Dynamic access control policy based on RBAC for ubiquitous applications

As ubiquitous computing technology evolves, a user can access information anytime and anywhere via personal portable devices. Therefore, unlike traditional access control approaches, access control decisions should take into consideration the context information of the user such as location, time, and system resources. As a result, a fine-grained access control mechanism that dynamically changes the privileges of a user based on the context information is required in a ubiquitous environment. In this paper, we propose a dynamic access control policy based on the RBAC (D-RBAC), which dynamically grants and adapts permissions to the users. The D-RBAC provides high level of abstraction of the access control for the ubiquitous applications, by using concepts of simple and composite context information (i.e., situation information).