Continuous authorization in subject-driven data sharing using wearable devices

Mohammad Jabed Morshed Chowdhury, Alan Colman, Ashad Kabir, Jun Han, Paul Sarda

Research output: Book chapter/Published conference paperConference paperpeer-review

1 Citation (Scopus)


Sharing personal data with other people or organizations over the web has become a common phenomena of our modern life. This type of sharing is usually managed by access control mechanisms that include access control model and policies. However, these models are designed from the organizational perspective and do not provide sufficient flexibility and control to the individuals. Therefore, individuals often cannot control sharing of their personal data based on their personal context. In addition, the existing context-aware access control models usually check contextual condition once at the beginning of the access and do not evaluate the context during an on-going access. Moreover, individuals do not have control to define how often they want to evaluate the context condition for an ongoing access. Wearable devices such as Fitbit and Apple Smart Watch have recently become increasingly popular. This has made it possible to gather an individual's real-time contextual information (e.g., location, blood-pressure etc.) which can be used to enforce continuous authorization to the individual's data resources. In this paper, we introduce a novel data sharing policy model for continuous authorization in subject-driven data sharing. A software prototype has been implemented employing a wearable device to demonstrate continuous authorization. Our continuous authorization framework provides more control to the individuals by enabling revocation of on-going access to shared data if the specified context condition becomes invalid.
Original languageEnglish
Title of host publicationProceedings of 2019 18th IEEE international conference on trust, security and privacy in computing and communications/13th IEEE international conference on big data science and engineering
Place of PublicationNew Jersey, USA
PublisherIEEE Computer Society
Number of pages7
ISBN (Electronic)9781728127774
ISBN (Print)9781728127781 (print on demand)
Publication statusPublished - 31 Oct 2019
EventThe 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications: IEEE TrustCom 2019 - Novotel Lakeside Rotorua, Rotorua, New Zealand
Duration: 05 Aug 201908 Aug 2019 (Proceedings) (program) (call for papers)


ConferenceThe 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Country/TerritoryNew Zealand
Internet address


Dive into the research topics of 'Continuous authorization in subject-driven data sharing using wearable devices'. Together they form a unique fingerprint.

Cite this