Skip to main content
SpringerLink
Log in
Book cover

European Public Key Infrastructure Workshop

EuroPKI 2004: Public Key Infrastructure pp 246–259Cite as

ÆTHER: an Authorization Management Architecture for Ubiquitous Computing

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3093))

Abstract

The ubiquitous computing paradigm suggests that we are going to be surrounded by countless wireless devices capable of providing services transparently. By definition, the nature of ubiquitous computing environments is open and extremely dynamic, making difficult the establishment of predefined security relationships between all of the participating entities. Authentication mechanisms can be employed to establish the identity of a pervasive computing entity but they suffer from scalability problems and have limited value in defining authorization decisions among strangers. In this paper we propose ÆTHER, an authorization management architecture designed specifically to address trust establishment and access control in ubiquitous computing environments. Owners define attribute authority sets and access control policy entries that are embedded into their devices. Members of the attribute authority sets are trusted to issue credentials for the corresponding attributes that can then be used in order to gain access to protected resources. Our architecture supports dynamic membership in these sets facilitating distributed administration, which is required in the context of the volatile nature of ubiquitous security relationships, and attribute mapping to allow roaming among authority domains. Moreover, we present the foundation of a logic model for our proposed architecture that is used to prove access control decisions.

This work is sponsored by the Irish Research Council for Science, Engineering and Technology (IRCSET), under contract number RS/2002/599-2.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abadi, M., Burrows, M., Lampson, B., Plotkin, G.D.: A calculus for access control in distributed systems. ACM Trans. Programming Languages and Systems 15(4), 706–734 (1993)

    Article  Google Scholar 

  2. Argyroudis, P.G., Verma, R., Tewari, H.: O.Mahony, D.: Performance analysis of cryptographic protocols on handheld devices. Technical report TCD-CS-2003-46, University of Dublin, Trinity College (2003)

    Google Scholar 

  3. Balfanz, D., Dean, D., Spreitzer, M.: A security infrastructure for distributed java applica-tions. In: Proc. 2000 IEEE Symposium on Security and Privacy, pp. 15–26 (2000)

    Google Scholar 

  4. Balfanz, D., Smetters, D.K., Stewart, P., Wong, H.C.: Talking to strangers: authentication in ad hoc wireless networks. In: Proc. 9th Network and Distributed System Security Symposium (2002)

    Google Scholar 

  5. Blaze, M., Feigenbaum, J., Keromytis, A.D.: The KeyNote trust management system version 2. Internet Engineering Task Force RFC 2704 (1999)

    Google Scholar 

  6. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proc. 1996 IEEE Symposium on Security and Privacy, pp. 164–173 (1996)

    Google Scholar 

  7. Brumitt, B., Meyers, B., Krumm, J., Kern, A., Shafer, S.: EasyLiving: technologies for intelligent environments. In: Thomas, P., Gellersen, H.-W. (eds.) HUC 2000. LNCS, vol. 1927, pp. 12–29. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  8. Ellison, C., Frantz, B., Lampson, B., Rivest, R.L., Thomas, B., Ylonen, T.: SPKI certificate theory. Internet Engineering Task Force RFC 2693 (1999)

    Google Scholar 

  9. Herzberg, A., Mass, Y., Mihaeli, J., Naor, D., Ravid, Y.: Access control meets public key infrastructure, or: assigning roles to strangers. In: Proc. 2000 IEEE Symposium on Security and Privacy, pp. 2–14 (2000)

    Google Scholar 

  10. Linn, J., Nystrom, M.: Attribute certification: an enabling technology for delegation and role-based controls in distributed environments. In: Proc. 4th ACM Workshop on Role-Based Access Control, pp. 121–130 (1999)

    Google Scholar 

  11. Stajano, F.: The resurrecting duckling – what next? In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 204–214. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  12. Stajano, F., Anderson, R.: The resurrecting duckling: security issues in ad hoc wireless networks. In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M. (eds.) Security Protocols 1999. LNCS, vol. 1796, pp. 172–182. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  13. Want, R., Schilit, B.N., Adams, N.I., Gold, R., Petersen, K., Ellis, J.R., Goldberg, D., Weiser, M.: An overview of the PARCTAB ubiquitous computing experiment. IEEE Personal Communications 2(6), 28–33 (1995)

    Article  Google Scholar 

  14. Weiser, M.: The computer for the twenty-first century. Scientific American 265(3), 94–104 (1991)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Networks and Telecommunications Research Group, Department of Computer Science, University of Dublin, Trinity College, Ireland

    Patroklos G. Argyroudis & Donal O’Mahony

Authors
  1. Patroklos G. Argyroudis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Donal O’Mahony
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Technology Education and Digital Systems, University of Piraeus, 150 Androutsou St., GR-18532, Pireaus, Greece

    Sokratis K. Katsikas

  2. Department of Information and Communication Systems Engineering, University of the Aegean, Karlovassi, Samos, Greece

    Stefanos Gritzalis

  3. Department of Information and Communication Technologies, University of A Coruña, Spain

    Javier López

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Argyroudis, P.G., O’Mahony, D. (2004). ÆTHER: an Authorization Management Architecture for Ubiquitous Computing. In: Katsikas, S.K., Gritzalis, S., López, J. (eds) Public Key Infrastructure. EuroPKI 2004. Lecture Notes in Computer Science, vol 3093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25980-0_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-25980-0_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-22216-3

  • Online ISBN: 978-3-540-25980-0

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation