Research Active Fuzzy Access Control In Pervasive Computing Environment

With the development of mobile device, smart phone and sensor technology, ubiquitous computing is entering into people’s lives. One of the important features of ubiquitous computing is that the computers are able to perceive the changes in the physical world, and make the initiative to adjust their behavior and provide better services for people. In other words, the computers become more intelligent through the perception and analysis of the contexts from the physical world, therefore, the connectivity and integration of human society, information space and physical world is becoming the important feature of the next generation of the ubiquitous computing technology, and the ubiquitous computing will provide a harmonious environment with more transparent, more intelligent, greener and more secure services.With the deepening of the pervasive computing research, which the security issue becomes a focus problem (such as the confidentiality, integrity, availability and privacy of the information), at the same time, it is one of the main problem to hinder the pervasive computing to large-scale practical application from the theoretical and experimental stage; on the other hand, the traditional security mechanism is difficult to meet the security needs of the complex environment of pervasive computing, as the pervasive computing has the characteristics of distributed, dynamic, uncertainty. So, the access control is one of the kernel technology to protect computer security, and it is very effective to the security control of complex information systems, and it will also become the key technology to ensure secure of pervasive computing. However, the existing access control generally adopt centralized security policy management mode and determined information (including security policy, subject identity) based static authorization, such passive access control in the closed environment, is no longer applicable to highly open pervasive computing environment. To achieve a safe and effective control of resources in the pervasive computing environment, it is necessary to establish a new access control mechanism:the established new mechanism not only be able to trigger specific events in the ubiquitous environment, take the initiative to adjust the authorization policy changed adaptively control strength to ensure the safety and flexibility of permissions; but also it can support the authorization inference between the uncertain context information and fuzzy trust relationship, and give the result of the determininged authorization decision to ensure the correctness and intelligence of the authorization process. As the energy of the pervasive equipment is limited, the performance of access control system is higher, therefore, the access control system in pervasive computing environment shoule not only ensure the correctness and confluence of authorization inference results, and also prevent invalid circular reasoning, in order to guarantee the termination of the authorization decision process.In this paper, to address the problem of access control in pervasive computing environment, we propose an active fuzzy access control method.and its realization mechanism used in pervasive computing environment, which is analyzed deeply the dynamic behavior of the access control system. In the proposed method, the active database theory, metgraphs theory, interval-valued fuzzy set theory, interval-valued fuzzy inference method and fuzz control technology are introduced into the traditional access control technology, and the active fuzzy access control technology is studied from three aspects:access control strategy, model and mechanism, which solve the fuzzy uncertainty and dynamic adaptive of pervasive computing, and provide a new idea for smart access control system. The mainly works of the paper are as follows:(1) A fuzzy access control model for ubiquitous computing is presented, which is established to uncertainty context information and fuzzy trust relationship, and the authorization decision process is also introduced to this model. Furthermore, the permission of the user is obtained by the fuzzy inference of the satisfaction degree of the context condition, the level of trust of the user and the risk of the user’s role activate. At last, the architecture of model and the design of fuzzy inference machine are detailed presented.(2) An active access control model for ubiquitous computing is presented, which is established by introducing the space role, environment role and security level, to realize the user can active the different roles and use the different permissions under different security level. Moreover, an active access control mode is designed based on the trigger mechanism of ECA rules, That is, the model can initiative to adjust the access control level and security control strategy according to the changes in the context, to realize an adaptive control for resources.(3) An active fuzzy access control model for ubiquitous computing is presented. Firstly, the interval-valued fuzzy set theory and active database technology is introduced into access control rule model, and an active interval-valued fuzzy access control rule is presented to describe the active fuzzy security strategy of pervasive computing environment; secondly, an active fuzzy access control model based on active interval-valued fuzzy access control rule is presented; finally,the termination and confiluence analysis problems of active fuzzy access control rule set is presented.(4) A termination analysis method based on metgraph theory for active fuzzy access control rules set is presented. Firstly, the concept of termination is given; secondly, a termination analysis method based on fuzzy trigger metgraph is presented, and the theorem and algorithm are presented; Finally, the simulation results demonstrate that the accuracy and efficiency of the proposed method.(5) A confluence analysis method based on metgraph theory for active fuzzy access control rules set is presented. Firstly, the concept of confluence is given; secondly, a confluence analysis method based on fuzzy trigger metgraph is presented, and the theorem and algorithm are presented; lastly, an example show the specific analysis procedure.(6) A prototype system of smart access control is designed and implemented. System architecture is presented, fuzzy reasoning efficiency is proved. Firstly, the architecture design and authorization process of the SACS are given; and then, the details of realizing the access control module are explained; finally, we compare the efficiency of the prototype system to the termination analysis of the access control rules set.