Miettinen, Markus ; Heuser, Stephan ; Kronz, Wiebke ; Sadeghi, Ahmad-Reza ; Asokan, N. (2014)
ConXsense – Context Profiling and Classification for Context-Aware Access Control (Best Paper Award).
Kyoto, Japan
doi: 10.1145/2590296.2590337
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
We present ConXsense, the first framework for context-aware access control on mobile devices based on context classification. Previous context-aware access control systems often require users to laboriously specify detailed policies or they rely on pre-defined policies not adequately reflecting the true preferences of users. We present the design and implementation of a context-aware framework that uses a probabilistic approach to overcome these deficiencies. The framework utilizes context sensing and machine learning to automatically classify contexts according to their security and privacy-related properties. We apply the framework to two important smartphone-related use cases: protection against device misuse using a dynamic device lock and protection against sensory malware. We ground our analysis on a sociological survey examining the perceptions and concerns of users related to contextual smartphone security and analyze the effectiveness of our approach with real-world context data. We also demonstrate the integration of our framework with the FlaskDroid architecture for fine-grained access control enforcement on the Android platform.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2014 |
| Autor(en): | Miettinen, Markus ; Heuser, Stephan ; Kronz, Wiebke ; Sadeghi, Ahmad-Reza ; Asokan, N. |
| Art des Eintrags: | Bibliographie |
| Titel: | ConXsense – Context Profiling and Classification for Context-Aware Access Control (Best Paper Award) |
| Sprache: | Deutsch |
| Publikationsjahr: | Juni 2014 |
| Buchtitel: | Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2014) |
| Veranstaltungsort: | Kyoto, Japan |
| DOI: | 10.1145/2590296.2590337 |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | We present ConXsense, the first framework for context-aware access control on mobile devices based on context classification. Previous context-aware access control systems often require users to laboriously specify detailed policies or they rely on pre-defined policies not adequately reflecting the true preferences of users. We present the design and implementation of a context-aware framework that uses a probabilistic approach to overcome these deficiencies. The framework utilizes context sensing and machine learning to automatically classify contexts according to their security and privacy-related properties. We apply the framework to two important smartphone-related use cases: protection against device misuse using a dynamic device lock and protection against sensory malware. We ground our analysis on a sociological survey examining the perceptions and concerns of users related to contextual smartphone security and analyze the effectiveness of our approach with real-world context data. We also demonstrate the integration of our framework with the FlaskDroid architecture for fine-grained access control enforcement on the Android platform. |
| Freie Schlagworte: | ICRI-SC;Mobile security; Context sensing; Privacy policies; Context-awareness |
| ID-Nummer: | TUD-CS-2014-0030 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt |
| Hinterlegungsdatum: | 04 Aug 2016 10:13 |
| Letzte Änderung: | 19 Jun 2018 08:57 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum