Skip to main content
Springer Nature Link
Log in

Scalability in a Secure Distributed Proof System

  • Conference paper
Pervasive Computing (Pervasive 2006)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3968))

Included in the following conference series:

  • 2255 Accesses

Abstract

A logic-based language is often adopted in systems for pervasive computing, because it provides a convenient way to define rules that change the behavior of the systems dynamically. Those systems might define rules that refer to the users’ context information to provide context-aware services. For example, a smart-home application could define rules referring to the location of a user to control the light of a house automatically. In general, the context information is maintained in different administrative domains, and it is, therefore, desirable to construct a proof in a distributed way while preserving each domain’s confidentiality policies. In this paper, we introduce such a system, a secure distributed proof system for context-sensitive authorization and show that our novel caching and revocation mechanism improves the performance of the system, which depends on public key cryptographic operations to protect confidential information in rules and facts. Our revocation mechanism maintains dependencies among facts and recursively revokes across multiple hosts all the cached facts that depend on a fact that has become invalid. Our initial experimental results show that our caching mechanism, which maintains both positive and negative facts, significantly reduces the latency for handling a logical query.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Al-Muhtadi, J., Ranganathan, A., Campbell, R., Mickunas, D.: Cerberus: a context-aware security scheme for smart spaces. In: Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, March 2003, pp. 489–496. IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  2. Bacon, J., Moody, K., Yao, W.: A model of OASIS role-based access control and its support for active security. In: Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies, vol. 5(4), pp. 492–540 (2002)

    Google Scholar 

  3. Bauer, L., Garriss, S., Reiter, M.K.: Distributed proving in access-control systems. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy, pp. 81–95. IEEE Computer Society Press, Washington, DC, USA (2005)

    Chapter  Google Scholar 

  4. Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)

    Google Scholar 

  5. Beresford, A.R., Stajano, F.: Location Privacy in Pervasive Computing. IEEE Pervasive Computing 2(1), 46–55 (2003), http://www.computer.org/pervasive/pc2003/b1046abs.htm

    Article  Google Scholar 

  6. Brezillon, P.: Context-based security policies: A new modeling approach. In: Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, March 2004, pp. 154–158. IEEE Computer Society, Los Alamitos (2004), http://csdl.computer.org/comp/proceedings/percomw/2004/2106/00/21060154abs.htm

  7. Chen, H., Finin, T., Joshi, A.: An Ontology for Context-Aware Pervasive Computing Environments. Special Issue on Ontologies for Distributed Systems, Knowledge Engineering Review 18(3), 197–207 (2004)

    Google Scholar 

  8. Covington, M.J., Long, W., Srinivasan, S., Dey, A.K., Ahamad, M., Abowd, G.D.: Securing context-aware applications using environment roles. In: Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies, pp. 10–20. ACM Press, New York (2001)

    Chapter  Google Scholar 

  9. Data Encryption Standard (DES) (October 1999), http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf

  10. Henricksen, K., Indulska, J.: A software engineering framework for context-aware pervasive computing. In: Proceedings of the Second IEEE International Conference on Pervasive Computing and Communications (PerCom 2004), pp. 77–86. IEEE Computer Society, Washington, DC, USA (2004)

    Google Scholar 

  11. Hulsebosch, R.J., Salden, A.H., Bargh, M.S., Ebben, P.W.G., Reitsma, J.: Context Sensitive Access Control. In: Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, Baltimore, MD, June 2005, pp. 111–119 (2005), http://doi.acm.org/10.1145/1063979.1064000

  12. National incident management system (March 2004), http://www.fema.gov/pdf/nims/nims_doc_full.pdf

  13. Katsiri, E., Mycroft, A.: Knowledge representation and scalable abstract reasoning for sentient computing using first-order logic. In: Proceedings of Challenges and Novel Applications for Automatic Reasoning (CADE-19), July 2003, pp. 73–87 (2003)

