Skip to content
University of Maryland LibrariesDigital Repository at the University of Maryland
    • Login
    View Item 
    •   DRUM
    • Theses and Dissertations from UMD
    • UMD Theses and Dissertations
    • View Item
    •   DRUM
    • Theses and Dissertations from UMD
    • UMD Theses and Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Shrink-Wrapped Security: Tightly Coupling Situation and Security

    Thumbnail
    View/Open
    Williams_umd_0117E_15155.pdf (1.844Mb)
    No. of downloads: 126

    Date
    2014
    Author
    Williams, Gleneesha Myra Johnson
    Advisor
    Agrawala, Ashok
    Metadata
    Show full item record
    Abstract
    The mobile workforce, which consists of employees that do not have one fixed place of work and are linked to a corporate base using a mobile computing device, is expected to grow to 75% of the total United States workforce, or approximately 212.1 million people, by 2015. Advances in technology, such as the increasing abundance of portable computing devices and the prevalence of wireless broadband, combined with the fact that more companies are allowing employees to use their own devices to access the enterprise, create an environment in which these workers can access corporate resources anytime, anywhere, with a myriad of devices having varying configurations. Having ubiquitous access to resources has its benefits, like increased productivity, but also creates unique challenges to ensuring appropriate security. Traditional approaches to security are not suitable for this emerging computing environment, because they are based on assumptions that no longer hold, such as well-defined situations, consistent configurations, and static contexts. For this reason, these approaches typically base security decisions on statically assigned attributes like identity or role. In the highly dynamic computing environment of mobile workers, context-aware security, in which context is utilized to allow security to adapt to the current situation, is essential. This dissertation presents our efforts to address the mismatch between traditional, context-insensitive security and this emerging dynamic computing environment with a novel security paradigm, shrink-wrapped security. With shrink-wrapped security, as the situation changes, the security changes also, providing a tight coupling between a user's current situation and security. Contributions of this dissertation include the following: *A novel security paradigm, shrink-wrapped security, which involves utilizing context to tightly fuse a user's situation and security. *A usable definition of security-relevant context, along with goal oriented guidelines and a corresponding taxonomy to facilitate the systematic identification of contextual attributes that are most pertinent to a security service. These contributions deal with a key challenge of context-aware system development- identifying relevant context. *A context acquisition and management framework to facilitate the development and use of shrink-wrapped security services for the mobile workforce. The layered architecture of this framework supports secure context acquisition and utilization by security services and was designed with the resource constraints of mobile devices in mind. *An approach based on logic programming to practically incorporate the use of security-relevant context into the security policies that govern security services. This technique is aligned with the shrink-wrapped security concept of utilizing a comprehensive set of relevant context, while remaining practical and manageable by abstracting relevant contextual attributes to a security level associated with the objectives of a security service. *The implementation and evaluation of shrink-wrapped access control, which serves as a practical demonstration of the feasibility of shrink-wrapped security.
    URI
    http://hdl.handle.net/1903/15341
    Collections
    • Computer Science Theses and Dissertations
    • UMD Theses and Dissertations

    DRUM is brought to you by the University of Maryland Libraries
    University of Maryland, College Park, MD 20742-7011 (301)314-1328.
    Please send us your comments.
    Web Accessibility
     

     

    Browse

    All of DRUMCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    LoginRegister
    Pages
    About DRUMAbout Download Statistics

    DRUM is brought to you by the University of Maryland Libraries
    University of Maryland, College Park, MD 20742-7011 (301)314-1328.
    Please send us your comments.
    Web Accessibility