Abstract
We propose a software framework that augments context data with a range of assorted confidence/reputation metadata for dimensions such as security, privacy, safety, reliability, or precision, defined according to a generic context confidence ontology. These metadata are processed through the network of federated distributed software services that support the acquisition, aggregation/fusion and interpretation of context, up to its exploitation by context-aware applications. This solution for qualifying and gauging context data makes possible its use in more critical applications of context awareness, such as adaptation of security mechanisms. We show how to implement with our framework a quality-critical application like contextual adaptation of security services, where security is tailored to the protection requirements of the current situation as captured by relevant context data.
This work was performed in project E2R II which has received research funding from the EU’s Sixth Framework programme. This paper reflects only the authors’ views and the EU is not liable for any use that may be made of the information contained therein. The contributions of colleagues from the E2R II consortium are hereby acknowledged.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Almenárez, F., Marín, A., Campo, C., García, C.: TrustAC: Trust-Based Access Control for Pervasive Devices. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, Springer, Heidelberg (2005)
Almenárez, F., Marín, A., Díaz, D., Sánchez, J.: Developing a Model for Trust Management in Pervasive Devices. In: IEEE Workshop on Pervasive Computing and Communication Security, IEEE Computer Society Press, Los Alamitos (2006)
Al-Muhtadi, J., Ranganathan, A., Campbell, R., Mickunas, M.: Cerberus: A Context-Aware Security Scheme for Smart Spaces. In: International Conference on Pervasive Computing and Communications (PerCom) (2003)
Badger, L., Sterne, D., Sherman, D., Walker, K., Haghinghat, S.: Practical Domain and Type Enforcement for UNIX. In: IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos (1995)
Bell, D., La Padula, L.: Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report no MTR-2997, MITRE Corporation (1975)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: IEEE Symposium on Security and Privacy, Oakland, California, USA (1996)
Bruneton, E., Coupaye, T., Leclerc, M., Quéma, V., Stéfani, J.-B.: The Fractal Component Model and its Support in Java. Software - Practice and Experience (SP&E) special issue on Experiences with Auto-adaptive and Reconfigurable Systems 36(11-12), 1257–1284 (2006)
Chess, D., Palmer, C., White, S.: Security in an Autonomic Computing Environment. IBM Systems Journal 42(1), 107–118 (2003)
Covington, M., Fogla, P., Zhan, Z., Ahamad, M.: A Context-Aware Security Architecture for Emerging Applications. In: Annual Computer Security Applications Conference (ACSAC) (2002)
Covington, M., Moyer, M., Ahamad, M.: Generalized Role-Based Access control for Securing Future Applications. In: National Information Systems Security Conference (NISSC) (2000)
Damiani, E., De Capitani, S., Paraboschi, S., Samarati, P., Violante, F.: A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. In: ACM Conference on Computer and Communications Security (CCS), Washington DC, USA (2002)
Ebling, M., Hunt, G., Lei, H.: Issues for Context Services for Pervasive Computing. In: Guerraoui, R. (ed.) Middleware 2001. LNCS, vol. 2218, Springer, Heidelberg (2001)
Euzenat, J., Pierson, J., Ramparany, F.: A Context Information Manager Component for Dynamic Environments. In: International Conference on Pervasive Computing (2006)
Fassino, J.P., Stefani, J.B., Lawall, J., Muller, G.: Think: A Software Framework for Component-Based Operating System Kernels. In: USENIX Annual Technical Conference (2002)
Flury, T., Privat, G.: An Infrastructure Template for Scalable Location-Based Services. In: Smart Objects Conference (SoC), Grenoble (May 2003)
Ganek, A., Corbi, T.: The Dawning of the Autonomic Computing Era. IBM Systems Journal 42(1), 5–18 (2003)
Goldberg, I.: A Pseudonymous Communications Infrastructure for the Internet. PhD thesis, University of California at Berkeley (2000)
Gonzáles, A., Salas, L., Ramos, B., Rigaborda, A.: Providing Personalization and Automation to Spatial-Temporal Stamping Services. In: International Workshop on Secure Ubiquitous Networks (SUN) (2005)
Grandison, T., Sloman, M.: A Survey of Trust in Internet Applications. IEEE Communications Surveys 4(4), 2–16 (2000)
Gu, T., Pung, H.K., Zhang, D.Q.: A Middleware for Building Context-Aware Mobile Services. In: Vehicular Technology Conference (VTC) (2004)
