Single Sign-On and Key Establishment for Ubiquitous Smart Environments

  • Yuen-Yan Chan
  • Sebastian Fleissner
  • Joseph K. Liu
  • Jin Li
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3983)


In a smart environment, users often need to access multiple service providers. Multiple authentications and key establishments are required as these resources may reside in different security domains. Therefore we are in quest of a solution that combines multiple logins and key exchanges into one single process. Motivated by this need, we propose a scheme for single sign-on and key establishment (SSOKE) for ubiquitous smart environments. We examine the computational model and design considerations for smart environments, and address them in our scheme construction. Security and privacy considerations of our proposal are also provided.


Ubiquitous Computing Secure Channel Smart Environment Security Domain Home Location Register 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    3GPP TS 33.102. 3G Security; Security Architecture (v6) (September 2005)Google Scholar
  2. 2.
    Bardram, J.: The trouble with login – on usability and computer security in ubiquitous computing. Personal and Ubiquitous Computing (July 2005)Google Scholar
  3. 3.
    Jeong, J., et al.: A study on the xml-based single sign-on system supporting mobile and ubiquitous service environments. In: International Conference on Embedded and Ubiquitous Computing, August 2004, pp. 903–913 (2004)Google Scholar
  4. 4.
    Miller, S., et al.: Kerberos authentication and authorization system. Technical report, Project Athena, Massachusetts Institute of Technology (1987)Google Scholar
  5. 5.
    Singh, S., et al.: Ubiquitous computing: connecting pervasive computing through semantic web. In: Information Systems and E-Business Management, Springer, Heidelberg (2005)Google Scholar
  6. 6.
    Walter, T., et al.: Security and trust issues in ubiquitous environments - the businessto- employee dimension. In: SAINT 2004 Workshops, pp. 696–701 (2004)Google Scholar
  7. 7.
    Burton Group. Burton group federated identity. Web Site (2005)Google Scholar
  8. 8.
    IETF RFC 1510. The Kerberos Network Authentication Service (v5) (September 1993)Google Scholar
  9. 9.
  10. 10.
    Jenkin, M., Dymond, P.: One-time pads for secure communication in ubiquitous computing. In: Proceedings of IASTED (2004)Google Scholar
  11. 11.
    RSA Security Ireland Limited. Secure business-to-business single sign-on (b2b sso) based on federated identity management. Technical report, RSA Security Inc. (2004)Google Scholar
  12. 12.
    Mao, W.: Mondern Cryptography: Theory and Practice, May 2004. Prentice-Hall PTR, Upper Saddle River (2004)Google Scholar
  13. 13.
    OASIS SSTC. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) (November 2002)Google Scholar
  14. 14.
    OASIS SSTC. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 (2005)Google Scholar
  15. 15.
    OATH. OATH Reference Architecture Version 1.0 (2005)Google Scholar
  16. 16.
    Liberty Alliance Project,
  17. 17.
    Stajano, F., Anderson, R.: The resurrecting duckling: Security issues for ad-hoc wireless networks. In: Security Protocols Workshop, pp. 172–194 (1999)Google Scholar
  18. 18.
    Stajano, F., Anderson, R.: The resurrecting duckling: security issues for ubiquitous computing. Computer 35(4), 22–26 (2002)CrossRefGoogle Scholar
  19. 19.
    Varshney, U.: Network access and security issues in ubiquitous computing. In: Workshop on Ubiquitous Computing Environment (October 2003)Google Scholar
  20. 20.
    Volkmer, M., Wallner, S.: A key establishment ip-core for ubiquitous computin. In: DEXA Workshops, pp. 241–245 (2005)Google Scholar
  21. 21.
    Weiser, M., Brown, J.S.: The coming age of calm technology. In: Beyond Calculation: The Next Firty Years of Computing, Copernicus, New York, pp. 75–85 (1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Yuen-Yan Chan
    • 1
  • Sebastian Fleissner
    • 1
  • Joseph K. Liu
    • 2
  • Jin Li
    • 1
    • 3
  1. 1.Department of Information EngineeringChinese University of Hong KongShatin, N.T., Hong Kong
  2. 2.Department of Computer ScienceUniversity of BristolBristolUK
  3. 3.School of Mathematics and Computational ScienceSun Yat-Sen UniversityGuangzhouP.R. China

Personalised recommendations