EH_GRBAC:A Knowledge-Based Access Control Prototype for Pervasive Computing
EH—GRBAC：遍在计算环境中基于知识的访问控制原型

In pervasive computing environment, users can access to various information, resources and services at anytime and anywhere, so access control has become an exigent security problem. In the traditional access control modes, the decisions of access control are entirely dependent on the results of authentication. The access control cannot provide the security-relevant fault-tolerant function. But in pervasive computing environment, because of the various reasons, security system can't assure the results of the authentication are absolutely correct. So we propose to use the knowledge-based access control, which can discovery some rules and knowledge from the previous process of access control and combine these rules with traditional access controls to perfect the security system. The essence of knowledge-based access control is to add some intelligent authentication function into the process of access control. In the paper, we expatiate the idea and principle of knowledge-based access control, as well as the advances of this method. Furthermore, we implement a prototype, called EH_GRBAC, which can discovery historical knowledge from the history of users' using resources to reinforce GRBAC. In the paper, we also explain the architecture and the details of EH_GRBAC.