Context-aware access control model for Smart-M3 platform

One of the main security problems of Smart-M3 platform is a lack of dynamic security management support. In particular, a new access control model for resource sharing is needed. The access control model should describe the current situation via a context. The paper proposes a model of the context-based access control for the information shared in a smart space based on the Smart-M3 platform. Micro virtualization mechanisms represented by virtual private smart spaces are the basis for the model, which is built on the combination of the role-based and attribute-based access control models. Roles are assigned dynamically based on the smart space participant's trust level. The role separation allows simplifying policies and makes them human-readable and easy to configure. The trust level calculation is based on the participant's context, which includes identification attributes; location; current date; device type, etc. Also, three kinds of security policy rules have been proposed. These rules are used to calculate the trust level, to assign roles based on the trust level, and to grant permissions to the smart space resources.