Hager, C.: Context Aware and Adaptive Security for Wireless Networks. PhD thesis, Virginia Polytechnic Institute and State University (2004)
Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 3280 (April 2002), http://www.ietf.org/rfc/rfc3280.txt
Jajodia, S., Samarati, P., Subrahmanian, V.: A Logical Language for Expressing Authorizations. In: IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos (1997)
Jarboui, T., Lacoste, M., Wadier, P.: A Component-Based Policy-Neutral Authorization Architecture. In: French Conference on Operating Systems (CFSE) (2006)
Jøsang, A., Ismail, R., Boyd, C.: A Survey of Trust and Reputation Systems for Online Service Provision. Decision Support Systems (2005)
Judd, G., Steenkiste, P.: Providing Contextual Information to Pervasive Computing Applications. In: PerCom 2003 (2003)
Hübscher, M.C., McCann, J.: Adaptive Middleware for Context-Aware Applications in Smart Homes. In: Workshop on Middleware for Pervasive and Ad Hoc Computing, Toronto (2004)
Lenat, D., Guha, R.V.: Building Large Knowledge-Based Systems: Representation and Inference in the Cyc Project. Addison-Wesley, Reading (1990)
McGuinness, D., van Harmelen, F.: OWL Web Ontology Language Overview. W3C Recommendation (2003), http://www.w3.org/TR/owl-features/
Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: Internet X.509 Public Key Infrastructure: Online Certificate Status Protocol – OCSP. RFC 2560 (June 1999), http://www.ietf.org/rfc/rfc2560.txt
Myles, G., Friday, A., Davies, N.: Preserving Privacy in Environments with Location-Based Applications. IEEE Pervasive Computing 2(1), 56–64 (2003)
Pftizmann, A., Hansen, M.: Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management - A Consolidated Proposal for Terminology. Technical University of Dresden (2005)
Polakovic, J., Ozcan, A.E., Stefani, J.-B.: Building Reconfigurable Component-Based OS with Think. In: EUROMICRO 2006 (2006)
Ramparany, F., Euzenat, J., Broens, T., Pierson, J., Bottaro, A., Poortinga, R.: Context Management and Semantic Modelling for Ambient Intelligence. In: International Workshop on Future Research Challenges for Software and Services (FRCSS) (2006)
Ramparany, F., Poortinga, R., Stikic, M., Schmalenströer, J., Prante, T.: An Open Context Information Management Infrastructure. In: IE 2007. 3rd IET International Conference on Intelligent Environments, Ulm, Germany (September 2007)
Salber, D., Dey, A.K., Abowd, G.: The Context Toolkit: Aiding the Development of Context-Enabled Applications. In: Conference on Human Factors in Computing Systems (CHI) (1999)
Sastry, N., Shankar, U., Wagner, D.: Secure Verification of Location Claims. In: ACM Workshop on Wireless Security, pp. 1–10. ACM Press, New York (2003)
Saxena, A., Lacoste, M., Jarboui, T., Lücking, U., Steinke, B.: A Software Framework for Autonomic Security in Pervasive Environments. In: International Conference on Information Systems Security (ICISS) (to appear, 2007)
SOAP Specifications. http://www.w3.org/TR/soap/
SPARQL Specifications. http://www.w3.org/TR/rdf-sparql-query/
Suryanarayana, G., Erenkrantz, J., Taylor, R.: An Architectural Approach for Decentralized Trust Management. IEEE Internet Computing 9(6), 16–23 (2005)
Undercoffer, J., Perich, F., Cedilnik, A., Kagal, L., Joshi, A.: A Secure Infrastructure for Service Discovery and Access in Pervasive Computing. ACM Mobile Networks and Applications (MONET): Special Issue on Security in Mobile Computing Environments 8(2), 113–125 (2003)
Wullems, C., Looi, M., Clark, A.: Towards Context-aware Security: An Authorization Architecture for Intranet Environments. In: International Conference on Pervasive Computing and Communications Workshops (PerCom) (2004)
Yao, Z., Kim, D., Lee, I., Kim, K., Jang, J.: A Security Framework with Trust Management for Sensor Networks. In: IEEE Workshop on Security and QoS in Communication Networks (SecQoS), Athens, Greece (2005)
Zhang, K., Kindberg, T.: An Authorization Infrastructure for Nomadic Computing. In: Symposium on Access Control Models and Technologies (SACMAT) (2002)
Zugenmaier, A., Kreutzer, M., Kabatnik, M.: Enhancing Applications with Approved Location Stamps. In: IEEE Intelligent Network Workshop (IN), Boston, MA, USA (2001)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lacoste, M., Privat, G., Ramparany, F. (2007). Evaluating Confidence in Context for Context-Aware Security . In: Schiele, B., et al. Ambient Intelligence. AmI 2007. Lecture Notes in Computer Science, vol 4794. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-76652-0_13
Download citation
DOI: https://doi.org/10.1007/978-3-540-76652-0_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-76651-3
Online ISBN: 978-3-540-76652-0
eBook Packages: Computer ScienceComputer Science (R0)