Mobile Access Control

Description Our society is constantly moving towards richer forms of information exchange where wired and wireless devices interact, and an increasingly mobile work-force needs to be able to access corporate information while at work, from home, and on the road. This tendency has prompted the academic community to study the security problems arising from such inter-operations. This exchange of information is regulated by security policies describing who can access the information in question.

The particular system for controlling access to protected resources that will be extended in this research is known as Role-Based Access Control. In RBAC, a given user is assigned a collection of roles (e.g.~employee, faculty, student, etc.). In turn, each role is assigned a collection of access privileges. A user gains access to a resource by activating a role which has the necessary privileges.

Mobility adds a new dimension to RBAC, since the services available to a given user also depend on the location of the user, agreements between parties, and the technology underlying the connection.


People
Adriana Compagnoni Elsa Gunter Pablo Garralda

Funding
WiNSeC
This project is based on earlier work funded by NSF ITR: Secure Electronic Transactions

Publications
Papers
  1. Adriana Compagnoni and Elsa Gunter. Symposium on Trustworthy Global Computing (TGC 2005). Edinburgh, UK, April 7-9, 2005. To appear in LNCS Types for Security in a Mobile World(.ps) (.pdf)
Talks
  1. Adriana Compagnoni and Elsa Gunter. Mobile Access Control(ppt) (pdf) . Rutgers University, Newark, NJ, February 3, 2006.
  2. Adriana Compagnoni and Elsa Gunter. Mobile Access Control(ppt) (pdf) . Stevens, Columbia and IBM Security and Privacy Day. Hoboken, NJ, November 14, 2005.
  3. Adriana Compagnoni, Pablo Garralda, and Elsa Gunter. Role-Based Access Control in a Mobile Environment. Symposium on Trustworthy Global Computing (TGC 2005). Edinburgh, UK, April 7-9, 2005.
Posters
  1. Mobile Access Control. NSF CyberTrust PI Meeting. September 25-27, 2005. Newport Beach, California.