Access control to sensitive resources in pervasive computing needs to
take uncertainty into account.  Previous research has developed
uncertainty-aware access-control models for environments that are
managed by a centralized administrator.  We demonstrate that
environments managed in a distributed way require a more powerful
model.  Furthermore, we point out additional challenges that need to
be considered when deploying uncertainty-aware access control, namely,
identifying and authenticating both people and their intended actions,
associating uncertainty with time, providing monotonicity, and
defending against Sybil attacks.  We present an access-control model
that addresses these challenges and discuss a sample implementation.