Skip to main content
Springer Nature Link
Log in

Security Issues in Ubiquitous Computing*

  • Chapter
Handbook of Ambient Intelligence and Smart Environments

  • 3186 Accesses

Abstract

The manifesto of ubiquitous computing is traditionally considered to be the justly famous 1991 visionary article written for Scientific American by the late Mark Weiser of Xerox PARC [64]. But the true birth date of this revolution, perhaps hard to pinpoint precisely, precedes that publication by at least a few years: Weiser himself first spoke of “ubiquitous computing” around 1988 and other researchers around the world had also been focusing their efforts in that direction during the late Eighties. Indeed, one of the images in Weiser’s article depicts an Active Badge, an infrared-emitting tag worn by research scientists to locate their colleagues when they were not in their office (in the days before mobile phones were commonplace) and to enable audio and video phone call rerouting and other follow-me applications.

*Revision 86 of 2009-01-29 18:00:05 +0000 (Thu, 29 Jan 2009).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Acquisti A (2004) Privacy in electronic commerce and the economics of immediate gratification. In: Proceedings of the ACM Electronic Commerce Conference (ACM EC), ACM, URL http://www.heinz.cmu.edu/~acquisti/papers/privacy-gratification.pdf

  2. Albrecht K, McIntyre L (2005) Spychips: How Major Corporations and Government Plan to Track Your Every Move with RFID. Thomas Nelson

    Google Scholar 

  3. Amoroso E (1994) Fundamentals of Computer Security Technology. Prentice Hall

    Google Scholar 

  4. Anderson R (2008) Security Engineering (Second Edition). Wiley

    Google Scholar 

  5. Ark WS, Selker T (1999) A look at human interaction with pervasive computers. IBM Syst J 38(4):504–507

    Article  Google Scholar 

  6. Balfanz, Smetters, Stewart, and Wong Balfanz D, Smetters DK, Stewart P, Wong HC (2002) Talking to strangers: Authentication in ad-hoc wireless networks. In: Proceedings of Network and Distributed System Security Symposium (NDSS 2002), The Internet Society, URL http://www.isoc.org/isoc/conferences/ndss/02/papers/balfan.pdf

  7. BBC (2007) Thousands of driver details lost. URL http://news.bbc.co.uk/1/hi/northern_ireland/7138408.stm

  8. Beresford A, Stajano F (2003) Location privacy in pervasive computing. IEEE Pervasive Computing 2(1):46–55, URL http://www.cl.cam.ac.uk/∼fms27/papers/2003-BeresfordSta-location.pdf

    Article  Google Scholar 

  9. Bono SC, Green M, Stubblefield A, Juels A, Rubin AD, Szydlo M (2005) Security analysis of a cryptographically-enabled rfid device. In: McDaniel P (ed) Proceedings of the 14th USENIX Security Symposium, USENIX Association, pp 1–16, URL http://www.usenix.org/events/sec05/tech/bono/bono.pdf

  10. Borisov N, Goldberg I, Wagner D (2001) Intercepting mobile communications: the insecurity of 802.11. In: MobiCom ’01: Proceedings of the 7th annual international conference on Mobile computing and networking, ACM, New York, NY, USA, pp 180–189, DOI http://doi.acm.org/10.1145/381677.381695

  11. Brands S, Chaum D (1993) Distance-bounding protocols (extended abstract). In: Helleseth T (ed) Advances in Cryptology—EUROCRYPT 93, Springer-Verlag, 1994, Lecture Notes in Computer Science, vol 765, pp 344–359

    Google Scholar 

  12. Bunyan T (2008) The shape of things to come. Tech. rep., Statewatch, URL http://www.statewatch.org/analyses/the-shape-of-things-to-come.pdf

  13. Chaum DL (1981) Untraceable electronic mail, return addresses, and digital pseudonyms. Commun ACM 24(2):84–88, DOI http://doi.acm.org/10.1145/358549.358563

    Article  Google Scholar 

  14. Collins T (2007) Loss of 1.3 million sensitive medical files in the us. URL http://www.computerweekly.com/blogs/tony_collins/2007/07/loss-of-13-million-sensitive-m.html

  15. Corner MD, Noble BD (2002) Zero-interaction authentication. In: MobiCom ’02: Proceedings of the 8th annual international conference on Mobile computing and networking, ACM, New York, NY, USA, pp 1–11, DOI http://doi.acm.org/10.1145/570645.570647, URL http://www.sigmobile.org/awards/mobicom2002-student.pdf

  16. Cranor LF, Garfinkel S (2005) Security and Usability: Designing Secure Systems that People Can Use. O’Reilly

    Google Scholar 

  17. Cvrcek D, Matyas V, Kumpost M, Danezis G (2006) A study on the value of location privacy. In: Proc. Fifth ACM Workshop on Privacy in the Electronic Society (WPES), ACM, pp 109–118, URL http://www.fi.muni.cz/usr/matyas/PriceOfLocationPrivacy_proceedings.pdf

  18. Danezis G, Lewis S, Anderson R (2005) How much is location privacy worth? In: Proceedings of Workshop on Economics of Information Security (WEIS), URL http://infosecon.net/workshop/pdf/location-privacy.pdf

  19. Daugman J (2004) How iris recognition works. IEEE Transactions on Circuits and Systems for Video Technology 14(1), URL http://www.cl.cam.ac.uk/users/jgd1000/csvt.pdf

  20. Ducatel K, Bogdanowicz M, Scapolo F, Leijten J, Burgelman JC (2001) Scenarios for ambient intelligence in 2010. Tech. rep., European Commission, Information Society Directorate-General, URL ftp://ftp.cordis.europa.eu/pub/ist/docs/istagscenarios2010.pdf

  21. Future Group (2007) Public security, privacy and technology in europe: Moving forward. Tech. rep., European Commission Informal High Level Advisory Group on the Future of European Home Affairs Policy, URL http://www.statewatch.org/news/2008/jul/eu-futures-dec-sec-privacy-2007.pdf

  22. Garcia FD, de Koning Gans G, Ruben Muijrers PvR, Verdult R, Schreur RW, Jacobs B (2008) Dismantling mifare classic. In: Jajodia S, Lopez J (eds) 13th European Symposium on Research in Computer Security (ESORICS 2008), Springer, Lecture Notes in Computer Science, vol 5283, pp 97–114

    Google Scholar 

  23. Garfinkel S, Rosenberg B (eds) (2005) RFID : Applications, Security, and Privacy. Addison-Wesley

    Google Scholar 

  24. Gassend B, Clarke D, van Dijk M, Devadas S (2002) Controlled physical random functions. In: ACSAC ’s02: Proceedings of the 18th Annual Computer Security Applications Conference, IEEE Computer Society, Washington, DC, USA, p 149

    Chapter  Google Scholar 

  25. Gemmell J, Bell G, Lueder R, Drucker S, Wong C (2002) Mylifebits: fulfilling the memex vision. In: MULTIMEDIA ’s02: Proceedings of the tenth ACM international conference on Multimedia, ACM, New York, NY, USA, pp 235–238, DOI http://doi.acm.org/10.1145/641007.641053

    Chapter  Google Scholar 

  26. Gemmell J, Williams L, Wood K, Lueder R, Bell G (2004) Passive capture and ensuing issues for a personal lifetime store. In: CARPE’s04: Proceedings of the the 1st ACM workshop on Continuous archival and retrieval of personal experiences, ACM, New York, NY, USA, pp 48–55, DOI http://doi.acm.org/10.1145/1026653.1026660

    Chapter  Google Scholar 

  27. Gruteser M, Grunwald D (2003) Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of MobiSys 2003, The Usenix Association, San Francisco, CA, USA, pp 31–42, URL http://www.winlab.rutgers.edu/gruteser/papers/gruteser_anonymous_lbs.pdf

  28. Hancke G (2005) A practical relay attack on iso 14443 proximity cards. URL http://www.cl.cam.ac.uk/∼gh275/relay.pdf

  29. Hancke GP, Kuhn MG (2005) An rfid distance bounding protocol. In: SECURECOMM ’05: Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, IEEE Computer Society, Washington, DC, USA, pp 67–73, DOI http://dx.doi.org/10.1109/SECURECOMM.2005.56, URL http://www.cl.cam.ac.uk/∼mgk25/sc2005-distance.pdf