    Google Scholar 

  14. Krawczyk, H., Bellare, M., Canetti, R.: Hmac: Keyed-hashing for message authentication. Internet RFC 2693 (February 1997), http://www-cse.ucsd.edu/users/mihir/papers/rfc2104.txt

  15. Minami, K.: Secure context-sensitive authorization. Technical Report TR2006-571, Dept. of Computer Science, Dartmouth College (February 2006)

    Google Scholar 

  16. Minami, K., Kotz, D.: Secure context-sensitive authorization. In: Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications (PerCom), Kauai, Hawaii, March 2005, pp. 257–268 (2005), http://www.cs.dartmouth.edu/~dfk/papers/minami:csa.pdf

  17. Minami, K., Kotz, D.: Secure context-sensitive authorization. Journal of Pervasive and Mobile Computing 1(1), 123–156 (2005), http://www.cs.dartmouth.edu/~dfk/papers/minami:jcsa.pdf

    Article  Google Scholar 

  18. Myles, G., Friday, A., Davies, N.: Preserving privacy in environments with location-based applications. IEEE Pervasive Computing 2(1), 56–64 (2003)

    Article  Google Scholar 

  19. Ranganathan, A., Campbell, R.H.: An infrastructure for context-awareness based on first order logic. Personal Ubiquitous Computing 7(6), 353–364 (2003)

    Article  Google Scholar 

  20. RFC 1423 - Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers (February 1993), http://www.faqs.org/rfcs/rfc1423.html

  21. Rivest, R.L.: The MD5 message-digest algorithm (April 1992), http://www.ietf.org/rfc/rfc1321.txt

  22. Schilit, B.N., Adams, N., Want, R.: Context-aware computing applications. In: Proceedings of IEEE Workshop on Mobile Computing Systems and Applications, Santa Cruz, California, December 1994, pp. 85–90. IEEE Computer Society Press, Los Alamitos (1994), ftp://ftp.parc.xerox.com/pub/schilit/wmc-94-schilit.ps

    Google Scholar 

  23. Tanenbaum, A.S., van Renesse, R., van Staveren, H., Sharp, G.J., Mullender, S.J.: Experiences with the amoeba distributed operating system. Communications of the ACM 33(12), 46–63 (1990)

    Article  Google Scholar 

  24. Tripathi, A., Ahmed, T., Kulkarni, D., Kumar, R., Kashiramka, K.: Context-based secure resource access in pervasive computing environments. In: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, March 2004, pp. 159–163. IEEE Computer Society, Los Alamitos (2004), http://csdl.computer.org/comp/proceedings/percomw/2004/2106/00/21060159abs.htm

    Chapter  Google Scholar 

  25. Vaucher, J.: XProlog.java: the successor to Winikoff’s WProlog (February 2003), http://www.iro.umontreal.ca/~vaucher/XProlog/AA_README

  26. Zheng, P.: Tradeoffs in certificate revocation schemes. ACM SIGCOMM Computer Communication Review 33(2), 103–112 (2003)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Dartmouth College, Hanover, NH, 03755, USA

    Kazuhiro Minami & David Kotz

Authors
  1. Kazuhiro Minami
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Kotz
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Google, Inc., 720 4th Ave. #400, 98033, Kirkland, WA, USA

    Kenneth P. Fishkin

  2. Computer Science Department, TU Darmstadt, Germany

    Bernt Schiele

  3. System Research Group, School of Computer Science and Informatics, UCD, Dublin, Ireland

    Paddy Nixon

  4. Imaging, Visualisation & Graphics Lab, Systems Research Group, School of Computer Science & Informatics, University College Dublin, Dublin 4, Ireland

    Aaron Quigley

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Minami, K., Kotz, D. (2006). Scalability in a Secure Distributed Proof System. In: Fishkin, K.P., Schiele, B., Nixon, P., Quigley, A. (eds) Pervasive Computing. Pervasive 2006. Lecture Notes in Computer Science, vol 3968. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11748625_14

Download citation

  • DOI: https://doi.org/10.1007/11748625_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-33894-9

  • Online ISBN: 978-3-540-33895-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics