Skip to main content
SpringerLink
Log in

Ninja: Non Identity Based, Privacy Preserving Authentication for Ubiquitous Environments

  • Conference paper
UbiComp 2007: Ubiquitous Computing (UbiComp 2007)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4717))

Included in the following conference series:

Abstract

Most of today’s authentication schemes involve verifying the identity of a principal in some way. This process is commonly known as entity authentication. In emerging ubiquitous computing paradigms which are highly dynamic and mobile in nature, entity authentication may not be sufficient or even appropriate, especially if a principal’s privacy is to be protected. In order to preserve privacy, other attributes (e.g. location or trustworthiness) of the principal may need to be authenticated to a verifier. In this paper we propose Ninja: a non-identity-based authentication scheme for a mobile ubiquitous environment, in which the trustworthiness of a user’s device is authenticated anonymously to a remote Service Provider (verifier), during the service discovery process. We show how this can be achieved using Trusted Computing functionality.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Chakraborty, D., Joshi, A., Yesha, Y., Finin, T.: Toward distributed service discovery in pervasive computing environments. IEEE Transactions on Mobile Computing 5(2), 97–112 (2006)

    Article  Google Scholar 

  2. Friday, A., Davies, N., Wallbank, N., Catterall, E., Pink, S.: Supporting service discovery, querying and interaction in ubiquitous computing environments. Wireless Networks 10(6), 631–641 (2004)

    Article  Google Scholar 

  3. Zhu, F., Mutka, M., Li, L.: Service discovery in pervasive computing environements. IEEE Pervasive Computing 4(4), 81–90 (2005)

    Article  Google Scholar 

  4. Zhu, F., Mutka, M., Ni, L.: A private, secure and user-centric information exposure model for service discovery protocols. IEEE Transactions on Mobile Computing 5(4), 418–429 (2006)

    Article  Google Scholar 

  5. Zhu, F., Zhu, W., Mutka, M.W., Ni, L.: Expose or not? A progressive exposure approach for service discovery in pervasive computing environments. In: 3rd IEEE Conf. on Pervasive Computing & Communications, pp. 225–234. IEEE Computer Society Press, Los Alamitos (2005)

    Google Scholar 

  6. Gollmann, D.: What do we mean by entity authentication? In: IEEE Symposium on Security and Privacy, pp. 46–54. IEEE Computer Society Press, Los Alamitos (1996)

    Google Scholar 

  7. Creese, S., Goldsmith, M., Roscoe, B., Zakiuddin, I.: Authentication for pervasive computing. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 116–129. Springer, Heidelberg (2004)

    Google Scholar 

  8. Bao, F., Deng, R.H.: Privacy protection for transactions of digital goods. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229, pp. 202–213. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  9. Berendt, B., Günther, O., Spiekermann, S.: Privacy in e-commerce: Stated preferences vs. actual behavior. Communications of the ACM 48(4), 101–106 (2005)

    Article  Google Scholar 

  10. Campbell, R., Al-Muhtadi, J., Naldurg, P., Sampemane, G., Mickunas, M.D.: Towards security and privacy for pervasive computing. In: Int’l Symposium on Software Security, pp. 1–15 (2002)

    Google Scholar 

  11. Wu, M., Friday, A.: Integrating privacy enhancing services in ubiquitous computing environments. In: Borriello, G., Holmquist, L.E. (eds.) UbiComp 2002. LNCS, vol. 2498, p. 71. Springer, Heidelberg (2002)

    Google Scholar 

  12. Balacheff, B., Chen, L., Pearson, S., Plaquin, D., Proudler, G.: Trusted Computing Platforms: TCPA Technology in Context. In: PH PTR, Upper Saddle River, NJ (2003)

    Google Scholar 

  13. Mitchell, C.J. (ed.): Trusted Computing. IEE Press, London (2005)

    Google Scholar 

  14. Trusted Computing Group (TCG): TCG Specification Architecture Overview. Version 1.2, The Trusted Computing Group, Portland, Oregon, USA (2004)