  30. Heffernan B, Kennedy E (2008) Alert as 170,000 blood donor files are stolen. URL http://www.independent.ie/national-news/alert-as-170000-blood-donor-files-are-stolen-1294079.html

  31. Hopper A (2000) The clifford paterson lecture, 1999: Sentient computing. Phil Trans R Soc Lond A 358(1773):2349–2358, URL http://www.cl.cam.ac.uk/Research/DTG/lce-pub/public/files/tr.1999.12.pdf

    Article  MATH  Google Scholar 

  32. Jackson IW (1998) Who goes here? confidentiality of location through anonymity. PhD thesis, University of Cambridge, URL http://www.chiark.greenend.org.uk/ijackson/thesis/

  33. Jakobsson M, Wetzel S (2001) Security weaknesses in bluetooth. In: Naccache D (ed) CT-RSA, Springer, Lecture Notes in Computer Science, vol 2020, pp 176–191, URL http://link.springer.de/link/service/series/0558/bibs/2020/20200176.htm

  34. Johnston RG, Garcia AR (1997) Vulnerability assessment of security seals. Journal of Security Administration 20(1):15–27, URL http://lib-www.lanl.gov/la-pubs/00418796.pdf

    Google Scholar 

  35. Juels A (2006) Rfid security and privacy: A research survey. IEEE Journal on Selected Areas in Communication 24(2),URL http://www.rsasecurity.com/rsalabs/staff/bios/ajuels/publications/pdfs/rfid_survey_28_09_05.pdf, the draft version on the author’s web site is more detailed than the one eventually published in J-SAC.

  36. Juels A, Rivest RL, Szydlo M (2003) The blocker tag: Selective blocking of rfid tags for consumer privacy. In: Atluri V (ed) Proc. 8th ACM Conference on Computer and Communications Security, ACM Press, pp 103–111, URL http://www.rsasecurity.com/rsalabs/staff/bios/ajuels/publications/blocker/blocker.pdf

  37. Juels A, Molnar D, Wagner D (2005) Security and privacy issues in e-passports. In: Proceedings of International Conference on Security and Privacy for Emerging Areas in Communications Networks (SecureComm 2005), IEEE Computer Society, Los Alamitos, CA, USA, pp 74–88, DOI http://doi.ieeecomputersociety.org/10.1109/SECURECOMM.2005.59

  38. Kohl J, Neuman C (1993) The kerberos network authentication service (v5). RFC 1510, IETF, URL http://www.ietf.org/rfc/rfc1510.txt

  39. Krstić I (2007) Bitfrost. URL http://wiki.laptop.org/go/Bitfrost, draft 19 release 1, timestamped 2007-02-07, but last edited on 2009-01-04.

  40. Kuhn M (2003) Rfid friend and foe, with a note on biometric passports. The RISKS Digest 22, URL http://catless.ncl.ac.uk/Risks/22.98.html@subj7#subj7

  41. Mann S (1995) Privacy issues of wearable cameras versus surveillance cameras. URL http://wearcam.org/netcam_privacy_issues.html

  42. Mann S (1996) ‘smart clothing’: Wearable multimedia and ‘personal imaging’ to restore the balance between people and their intelligent environments. In: Proceedings, ACM Multimedia 96, Boston, MA, pp 163–174, URL http://wearcam.org/acm-mm96.htm

  43. Mann S (1997) Wearable computing: A first step toward personal imaging. Computer 30(2):25–32, URL http://www.wearcam.org/ieeecomputer/r2025.htm

    Article  Google Scholar 

  44. Mann S, Picard RW (1997) Video orbits of the projective group: A simple approach to featureless estimation of parameters. IEEE Transactions on Image Processing 6:1281–1295

    Article  Google Scholar 

  45. Matsumoto T, Matsumoto H, Yamada K, Hoshino S (2002) Impact of artificial gummy fingers on fingerprint systems. In: Proceedings of SPIE, vol 4677, Optical Security and Counterfeit Deterrence Techniques IV, URL http://cryptome.org/gummy.htm

