TrustAC: Trust-Based Access Control for Pervasive Devices ⋆ Florina Almen´arez, Andr´ es Mar´ ın, Celeste Campo, Carlos Garc´ ıa R. {florina, amarin, celeste, cgr}@it.uc3m.es Dept. Telematic Engineering, Carlos III University of Madrid Avda. Universidad 30, 28911 Legan´ es (Madrid), Spain http://www.it.uc3m.es/pervasive Abstract. Alice first meets Bob in an entertainment shop, then, they wish to share multimedia content, but Do they know what are trustwor- thy users? How do they share such information in a secure way? How do they establish the permissions? Pervasive computing environments ori- ginate this kind of scenario, users with their personal devices interacting without need of wires, by forming ad-hoc networks. Such devices conside- red pervasive are having increasingly faster processors, larger memories and wider communication capabilities, which allows certain autonomy for collaborating and sharing resources. So, they require a suitable access control in order to avoid unauthorised access, or disclosure/modification of relevant information; in general, to protect the data that are usually confidential and the resources. This paper presents a distributed solution for access control, making use of the autonomy and cooperation capabi- lity of the devices, since in open dynamic environments is very difficult to depend on central server. The access control is based on a pervasive trust management model from which trust degrees are dynamically ob- tained. We present the TrustAC reference and functional model, as well as a prototype implementation using XACML-compliant policies. 1 Introduction Pervasive devices provide a user with the ability for receiving and gathering information from anywhere, at anytime. They interact with other surrounding devices offering services or sharing resources, that is, peer-to-peer applications, for instance, a user with its personal digital agenda (PDA) arrives to the air- port, the PDA interacts with information points, hotspots, automatic check-in machine, etc., but How do we know that the available services are authentic? How do we authorise the access to the services? How do we protect our device from malicious users? Nowadays, pervasive devices can act as secure client, but they cannot act as secure peers; therefore, they require a flexible mechanism for access control to the services, so that the resources are protected. Theft or loss of data stored on personal devices is the most significant threat. The access ⋆ Thanks to UBISEC (IST STREP 506926) and EVERYWARE (MCyT N o 2003- 08995-C02-01) projects.