Skip to Main content Skip to Navigation

Embedding security policies into pervasive computing systems

Abstract : When developing pervasive computing applications, it is critical to specify security policies and develop security mechanisms to ensure the confidentiality and integrity of the applications. Numerous policy specification languages only focus on their expressive power. The emerging challenges in pervasive computing systems can not be fulfilled by these approaches. For instance, context awareness is a central aspect of pervasive computing systems. Existing approaches rarely consider context information in their language.This thesis proposes a generative approach dedicated to specifying and enforcing security policies in pervasive computingapplications. To specify a policy, we propose a context-aware policy specification language which helps developers to specify policy rules and required entities (e.g. spatial description, roles, context information). Policies are implemented by term rewriting systems which offers great verification power. To enforce a policy, we propose an architecture that embeds important concepts of security policies (subject, object, security related context) into pervasive computing applications. To apply our approach, we enriched an existing approach which is dedicated to develop pervasive computing applications. Based on the policy specification and the enriched pervasive computing application descriptions, a dedicated programming framework is generated. This framework guides the implementation and raises the level of abstraction which can reduce the workloads of developers.
Document type :
Complete list of metadata

Cited literature [97 references]  Display  Hide  Download
Contributor : ABES STAR :  Contact
Submitted on : Tuesday, March 12, 2013 - 9:13:12 AM
Last modification on : Saturday, June 25, 2022 - 10:33:32 AM
Long-term archiving on: : Monday, June 17, 2013 - 11:47:42 AM


Version validated by the jury (STAR)


  • HAL Id : tel-00799284, version 1



Pengfei Liu. Embedding security policies into pervasive computing systems. Other [cs.OH]. Université Sciences et Technologies - Bordeaux I, 2013. English. ⟨NNT : 2013BOR14735⟩. ⟨tel-00799284⟩



Record views


Files downloads