Delegation languages for access control on mobile devices
|
Supervisor |
|
|
Suitable for |
Abstract
Pre-requisite: the course on Computer Security. Ideally, you will also make a link to some other course that you have studied as part of the taught part of the degree.In addition you should have good programming skills, and preferably some experience of web-based applications.
1. Delegation languages for access control on mobile devices
The current state-of-the-art in access control policies on mobile devices is XACML, a XML-based policy rule language. However, this language is verbose and difficult to use. It is also difficult to express the concept of delegation: how Alice can say "I'd like Bob to make these decisions for me". There are many scenarios where delegation is useful, policy decisions are too time consuming and complicated for most people, and a company such as an anti-virus vendor might offer this as a service. Device manufacturers may want to delegate limited permissions to the end user, while still retaining control of some aspects of a device for themselves. Furthermore, a low-power mobile device might delegate access control decisions to a cloud-based third party.
This project would have a student investigating how to adapt an existing mobile system - project webinos - to use concepts of delegation. The student might use concepts from SecPAL, or investigate the use of XACML 3.0. The desired outputs would be a demonstration that delegation was a more succinct way of expressing certain policies than XACML, and that the delegation policies are equivalent to their more verbose counterparts. This project may involve creating a simple web-based application as an example, or running field trials.
webinos is a large European project featuring organisations such as Samsung, Sony Ericsson, Fraunhofer FOKUS, Deutsche Telekom and the W3C. It aims to create a cross-platform mobile application platform based on web standards. More details on webinos are available at http://webinos.org/