Conceptual Integration of Security Management in Designing Context-aware Environments

Inhalt:
The contribution of a sophisticated security management component in a distributed environment is two-fold. First, unauthorized access to system components and functions can be prohibited. Second, and this is of certain interest in large-scale scenarios, the amount of system functions that are offered to a user can be reduced to a manageable minimum. Moreover, multiple passwords and repeated log-ins can be avoided (single sign-on). This is of special importance for the interoperability of system components without involvement of the user. Along with interpretation of context conditions and possible intentions of the user, a sophisticated management of permissions is a valuable instrument for transparency and ease of use. That’s why both aspects - context and security - should be tightly integrated right from the beginning. This paper presents a mechanism and prototypical implementation of such a system. Thus, security management is considered as a basic building block for context-aware applications.