Abstract
The security of ubiquitous computing can hardly be achieved by deploying security mechanisms at low level of communication infrastructure. Considering the mobility over heterogeneity of the ubiquitous computing and its federative fashion, our rationale study shows that security mechanism built in the form of agent-based architecture at the bottom of application level is the desirable solution. This paper systematically addresses this solution as follow: firstly a sketch of ubiquitous computing environment is proposed according to a realistic understanding of the technologies and their trends; secondly, the security implementations and implications are discussed; thirdly we extend and apply security reasoning logic on the agent-based solution for which a refined treatment to cryptographic operations is made to accurately associate the formal logic with its concrete instantiations of the protocols being made of the operations; finally we end with a conclusion summarizing our contributions, related work, current status and future research..
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Weiser, The Computer for the Twenty-First Century, Scientific American, September, 1992.
M. Satyanaryanan, Pervasive Computing: Vision and Challenges, IEEE Personal Communications, 2001.
T. Finin, Y. Labrou, and J. Mayfield, KQML as An Agent Communication Language, Software Agents, MIT, Press, Cambridge.
Q. He, K. Sycara, and Z. Su, Security Infrastructure for Software Agent Society, Trust and Deception in Virtual Societies, Edited by C. Castelfranchi and Y. Tan, Kluwer Academic Publishers, 2001.
Q. He, K. Sycara, and T. Finin, Personal Security Agent: KQML-Based PKI, ACM Conference on Autonomous Agents (Agents’98), 1998.
Q. He, K. Sycara, and Z. Su, A Solution to Open Standard of PKI, ACISP’98, Lecture Note in Computer Science, vol. 1438, 1998.
M. Schuba, and K. Wrona, Security for Mobile Commerce Applications, IEEE/WSES International Conference on Multimedia, Internet, and Video Technologies (MIV’ 01), Malta, September 2001
M. Jakobsson and S. Wetzel, Security Weaknesses in Bluetooth, CT-RSA 2001.
N. Borisov, I. Goldberg, D. Wagner, Intercepting Mobile Communications: The Insecurity of 802.11, 7th. International Conference on Mobile Computing and Networking (ACM, MobiCom), 2001.
J. Saltzer, D. Reed, and D. Clark. End-to-end arguments in system design. ACM Transactions on Computer Systems 2,4 (November 1984) pages 277–288. An earlier version appeared in the Second International Conference on Distributed Computing Systems (April, 1981) pages 509–512.
M. Burrows, M. Abadi, and R. Needham, A Logic of Authentication, ACM Transactions on Computer Systems. Vol. 8, No. 1 (Feb 1990), pp. 18–36
B. Lampson, M. Abadi, M. Burrows, and E. Wobber, Authentication in Distributed Systems: Theory and Practice, ACM Transactions on Computer Systems, Vol. 10, No. 4, November, 1992, pp256–310.
L. Gong, R. Needham, and R. Yahalom, Reasoning about Belief in Cryptographic Protocols, IEEE Symposium on Security and Privacy, Oakland, CA, May, 1990, pp. 234–248.
D. Dovev, C. Dwork, and M. Naor, Non-malleable Cryptography, 23nd Annual ACM Symposium on Theory of Computing, pp. 542–552, 1991.
S. Goldwasser and S. Micali, Probabilistic Encryption, Journal of Computer and System Sciences, April 1984, Vol. 28, pp270–299.
M. Bellare and P. Rogaway, Random Oracles and Practical: A Paradigm for Designing Efficient Protocols, 1st. ACM Conference on Computer and Communications Security, pp. 62–73, 1993.
M. Abadi and R. Needham, Prudent Engineering Practice for Cryptographic Protocols, Digital SRC (System Research Center) Research Report, June 1st. 1994.
F. Stajano and R. Andreson, The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks, Security Protocols, 7th. International Workshop Proceeding, Lecture Notes in Computer Science, 1999.
D. Clarke, J. Elen, C. Ellison, M. Fredette, A. Morcos, and R. Rivest, Certificate Chain Discovery in SPKI/SDSI, Journal of Computer Security, 2001.
Personal Security Agent: Design and Implementation, (Technical Document V. 1.0) Dept. of Electrical and Computer Engineering, Carnegie Mellon University, 2001.
DoD, Trusted Computer System Evaluation Criteria, DoD 5200.28-STD, 1985.
M. Abadi and P. Rogaway, Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption), IFIP International Conference on Theoretical Computer Science, Sendai, Japan, August 2000.
P. Syverson and C. Meadows, A Logical Language for Specifying Cryptographic Protocol Requirements, IEEE Computer Society Symposium on Research in Security and Privacy, 1993.
V. Gligor, R. Kailar, S. Stubblebine, and L. Gong, Logics for Cryptographic Protocols — Virtues and Limitations, IEEE Computer Security Foundations Workshop IV, Franconia, New Hampshire, June, 1991, pp.219–226
L. Gong, “Handling Infeasible Specifications of Cryptographic Protocols”, IEEE Computer Security Foundations Workshop IV, Franconia, New Hampshire, June, 1991, pp.99–102
R. Needham and M. Schroeder, Using Encryption for Authentication in Large Networks of Computers, Communications of the ACM, Vol. 21, No. 12, 1978, pp. 993–999.
CCITT Draft Recommendation X.500, The Directory-Authentication Framework, v.7, November 1987.
Q. He, M. Reiter, and P. Khosla, Quest for Personal Control over Mobile Location Privacy, submitted to ACM MobiCom 2002.
A. Menezes, B. Cheung, D. Hankerson, J. Hernandez and M. Kirkup, PGP in constrained wireless devices Proceedings of the 9th USENIX Security Symposium, 2000
D. Hankerson, J. Hernandez, and A. Menezes, Software implementation of elliptic curve cryptography over binary fields, Proceedings of CHES 2000, Lecture Notes in Computer Science, 1965 (2000), 1–24
N. Daswani, and D. Boneh, Experimenting with Electronic Commerce on the PalmPilot, Proceeding of Financial Cyrptography’99, Volume 1468 of Lecture Notes in Computer Science, Springer-Verlag, 1999, Pages 1–16.
N. Daswani, D. Boneh, and H. Garcia-Molina, et al, SWAPEROO: a simple wallet architecture for payments, exchanges, refunds, and other operations, Proceeding of the 3rd USENIX workshop on electronic commerce, 1998.
N. Modadugu, D. Boneh, and M. Kim, Generating RSA Key on a Handheld Using an Untrusted Server, Proceeding of the 2000 IEEE symposium on security and privacy, May 14–17, 2000, Oakland, California
E. Brewer, R. Katz, Y. Chawathe, et al. A Network Architecture for Heterogeneous Mobile Computing, IEEE Personal Communication, Oct. 1998.
White Paper of Sun Microsystems, Inc., Virtual Organizations, Pervasive Computing, and an Infrastructure for Networking at the Edge, 2001.
M. Burnside, D. Clarke, T. Mills, A. Maywah, S. Devadas, and R. Rivest, Proxy-Based Security Protocols in Networked Mobile Devices, ACM SAC 2002.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
He, Q., Khosla, P., Su, Z. (2003). A Practical Study on Security of Agent-Based Ubiquitous Computing. In: Falcone, R., Barber, S., Korba, L., Singh, M. (eds) Trust, Reputation, and Security: Theories and Practice. TRUST 2002. Lecture Notes in Computer Science, vol 2631. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36609-1_15
Download citation
DOI: https://doi.org/10.1007/3-540-36609-1_15
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00988-7
Online ISBN: 978-3-540-36609-6
eBook Packages: Springer Book Archive