With the integration of connected devices, artificial intelligence, and heterogeneous networks in IoT-driven cyber-physical systems, our society is evolving as a smart, automated, and connected community. In such dynamic and distributed environments, various operations are carried out considering different contextual factors to support the automation of collaborative devices and systems. These devices often perform long-lived operations or tasks (referred to as activities) to fulfill larger goals in the collaborative environment. These activities are usually mutable (change states) and interdependent. They can influence the execution of other activities in the ecosystem, requiring active and real-time monitoring of the entire connected environment. Recently, a vision for activity-centric access control(ACAC) was proposed to enable security modeling and enforcement from the perspective and abstraction of interdependent activities. The proposed ACAC incorporates four decision parameters: Authorizations(A), oBligations(B), Conditions(C), and activity Dependencies(D) for an object agnostic access control in smart systems. In this paper, we take a step further towards maturing ACAC by focusing on activity dependencies(D) and developing a family of formal mathematically grounded models, referred to as ACAC_D. These formal models consider the real-time mutability of activities in resolving active dependencies among various activities in the ecosystem. Activity dependencies can form a chain where it is possible to have dependencies of dependencies. In ACAC, we also consider the chain of dependencies while handling the mutability of an activity. We highlight the challenges while dealing with chain of dependencies, and provide solutions to resolve these challenges. We also present a proof of concept implementation of with performance analysis for a smart farming use case.

翻译：随着物联网驱动的信息物理系统中互联设备、人工智能及异构网络的深度融合，人类社会正演变为智能化、自动化与互联化的社区。在此类动态分布式环境中，需考量多维情境要素以支持协作设备与系统的自动化运作。这类设备常执行长期性操作任务（称为"活动"）以实现协作环境中的宏观目标。这些活动具有可突变性（状态变更）与相互依赖性，既能影响生态系统中其他活动的执行进程，又要求对整个互联环境实施主动实时监控。近期提出的以活动为中心的访问控制（ACAC）概念，从相互依赖活动的视角与抽象层面实现了安全建模与执行。该模型整合了四类决策参数：授权（A）、义务（B）、条件（C）及活动依赖（D），旨在实现智慧系统中的对象无关型访问控制。本文通过聚焦活动依赖（D）要素，推动ACAC模型的成熟化发展，构建了名为ACAC_D的形式化数学基元模型族。该形式化模型在处理生态系统中多活动间的实时依赖解析时，充分考虑了活动的实时可变性。活动依赖可形成链式结构，即存在依赖关系的嵌套依赖。在ACAC框架中，我们处理活动可变性时同步考虑依赖链效应。我们揭示了处理依赖链面临的挑战，并提出了相应解决方案。最后，基于智慧农业应用场景完成了概念验证实现与性能分析。