2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) (2017)
San Jose, CA, US
Oct 15, 2017 to Oct 17, 2017
Context-sensitive access control has been a research topic within mobile computing for more than a decade. Much of the work has focused on modeling context and representing policies. Choosing an appropriate policy for a user, however, remains a challenging goal. Creating usable mobile access control solutions have been researched from a users permission control perspective. We present a study carried out with subjects using their personal mobile devices that captures individualized policies through an iterative user feedback process. Policy precision, also referred to as "Violation Metric" (VM), was used to decide when all necessary policies had been captured. The feedback process used a hierarchical context ontology to represent user-context and gathered contextual-situations in which a policy would be applicable. The study also investigated the feasibility of using the VM measure to determine completion of the capture process for the users personalized access control policies, that handles their mobile privacy and security needs. Using an appropriate predefined policy is shown to have lesser user impact when trying to personalize access control policies for users.
authorisation, data privacy, ergonomics, mobile computing, ontologies (artificial intelligence)
P. K. Das, A. Joshi and T. Finin, "Personalizing Context-Aware Access Control on Mobile Platforms," 2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC), San Jose, CA, US, 2018, pp. 107-116.