A context-aware system to secure enterprise content: Incorporating reliability specifiers

The sensors of a context-aware system extract contextual information from the environment and relay that information to higher-level processes of the system so to influence the system's control decisions. However, an adversary can maliciously influence such controls indirectly by manipulating the environment in which the sensors are monitoring, thereby granting privileges the adversary would otherwise not normally have. To address such context monitoring issues, we extend CASSEC by incorporating sentience-like constructs, which enable the emulation of “confidence”, into our proximity-based access control model to grant the system the ability to make more inferable decisions based on the degree of reliability of extracted contextual information. In CASSEC 2.0, we evaluate our confidence constructs by implementing two new authentication mechanisms. Co-proximity authentication employs our time-based challenge-response protocol, which leverages Bluetooth Low Energy beacons as its underlying occupancy detection technology. Biometric authentication relies on the accelerometer and fingerprint sensors to measure behavioral and physiological user features to prevent unauthorized users from using an authorized user's device. We provide a feasibility study demonstrating how confidence constructs can improve the decision engine of context-aware access control systems.