Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security in Pervasive Computing

SPC 2005: Security in Pervasive Computing pp 134–150Cite as

Supporting Dynamically Changing Authorizations in Pervasive Communication Systems

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3450))

Abstract

In pervasive computing environments, changes in context may trigger changes in an individual’s access permissions. We contend that existing access control frameworks do not provide the fine-grained revocation needed to enforce these changing authorizations. In this paper, we present an authorization framework, in the context of the Gaia OS for active spaces, which integrates context with authorization and provides fine-grained control over the enforcement of dynamically changing permissions using cryptographic mechanisms. Our design, implemented in middleware using distributed objects, addresses the limitations of traditional authorization frameworks and the specific access control needs of pervasive computing environments. As part of our proposed framework, we define cryptographic protocols that enforce access to the system’s communication channels and provide secure delivery of messages. We also provide a proof of correctness of key agreement and freshness using the standard BAN deduction system.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kohl, J., Neuman, B.C.: The Kerberos Network Authentication Service (Version 5). Internet Request for Comments RFC-1510 (1993)

    Google Scholar 

  2. Neuman, B.C., Ts’o, T.: Kerberos: An Authentication Service for Computer Networks. IEEE Communications 32, 33–38 (1994)

    Article  Google Scholar 

  3. Housely, R., Ford, W., Polk, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and CRL Profile. Internet Request for Comments RFC-2459 (1999)

    Google Scholar 

  4. Public key infrastructure study. National Institute of Standards and Technology (1994)

    Google Scholar 

  5. Creese, S., Goldsmith, M., Rosco, B., Zakiuddin, I.: Authentication for pervasive computing. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 116–129. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  6. Roman, M., Hess, C.K., Cerqueira, R., Ranganathan, A., Campbell, R.H., Nahrstedt, K.: Gaia: A middleware infrastructure to enable active spaces. IEEE Pervasive Computing, 74–83 (2002)

    Google Scholar 

  7. Ashley, P., Vandenwauver, M.: Practical Intranet Security: Overview of the State of the Art and Available Technologies. Kluwer Academic Publishers, Dordrecht (1999)

    Google Scholar 

  8. Blaze, M., Feigenbaum, J., Keromytis, A.D.: KeyNote: Trust management for public-key infrastructures. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, pp. 59–63. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  9. Rivest, R.L., Lampson, B.: SDSI – A simple distributed security infrastructure. Presented at CRYPTO 1996 Rumpsession (1996)

    Google Scholar 

  10. Pfitzmann, A., Köhntopp, M.: Anonymity, unobservability, and pseudonymity: A proposal for terminology (2000)

    Google Scholar 

  11. Vandenwauver, M., Govaerts, R., Vandewalle, J.: How role based access control is implemented in sesame. In: WETICE, pp. 293–298 (1997)

    Google Scholar 

  12. Hill, R., Al-Muhtadi, J., Campbell, R., Kapadia, A., Naldurg, P., Ranganathan, A.: A middleware architecture for securing ubiquitous computing cyber infrastructures. In: 5th ACM/IFIP/USENIX International Middleware Conference (2004)

    Google Scholar 

  13. Creese, S., Goldsmith, M., Roscoe, B., Zakiuddin, I.: Authentication for pervasive computing. In: Security in Pervasive Computing (2003)

    Google Scholar 

  14. Wullems, C., Looi, M., Clark, A.: Towards context- aware security: An authorization architecture for intranet environments. In: The proceedings of the Second IEEE Conference on Pervasive Computing and Communciations Worshops (2004)

    Google Scholar 

  15. Sampemane, G., Naldurg, P., Campbell, R.H.: Access control for active spaces. In: Annual Computer Security Applications Conference (2002)

    Google Scholar 

  16. Burrows, M., Abadi, M., Needham, R.: A logic of authentication. In: Proceedings of the twelfth ACM symposium on Operating systems principles, pp. 1–13. ACM Press, New York (1989)

    Chapter  Google Scholar 

  17. McGrew, D.A., Sherman, A.T.: Key establishment in large dynamic groups using one-way function trees. IEEE Transactions on Software Engineering 29, 444–458 (2003)

    Article  Google Scholar 

  18. Mittra, S.: Iolus: A framework for scalable secure multicasting. In: ACM SIGCOMM (1997)

    Google Scholar 

  19. Perrig, A.: Efficient collaborative key management protocols for secure autonomous group communication. In: International Workshop on Cryptographic Techniques and E-Commerce CrypTEC (1999)

    Google Scholar 

  20. Steiner, M., Tsudik, G., Waidner, M.: Cliques: A new approach to group key agreement. In: 18th International Conference on Distributed Computing Systems (ICDCS 1998), pp. 380–387 (1998)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Illinois at Urbana-Champaign, Urbana, IL, 61801, USA

    Adam J. Lee, Jodie P. Boyer, Chris Drexelius, Prasad Naldurg, Raquel L. Hill & Roy H. Campbell

Authors
  1. Adam J. Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jodie P. Boyer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chris Drexelius
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Prasad Naldurg
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Raquel L. Hill
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Roy H. Campbell
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. DFKI, Stuhlsatzenhausweg 3, D-66123, Saarbrücken, Germany

    Dieter Hutter

  2. Federal Office for Information Security (BSI), Godesberger Allee 185-189, 53175, Bonn, Germany

    Markus Ullmann

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lee, A.J., Boyer, J.P., Drexelius, C., Naldurg, P., Hill, R.L., Campbell, R.H. (2005). Supporting Dynamically Changing Authorizations in Pervasive Communication Systems. In: Hutter, D., Ullmann, M. (eds) Security in Pervasive Computing. SPC 2005. Lecture Notes in Computer Science, vol 3450. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-32004-3_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-32004-3_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25521-5

  • Online ISBN: 978-3-540-32004-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation