摘要 |
An authentication method fusing context role based access control and mandatory access control in a ubiquitous environment are provided to remove risk for leakage of privacy information by offering the privacy information based on a user level according to a user role and offer non-privacy information to users without restriction. An environment device collects location/context information of the user. The environment device separates the needed and unneeded information by filtering the collected information. The needed information is classified into the privacy information and the non-privacy information according to the role. If the user requests the privacy information, the privacy information is accessed according to a role based access control condition. If the user requests the non-privacy information, the non-privacy is provided to the user without the restriction. The information collected by the environment device includes date, time, an IP(Internet Protocol) address, location, action, and condition.
|