  46. McCune JM, Perrig A, Reiter MK (2005) Seeing-is-believing: Using camera phones for human-verifiable authentication. In: SP ’05: Proceedings of the 2005 IEEE Symposium on Security and Privacy, IEEE Computer Society, Washington, DC, USA, pp 110–124, DOI http://dx.doi.org/10.1109/SP.2005.19

  47. Mills E (2008) Dutch chipmaker sues to silence security researchers. URL http://news.cnet.com/8301-10784_3-9985886-7.html

  48. Needham RM, Schroeder MD (1978) Using encryption for authentication in large networks of computers. Communications of the ACM 21(12):993–999

    Article  MATH  Google Scholar 

  49. Norman DA (1998) The Invisible Computer: Why Good Products Can Fail, the Personal Computer Is So Complex, and Information Appliances Are the Solution. MIT Press

    Google Scholar 

  50. Odlyzko AM (2003) Privacy, economics, and price discrimination on the internet. In: Sadeh N (ed) ICEC2003: Fifth International Conference on Electronic Commerce, ACM, pp 355–366, URL http://www.dtc.umn.edu/odlyzko/doc/privacy.economics.pdf

  51. Pappu R, Recht B, Taylor J, Gershenfeld N (2002) Physical one-way functions. Science 297(5589):2026–2030, URL http://www.sciencemag.org/cgi/reprint/297/5589/2026.pdf

    Article  Google Scholar 

  52. Rieback MR, Crispo B, Tanenbaum AS (2006) Is your cat infected with a computer virus? In: PERCOM ‘06: Proceedings of the Fourth Annual IEEE International Conference on Pervasive Computing and Communications, IEEE Computer Society, Washington, DC, USA, pp 169–179, DOI http://dx.doi.org/10.1109/PERCOM.2006.32

    Chapter  Google Scholar 

  53. Schneier B (2003) Beyond Fear. Copernicus (Springer)

    Google Scholar 

  54. Stajano F (2001) The resurrecting duckling—what next? In: Christianson B, Crispo B, Malcolm JA, Roe M (eds) Security Protocols, 8th International Workshop, Revised Papers, Springer-Verlag, Lecture Notes in Computer Science, vol 2133, pp 204–214, URL http://www.cl.cam.ac.uk/fms27/papers/duckling-what-next.pdf

  55. Stajano F (2002) Security for Ubiquitous Computing. Wiley, URL http://www.cl.cam.ac.uk/∼fms27/secubicomp/

  56. Stajano F (2004) Will your digital butlers betray you? In: Syverson P, di Vimercati SDC (eds) Proceedings of the 2004 Workshop on Privacy in the Electronic Society, ACM, Washington, DC, USA, pp 37–38, URL http://www.cl.cam.ac.uk/fms27/papers/2004-Stajano-butlers.pdf

  57. Stajano F, Anderson R (1999) The resurrecting duckling: Security issues in ad-hoc wireless networks. In: Christianson B, Crispo B, Malcolm JA, Roe M (eds) Security Protocols, 7th International Workshop, Proceedings, Springer, Lecture Notes in Computer Science, vol 1796, pp 172–182, URL http://www.cl.cam.ac.uk/∼fms27/papers/1999-StajanoAnd-duckling.pdf

  58. Stajano F, Cvrcek D, Lewis M (2008) Steel, cast iron and concrete: Security engineering for real world wireless sensor networks. In: Bellovin SM, Gennaro R, Keromytis AD, Yung M (eds) Proceedings of 6th Applied Cryptography and Network Security Conference (ACNS 2008), Lecture Notes in Computer Science, vol 5037, pp 460–478, DOI 10.1007/978-3-540-68914-0_28, URL http://www.cl.cam.ac.uk/∼fms27/papers/2008-StajanoCvrLew-steel.pdf

  59. Streitz NA, Kameas A, Mavrommati I (eds) (2007) The Disappearing Computer, Interaction Design, System Infrastructures and Applications for Smart Environments, Lecture Notes in Computer Science, vol 4500, Springer