    Google Scholar 

  15. National Institute of Standards and Technology (NIST): Secure Hash Standard. Federal information processing standards publication (FIPS), pp. 180–182 (2002)

    Google Scholar 

  16. Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: 11th ACM Conf. on Computer & Communications Security, pp. 132–145. ACM Press, New York (2004)

    Chapter  Google Scholar 

  17. Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  18. Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. Journal of the ACM 38(3), 690–728 (1991)

    Article  Google Scholar 

  19. Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM Journal on Computing 18(1), 186–208 (1989)

    Article  MATH  Google Scholar 

  20. Trusted Computing Group (TCG): TPM v1.2 Specification Changes. A summary of changes, Trusted Computing Group, Portland, Oregon, USA (2003)

    Google Scholar 

  21. Rudolph, C.: Covert identity information in direct anonymous attestation (DAA). In: 22nd IFIP Int’l. Information Security Conf (SEC 2007) (2007)

    Google Scholar 

  22. Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure. RFC 3280, The Internet Engineering Task Force (IETF) (2002)

    Google Scholar 

  23. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)

    Article  MATH  Google Scholar 

  24. Sun Microsystems: Jini Architecture Specification. Version 1.2, Sun Microsystems, Palo Alto, CA, USA (2001), http://www.sun.com/software/jini/specs/

  25. Universal Plug and Play (UPnP) Forum: UPnP Device Architecture. version 1.0 (2003), http://www.upnp.org/

  26. Guttman, E., Perkins, C., Veizades, J., Day, M.: Service Location Protocol, Version 2., RFC 2608, The Internet Engineering Task Force (IETF) (1999)

    Google Scholar 

  27. Nidd, M.: Service discovery in DEAPspace. IEEE Personal Communications 8(4), 39–45 (2001)

    Article  Google Scholar 

  28. Salutation Consortium: Salutation Architecture Specification (1999), http://www.salutation.org/

  29. Zhu, F., Mutka, M., Ni, L.: Prudent Exposure: A private and user-centric service discovery protocol. In: 2nd IEEE Conf. on Pervasive Computing & Communications, pp. 329–328. IEEE Computer Society Press, Los Alamitos (2004)

    Google Scholar 

  30. Abadi, M., Fournet, C.: Private authentication. Theoretical Computer Science 322(3), 427–476 (2004)

    Article  MATH  Google Scholar 

  31. Ren, K., Luo, W., Kim, K., Deng, R.: A novel privacy preserving authentication and access control scheme for pervasive computing environments. IEEE Transactions on Vehicular Technology 55(4), 1373–1384 (2006)

    Article  Google Scholar 

  32. Teranishi, I., Furukawa, J., Sako, K.: k-times anonymous authentication. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 308–322. Springer, Heidelberg (2004)

    Google Scholar 

  33. Chowdhury, P.D., Christianson, B., Malcolm, J.: Anonymous authentication. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols. LNCS, vol. 3957, pp. 299–305. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  34. Trusted Computing Platform Alliance (TCPA): TCPA Main Specification. Version 1.1b, Trusted Computing Group, Portland, Oregon, USA (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK

    Adrian Leung & Chris J. Mitchell

Authors
  1. Adrian Leung
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chris J. Mitchell
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

John Krumm Gregory D. Abowd Aruna Seneviratne Thomas Strang

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Leung, A., Mitchell, C.J. (2007). Ninja: Non Identity Based, Privacy Preserving Authentication for Ubiquitous Environments. In: Krumm, J., Abowd, G.D., Seneviratne, A., Strang, T. (eds) UbiComp 2007: Ubiquitous Computing. UbiComp 2007. Lecture Notes in Computer Science, vol 4717. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74853-3_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74853-3_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74852-6

  • Online ISBN: 978-3-540-74853-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation