Abstract

Traditional computer system depends on access policy and user's identities to grant or deny their access to resources. The basic assumption in this system is the entities had been known. It is unsuitable to use identity-based access control in ubiquitous computing environment where entities are not foreknown to each other. In this paper, we present a trust based access control model to secure ubiquitous computing application. The resource-constrained trust negotiation is addressed to establish initial trust for authenticating strangers. By the initial trust, each user is arranged a role subset, and context information dynamic decides which role is active