Active Access Control Model For Pervasive Computing Research

In pervasive computing (ubiquitous computing) environments, the cyberspace and physical space integrate each other deeply, where users can enjoy digital services non-intrusively anytime and anywhere. With the deep investigation on pervasive computing, security problems (such as confidentiality, integrity, usability and privacy) become fundamental research focus on information security and pervasive computing currently. Access control is one of the core technologies to ensure the security of computing systems. However, the traditional access control mechanisms are passive, in which only after users send access requests, access control systems then analyze access requests, and conclude the final access control decisions. The access control in pervasive computing environments has the characteristic of high activeness and fuzziness, which makes the traditional access control mechanisms unsuitable to describe these characteristics, and needs some new theories and methods.In order to describe and implement the active access control for pervasive computing, based on the active database theory, fuzzy set theory, fuzzy inference method and Petri net theory, the thesis investigates the access control system for pervasive computing deeply at the aspects of representation model, fuzzy inference, and dynamic behavior characteristics. The main research of the thesis includes:(1) To describe the activeness of access control for pervasive computing, an active access control model named as AAC model is proposed, and an active access control rule scheme is built. Based on event triggeration mechanism, active access control rules can describe active authorization and access control for pervasive computing efficiently. To analyze the dynamic behavior characteristics of access control systems in pervasive computing environments, an extended Petri net model named as EPN model based on traditional colored Petri net is built in the thesis, which can represent active access control rules. Moreover, based on the EPN model, the termination analysis on active access control rules is investigated, not only the termination decision algorithm is designed, but also its time complexity is analyzed. Compared with other termination decision algorithms, the mathematical analysis shows that the proposed algorithm has more accuracy and higher execution efficiency.(2) To describe the fuzziness of access control for pervasive computing, a fuzzy active access control model named as FAAC model is built by fuzzifying the AAC model, and a fuzzy active access control rule scheme is proposed. Based on fuzzy ECA rules, fuzzy active access control rules can describe the fuzzy active access control for pervasive computing. To analyze the dynamic behavior characteristics of the fuzzy active access control systems, a fuzzy colored time Petri net model named as FCTPN model is built. Moreover, based on the FCTPN model, the tennination analysis on fuzzy active access control rules is investigated, and the termination decision algorithm is designed. The analysis result shows that the proposed algorithm has more accuracy on termination decision.(3) To ensure the correctness and efficiency of access control systems for pervasive computing, based on the consistency concept of production rules, the consistency concept of active access control rules is proposed at first time; the subsumed relations, redundant relations, conflicting relations and circular rule chains in active access control rules are analyzed. Moreover, a consistency analysis algorithm is designed, and the relationship between the non-termination and the consistency in active access control rules is analyzed. The results show that the existence of circular rule chains in rules is the sufficient condition of the existence of non-termination in rules. Further, to analyze the consistency of fuzzy active access control rules, theλ-level cut-set of fuzzy active access control rules is defined. By usingλ-level cut-set concept, some fuzzy active access control rules can be disfuzzified, thus simplifying the complexity of consistency analysis. The relationship between the consistency and the termination in rules is analyzed; the result shows that, if there existsλ-level cut-set in fuzzy active access control rules, and there doesn’t exist circular rule chains in itsλ-level cut-set, then the rules have the characteristic of non-tennination.(4) To verify the correctness of fuzzy active access control model for pervasive computing, a fuzzy active access control prototype system named FAACS is designed and implemented for a smart classroom environment. The architecture of FAACS is discussed deeply; moreover, the correctness and the execution efficiency of rule inference are analyzed by experiments, and the contrast experiments are carried out to analyze the proposed tennination decision algorithms. The experiments show that the algorithms proposed in the thesis are correct and efficient.In the thesis, an active access control model for pervasive computing is built; the activeness and the fuzziness of access control for pervasive computing are described, and the termination and the consistency in active access control systems are also analyzed. The research in the thesis supports new theory and technology for intelligent access control systems, and provides new ideas and methods for implementing intelligent knowledge systems.