    Google Scholar 

  60. Tuyls P, Batina L (2006) Rfid-tags for anti-counterfeiting. In: Pointcheval D (ed) Topics in Cryptology - CT-RSA 2006, The Cryptographers’ Track at the RSA Conference 2006, San Jose, CA, USA, February 13-17, 2006, Proceedings, Springer, Lecture Notes in Computer Science, vol 3860, pp 115–131

    Google Scholar 

  61. Want R, Hopper A, Falcao V, Gibbons J (1992) The active badge location system. ACM Transactions on Information Systems 10(1):91–102, DOI http://doi.acm.org/10.1145/128756.128759, URL http://www.cl.cam.ac.uk/Research/DTG/publications/public/files/tr.92.1.pdf

    Article  Google Scholar 

  62. Weis SA (2003) Security and Privacy in Radio-Frequency Identification Devices. Master’s thesis, Massachusetts Institute of Technology, Cambridge, MA 02139

    Google Scholar 

  63. Weis SA, Sarma SE, Rivest RL, Engels DW (2004) Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Security in Pervasive Computing, Lecture Notes in Computer Science, vol 2802, pp 201–212

    Google Scholar 

  64. Weiser M (1991) The computer for the twenty-first century. Scientific American 265(3):94–104, URL http://www.ubiq.com/hypertext/weiser/SciAmDraft3.html

    Article  Google Scholar 

  65. Weiser M, Seely Brown J (1997) The coming age of calm technology. In: Denning PJ, Metcalfe RM (eds) Beyond Calculation: The Next Fifty Years of Computing, Springer-Verlag, pp 75–85, URL http://www.ubiq.com/hypertext/weiser/acmfuture2endnote.htm, previously appeared as “Designing Calm Technology” in PowerGrid Journal, v 1.01, July 1996, URL http://powergrid.electriciti.com/1.01.

  66. Wong FL, Stajano F (2005) Multi-channel protocols. In: Christianson B, Crispo B, Malcolm JA (eds) Security Protocols, 13th International Workshop Proceedings, Springer-Verlag, Lecture Notes in Computer Science, vol 4631, pp 112–127, URL http://www.cl.cam.ac.uk/∼fms27/papers/2005-WongSta-multichannel.pdf, see also updated version in IEEE Pervasive Computing 6(4):31–39 (2007) at URL http://www.cl.cam.ac.uk/∼fms27/papers/2007-WongSta-multichannel.pdf

    Google Scholar 

  67. Wong FL, Stajano F, Clulow J (2005) Repairing the bluetooth pairing protocol. In: Christianson B, Crispo B, Malcolm JA (eds) Security Protocols, 13th International Workshop Proceedings, Springer-Verlag, Lecture Notes in Computer Science, vol 4631, pp 31–45, URL http://www.cl.cam.ac.uk/∼fms27/papers/2005-WongStaClu-bluetooth.pdf

Download references

Author information

Authors and Affiliations

  1. University of Cambridge Computer Laboratory, Cambridge, UK

    Frank Stajano

Authors
  1. Frank Stajano
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Frank Stajano .

Editor information

Editors and Affiliations

  1. Future University Hakodate, Kameda-Nakano 116-2, Hakodate, Hokkaido, 041-8655, Japan

    Hideyuki Nakashima

  2. Department of Electrical Engineering, Stanford University, 350 Serra Mall, Stanford, CA, 94305-9515, USA

    Hamid Aghajan

  3. School of Computing & Mathematics, University of Ulster at Jordanstown, Shore Road, Newtownabbey, Co. Antrim, UK, BT37 0QB

    Juan Carlos Augusto

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer Science+Business Media, LLC

About this chapter

Cite this chapter

Stajano, F. (2010). Security Issues in Ubiquitous Computing*. In: Nakashima, H., Aghajan, H., Augusto, J.C. (eds) Handbook of Ambient Intelligence and Smart Environments. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-93808-0_11

Download citation

  • DOI: https://doi.org/10.1007/978-0-387-93808-0_11

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-93807-3

  • Online ISBN: 978-0-387-93808-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics