their current physical location, usage patterns, personal data, etc., have become extremely popular. Despite their promising future, some concerns still exist with respect to the proper use of such space-sensitive applications (S-Apps) inside independently-run physical spaces, e.g., schools, museums, hospitals, memorials, etc. Based on the idea that innovative technologies should be paired with novel (and effective) security measures, this paper proposes space-sensitive access control (SSAC), an approach for restricting space-sensitive functionality in such independently-run physical spaces, allowing for the specification, evaluation and enforcement of rich and flexible authorization policies, which, besides meeting the specific needs for S-Apps, are also intended to avoid the need for interruptions in their normal use as well as repetitive policy updates, thus providing a convenient solution for both policy makers and end-users. We present a theoretical model, a proof-of-concept S-App, and a supporting API framework, which facilitate the policy crafting, storage, retrieval and evaluation processes, as well as the enforcement of authorization decisions. In addition, we present a performance case study depicting our proof-of-concept S-App in a set of realistic scenarios, as well as a user study which resulted in 90% of participants being able to understand and write authorization policies using our approach, and 93% of them also recognizing the need for restricting functionality in the context of emerging space-sensitive technologies, thus providing evidence that encourages the adoption of SSAC in practice.

Original languageEnglish (US)
Title of host publicationSACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies
PublisherAssociation for Computing Machinery
Pages195-206
Number of pages12
ISBN (Electronic)9781450367530
DOIs
StatePublished - May 28 2019
Event24th ACM Symposium on Access Control Models and Technologies, SACMAT 2019 - Toronto, Canada
Duration: Jun 3 2019Jun 6 2019

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Conference

Conference24th ACM Symposium on Access Control Models and Technologies, SACMAT 2019
CountryCanada
CityToronto
Period6/3/196/6/19

Keywords

  • Attributes
  • Authorization policies
  • Space-sensitive access control

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Fingerprint Dive into the research topics of 'Effectively enforcing authorization constraints for emerging space-sensitive technologies'. Together they form a unique fingerprint.

Cite this