Skip to main content
SpringerLink
Log in

“Fair” Authentication in Pervasive Computing

  • Conference paper
Secure Mobile Ad-hoc Networks and Sensors (MADNES 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 4074))

Included in the following conference series:

Abstract

Authentication is traditionally required to be strong enough to distinguish legitimate entities from unauthorised entities, and always involves some form of proof of identity, directly or indirectly. Conventional storable or delegable authentication scenarios in the pervasive computing environment are often frustrated by the qualitative changes of pervasive computing when humans are admitted into the loop. In this paper, we present an alternative approach based upon involving human self-determination in security protocols. This targets the authentication problem in pervasive computing, particularly when communication occurs in mobile ad-hoc fashion. We propose the argument of “thinkable” authentication, which involves using two-level protocols with the consideration of minimising trustworthiness in both human and computer device domains, but without unnecessary entity identity authentication. Thus, self-determining knowledge of the human interactions in pervasive computing can be exploited in order to make improvements on current security mechanisms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, R.: Why Cryptosystems Fail. Communications of the ACM 37(11), 32–40 (1994)

    Article  Google Scholar 

  2. Arkko, J., Nikander, P.: Weak authentication: How to authenticate unknown principals without trusted parties. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2002. LNCS, vol. 2845, pp. 5–19. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  3. Asokan, N., Ginzboorg, P.: Key Agreement in Ad-hoc Networks. Computer Communication Review 23, 1627–1637 (2000)

    Article  Google Scholar 

  4. Balfanz, D., Smetters, D., Stewart, P., Wong, H.: Talking to Strangers: Authentication in ad-hoc Wireless Networks. In: Symposium on Nework and Distributed Systems Security (NDSS 2002) (February 2002)

    Google Scholar 

  5. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proc. IEEE Conference on Security and Privacy, Oakland, CA, pp. 164–173 (May 1996)

    Google Scholar 

  6. Burrows, M., Abadi, M., Needham, R.: A Logic of Authentication. ACM Transactions on Computer Systems 8(1), 18–36 (1990)

    Article  Google Scholar 

  7. Christianson, B., Harbison, W.S.: Why Isn’t Trust Transitive? In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 171–176. Springer, Heidelberg (1997)

    Google Scholar 

  8. Christianson, B., Malcolm, J.A.: Binding Bit Patterns to Real World Entities. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 105–113. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  9. Christianson, B.: Secure sessions from weak secrets. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2003. LNCS, vol. 3364, pp. 206–212. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  10. Creese, S., Goldsmith, M., Roscoe, B., Zakiuddin, I.: The Attacker in Ubiquitous Computing Environments: Formalising the Threat Model. In: Proc. of the 1st International Workshop on Formal Aspects in Security and Trust, pp. 83–97 (2003)

    Google Scholar 

  11. Creese, S., Goldsmith, M., Roscoe, B., Zakiuddin, I.: Authentication for pervasive computing. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 116–129. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  12. Ellison, C.M., Frantz, B., Lampson, B., Rivest, R., Thomas, B.M., Ylonen, T.: SPKI Certificate Theory. Internet rfc 2693 (October 1999)

    Google Scholar 

  13. Gehrmann, C., Mitchell, C.J., Nyberg, K.: Manual Authentication for Wireless Devices. Cryptobytes 7(1), 29–37 (2004)

    Google Scholar 

  14. Gong, L.: Cryptographic Protocols for Distributed Systems. Ph.D thesis, University of Cambridge (1990)

    Google Scholar 

  15. Hutter, D., Stephan, W., Ullmann, M.: Security and privacy in pervasive computing state of the art and future directions. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 285–289. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  16. Karger, P.A.: Improving Security and Performance for Capability Systems. Ph.D thesis, University of Cambridge (1988)

    Google Scholar 

  17. Langheinrich, M.: When Trust Does Not Compute – The Role of Trust in Ubiquitous computing. In: Workshop on Privacy at Ubicomp 2003 (October 2003)

    Google Scholar 

  18. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Florida (1997)

    MATH  Google Scholar 

  19. Miller, S.P., Neuman, B.C., Schiller, J.I., Saltzer, J.H.: Kerberos Authentication and Authorisation System. Project Athena Technical Plan, section e.2.1, M.I.T. (October 1988)

    Google Scholar 

  20. Mitchell, C.J., Pagliusi, P.S.: Is entity authentication necessary? In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2002. LNCS, vol. 2845, pp. 20–33. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  21. Mullender, S.J.: Principles of Distributed Operating System Design. Ph.D thesis, Vrije Universiteit te Amsterdam (1985)

    Google Scholar 

  22. Needham, R.M., Schroeder, M.D.: Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM 21(12), 993–999 (1978)

    Article  MATH  Google Scholar 

  23. Roe, M.: Cryptography and Evidence. Ph.D thesis, University of Cambridge (1997)

    Google Scholar 

  24. Seigneur, J.-M., Farrell, S., Jensen, C.D., Gray, E., Chen, Y.: End-to-end trust starts with recognition. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 130–142. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  25. Stajano, F.: Security for whom? In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds.) ISSS 2002. LNCS, vol. 2609, pp. 16–27. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  26. Stajano, F., Anderson, R.: The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks. In: Christianson, B., Crispo, B., Roe, M. (eds.) Proceedings of the 7th International Workshop Security Protocols. LNCS, vol. 1296, pp. 172–194 (1999)

    Google Scholar 

  27. Stajano, F., Anderson, R.: The Resurrecting Duckling: security issues for ubiquitous computing. IEEE Computer 35(4) (April 2002)

    Google Scholar 

  28. Turing, A.M.: Computing Machinery and Intelligence. MIND 49, 433–460 (1950)

    Article  MathSciNet  Google Scholar 

  29. von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: Using Hard AI Problems for Security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  30. von Ahn, L., Blum, M., Langford, J.: Telling Humans and Computers Apart Automatically. Communications of the ACM 47(2), 56–60 (2004)

    Article  Google Scholar 

  31. Weiser, M.: The Computer for the Twenty-First Century. Scientific American 265(3), 94–104 (1991)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, University of Hertfordshire, Hatfield, Herts, AL10 9AB, United Kingdom

    Jun Li & Bruce Christianson

  2. School of Computing Science, Middlesex University, The Burroughs, London, NW4 4BT, United Kingdom

    Martin Loomes

Authors
  1. Jun Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bruce Christianson
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Martin Loomes
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Florida State University, 32306, Tallahassee, FL, USA

    Mike Burmester

  2. University of South Alabama, Mobile, AL, USA

    Alec Yasinsac

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Li, J., Christianson, B., Loomes, M. (2006). “Fair” Authentication in Pervasive Computing. In: Burmester, M., Yasinsac, A. (eds) Secure Mobile Ad-hoc Networks and Sensors. MADNES 2005. Lecture Notes in Computer Science, vol 4074. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11801412_13

Download citation

  • DOI: https://doi.org/10.1007/11801412_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-36646-1

  • Online ISBN: 978-3-540-37863-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation