--
Access Control for Active Spaces
-- Geetanjali Sampemane, Prasad Naldurg, Roy H. Campbell
To appear in ACSAC2002, Dec 2002, Las Vegas

Summary: Active Spaces are programmable, interactive physical spaces
which contain lots of heterogeneous computing and communication devices.
For such spaces to be shared securely between a variety of users and
applications, access control mechanisms are required.  However, the
nature of Active Spaces, and the applications that they are typically
used for, make the design of access control mechanisms more challenging
than for conventional distributed systems.  The paper presents an access
control architecture that takes into account physical access as well as
virtual access, and dynamically creates access lists for the
resources in the space based on the current users in the space and the
current space activity.

Comments from the discussion:

Delegation was felt to be important for real-world applications (e.g. TA
taking the class for a professor).  

The concept of sessions and how they are started was not clear.  Mapping
from application roles to space roles was not clearly understood.  How
are sessions affected by users arriving/leaving the space?

Questions were raised about extending this scheme to multiple spaces,
how remote users in the space would be handled.

Question on how mutliple supervisor sessions could work, whether they
would be allowed at once.

The use of "context" (a fuzzy notion) in access control makes it
important to have some reliable feedback for users in the space as to
what aspects of context are being used.  

Are there mechanisms to prevent "personal devices" from being obnoxious?  

--