In pervasive computing environments, changes in context may trigger changes in an individual’s access permissions. We contend that existing access control frameworks do not provide the ﬁne-grained revocation needed to enforce these changing authorizations. In this paper, we present an authorization framework, in the context of the Gaia OS for active spaces, which integrates context with authorization and provides ﬁne-grained control over the enforcement of dynamically changing permissions using cryptographic mechanisms. Our design, implemented in middleware, addresses the limitations of traditional authorization frameworks and the speciﬁc access control needs of pervasive computing environments. As part of our proposed framework, we deﬁne cryptographic protocols that enforce access to the system’s communication channels and provide secure delivery of messages. We also provide a proof of correctness of key agreement and freshness using the standard BAN deduction system.