In ubiquitous environment, the connected devices can be aware the status of users and provide the information to users automatically in anytime, anywhere. However, it requires more security technologies to protect private information. In this paper, we propose it allows automatically a user be aware the information what he wants. The proposed mechanism defines extended Context Roles from current RBAC. It controls the accesses to privacy in ubiquitous environment. It employs Multi-Policy to constrain privacy and role-data objects. Hence, when there is an access to one of them, the mechanism refers to the current context and determines whether accept it or not. We also provide advanced security authorization and analysis of our model and show how we preserve safety properties in spite of dynamic changes to access control permissions.
展开▼