Abstract
Many pervasive and ubiquitous application scenarios consider the interaction of users with surrounding devices offering services anywhere and anytime as one of the main future challenges. However, before this vision becomes reality, many security issues have to be solved. More specifically, the problem of trustworthiness of unknown devices is one of the major obstacles hindering the acceptance of pervasive applications. This paper focuses on solutions for business-to-employee scenarios, a particular sub-domain of the ubiquitous computing paradigm in which valuable a priori trust information is available. Mechanisms and protocols are introduced to assess the trustworthiness of devices federated around a mobile user, and to allow for the delegation of authorizations between such devices. The first results of a prototype implementation are finally presented.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Bohn, J., Coroama, V., Langheinrich, M., Mattern, F., Rohs, M.: Disappearing Computers Everywhere - Living in a World of Smart Everyday Objects. In: Proc. of New Media, Technology and Everyday Life in Europe Conference, London (2003)
Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations, Technical Report 148, Department of Computer Science, University of Auckland (1996)
Ellison, C.M., Frantz, B., Lampson, B., Rivest, R., Thomas, B.M., Ylonen, T.: SPKI Certificate Theory RFC 2693, expired (1999)
JSR 82: Java APIs for Bluetooth, http://www.jcp.org/en/jsr/detail?id=82
JSR 177: Security and Trust Services API for J2ME, http://www.jcp.org/en/jsr/detail?id=177
Legion of the Bouncy Castle, Java Crypto APIs, http://www.bouncycastle.org/
Sander, T., Tschudin, C.: On software protection via function hiding. In: Proceedings of Workshop on Information Hiding, Portland, USA (1998)
Capability Card: An Attribute Certificate in XML, Expired Internet Draft draft-otani-ccard-00.txt, November 18 (1998)
Akenti: a security model and architecture to provide scalable security services in highly distributed network environments, http://www-itg.lbl.gov/Akenti/
Security Assertion Markup Language (SAML 1.0). OASIS standard, November 5 (2002), http://www.oasis-open.org/committees/security/
The Trusted Computing Platform Alliance. Building A Foundation of Trust in the PC. White paper (January 2000), http://www.trustedcomputing.org/
XML Encryption. W3C Recommendation, December 10 (2002), http://www.w3.org/Encryption/
XML Digital Signature. W3C Recommendation, February 12 (2002), http://www.w3.org/Signature/
eXtensible Access Control Markup Language (XACML 1.0). OASIS Standard , February 6 (2003), http://www.oasis-open.org/committees/xacml/
WiTness, Wireless Trust for Mobile Business, IST-2001-32275, http://www.wireless-trust.org
Loureiro, S., Bussard, L., Roudier, Y.: Extending Tamper-Proof Hardware Security to Untrusted Execution Environments. In: Proceedings of CARDIS 2002, San Jose, California, November 20-22 (2002)
GSM 11.11, Digital cellular telecommunications system (Phase 2+); Specification of the Subscriber Identity Module - Mobile Equipment (SIM - ME) interface (1999)
ICare, Trust Infrastructure over Internet and Mobile Networks, http://www.cert-i-care.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bussard, L., Roudier, Y., Kilian-Kehr, R., Crosta, S. (2003). Trust and Authorization in Pervasive B2E Scenarios. In: Boyd, C., Mao, W. (eds) Information Security. ISC 2003. Lecture Notes in Computer Science, vol 2851. Springer, Berlin, Heidelberg. https://doi.org/10.1007/10958513_23
Download citation
DOI: https://doi.org/10.1007/10958513_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20176-2
Online ISBN: 978-3-540-39981-0
eBook Packages: Springer Book Archive