Situation-based policy enforcement

Thomas Buntrock, Hans Christian Esperer, Claudia Eckert

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


Current operating systems enforce access control policies based on completely static rules, a method originating from a time where computers were expensive and had to serve several users simultaneously. Today, as computers are cheap, a trend to mobile workstations can be realized, where a single device is used to perform a dedicated task under unpredictable, changing conditions. However, the static access rules still remain, while their use in mobile environments is limited, because in changing environments, access rights must constantly be adjusted to guarantee data integrity in all situations. With dynamically adjusting rules, in turn, it is not sufficient anymore to check access to data only once; instead, access rights must be revalidated every time data is actually accessed, even if part of that data is cached by an application. In this paper, we present a method to dynamically and retrospectively enforce access control policies based on the context a device is operating in, while tracing data beyond disk accesses.

Original languageEnglish
Title of host publicationTrust, Privacy and Security in Digital Business - 4th International Conference, TrustBus 2007, Proceedings
PublisherSpringer Verlag
Number of pages11
ISBN (Print)9783540744085
StatePublished - 2007
Externally publishedYes
Event4th International Conference on Trust, Privacy and Security in Digital Business, TrustBus 2007 - Regensburg, Germany
Duration: 4 Sep 20076 Sep 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4657 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference4th International Conference on Trust, Privacy and Security in Digital Business, TrustBus 2007


Dive into the research topics of 'Situation-based policy enforcement'. Together they form a unique fingerprint.

Cite this