No Purpose – No Data:No Purpose – No Data:Goal-Oriented Access Control for Goal-Oriented Access Control for

Ambient Assisted LivingAmbient Assisted Living

Università delgi Studi di Trento

Fabio Massacci, Viet Hung Nguyen, Ayda Saidane

This work is partial supported by EU committee with grant of

PrimeLife/IFIP 2009 Summer School, 7th – 11th Sep, 2009, Nice, France

Università degli Studi di TrentoGlanceGlance

• Ambient Assisted Living (AAL)• Demo• Goal-oriented Role Based Access Control• Summary

04/10/23 2Goal Oriented RBAC

Università degli Studi di TrentoAmbient Assisted Living (AAL)Ambient Assisted Living (AAL)

• AAL is a home environment enhanced with embedded technologies– Cameras– Oximeter– Smart T-shirt– …

304/10/23 Goal Oriented RBAC

Università degli Studi di TrentoConcrete scenarioConcrete scenario

• We do not want our medical data out unless it serves some purposes: privacy requirement

• We want to be monitored even if one of monitor devices fails: dependability requirement

404/10/23 Goal Oriented RBAC

MERC

Università degli Studi di TrentoSmart-Home prototypeSmart-Home prototype

504/10/23 Goal Oriented RBAC

Università degli Studi di TrentoVideo demoVideo demo

604/10/23 Goal Oriented RBAC

Università degli Studi di TrentoOrganizational ModelOrganizational Model

• Organizational Model– Goals, Actors

704/10/23

Handleemergency

Detect emergency

Response toemergency

Collect sensor data

Detect emergency from sensor data

Smart Home

Sensor Manager

Camera Handler

Goal Oriented RBAC

Università degli Studi di TrentoOrganizational ModelOrganizational Model

• Organizational Model– Goals, Actors, Goals-to-Actors assignment

804/10/23

Handleemergency

Detect emergency

Response toemergency

Collect sensor data

Detect emergency from sensor data

Smart Home

Sensor Manager

Camera Handler

Goal Oriented RBAC

Università degli Studi di TrentoOrganizational ModelOrganizational Model

• Organizational Model– Goals, Actors, Goals-to-Actors assignment

904/10/23

Smart Home

Sensor Manager

Camera Handler

Handleemergency

Detect emergency

Response toemergency

Collect sensor data

Detect emergency from sensor data

Oximeter Handler

Goal Oriented RBAC

Università degli Studi di TrentoGoal-Oriented Role-Based Access ControlGoal-Oriented Role-Based Access Control

• Organizational model– Privacy goals

• E.g., MERC wants to check out medical data for monitoring purpose

– Critical goals• E.g., Access monitor devices’ data in an emergency

– Normal goals

• Access control strategies– Privacy setting

• Privacy resources are accessed by authorized agents if and only if it is needed

– Dependability setting• The derived permissions of all sub goals’ resources are

released once the user is authorized to fulfill the top goal

– Normal setting

1004/10/23 Goal Oriented RBAC

Università degli Studi di TrentoGoRBAC ArchitectureGoRBAC Architecture

1104/10/23 Goal Oriented RBAC

Università degli Studi di TrentoPrototype ArchitecturePrototype Architecture

1204/10/23 Goal Oriented RBAC

Università degli Studi di TrentoSummarySummary

• AAL security challenges– Privacy requirement– Dependability requirement

• GoRBAC for AAL applications– Privacy strategy– Dependability strategy– Normal strategy

• Smart-Home prototypehttp://www.disi.unitn.it/~massacci/Download/SERENITY-MPEG.mpg

1304/10/23 Goal Oriented RBAC

Università degli Studi di TrentoThank youThank you

1404/10/23 Goal Oriented RBAC

QUESTIONS ?QUESTIONS ?