Abstract
We describe an existing software architecture for context and proximity aware services that enables trust-based and context-aware authentication. A service is proximity aware when it automatically detects the presence of entities in its proximity. Authentication is context-aware when it uses contextual information to discern among different identities and to evaluate to which extent they are authentic. The software architecture that we describe here is functioning in our Institute: It manages a sensor network to detect the presence and location of users and their devices. A context manager is responsible to merge the different sources of contextual information, to solve potential contradictions, and to determine the level of authentication of the identity of the person approaching one of the services offered in the coffee-break corners of our Institute. In our solution for context-aware authentication, sensors are managed as if they were recommenders having subjective belief, disbelief, and uncertainty (i.e., trust) on the position and identity of users. A sensor’s subjective trust depends on what it has been sensing in the environment. We discuss the results of an array of simulations that we conducted to validate our concept of trust-based and context-aware authentication. We use Subjective Logic to manage trust.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Hulsebosch, H., Lenzini, G., Eertink, H.: Quality of authenticator scheme. Technical Report Public Deliverable D2.3, STORK - Secure Identity Across Borders Linked (2009), http://www.eid-stork.eu/dmdocuments/D2.3_final._1.pdf
Hesselman, C., Eertink, H., Wibbels, M., Sheikh, K., Tokmakoff, A.: Controlled disclosure of context information across ubiquitous computing domains. In: Proc. IEEE Int. Conf. on Sensor Networks Ubiquitous, and Trustworthy Computing (STUC 2008), Taichun, Taiwan, pp. 98–105. IEEE Computer Society, Los Alamitos (2008)
Jøsang, A.: A logic for uncertain probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 9(3), 279–312 (2001)
Lenzini, G.: Design of architectures for proximity-aware services: Experiments in context- based authentication with subjective logic. In: Proc. of the 4th Int. Work. on Views on Design of Complex Architectures (VODCA 2008), Bertinoro, Italy, August 30-31 (2008)
Lenzini, G., Hulsebosch, R.J., Bargh, M.S.: Trust-enhanced security in location-based adaptive authentication. In: Proc. of the ESORICS 3rd International Workshop on Security and Trust Management (STM 2007), Dresden, Germany, September 27. Electronic Notes in Theoretical Computer Science, vol. 197, pp. 105–119. Elsevier Science Direct, Amsterdam (2008)
Neisse, R., Wegdam, M., van Sinderen, M., Lenzini, G.: Trust management model and architecture for context-aware service platforms. In: Meersman, R., Tari, Z. (eds.) OTM 2007, Part II. LNCS, vol. 4804, pp. 1803–1820. Springer, Heidelberg (2007)
van Kranenburg, H., Barg, M.S., Iacob, S., Paddemors, A.: A context management framework for supporting context aware distributed applications. IEEE Communications Magazine 44(8), 67–74 (2006)
Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decision Support Systems (2005) (available on line on ScienceDirect) (in press)
Jøsang, A., Hayward, R., Pope, S.: Trust network analysis with subjective logic. In: Proc. of the 29th Australasian Computer Science Conference (ACSC 2006), Australia, January 16-19. ACM International Conference Proceeding Series, vol. 48, pp. 85–94. Australian Computer Society (2006)
Hulsebosch, R.J., Bargh, M.S., Lenzini, G., Ebben, P.W.G., Jacob, S.M.: Context sensitive adaptive authentication. In: Kortuem, G., Finney, J., Lea, R., Sundramoorthy, V. (eds.) EuroSSC 2007. LNCS, vol. 4793, pp. 93–109. Springer, Heidelberg (2007)
Jøsang, A.: Probabilistic logic under uncertainty. In: Proc. of the 13th Australian Symposium on Theory of Computing (CATS 2007), Ballarat, Victoria, AU. ACM Int. Conf. Proc, vol. 65, pp. 101–110. Austrialian Computer Society Inc. (2007)
Shafer, G.: Belief functions and possibility measures. In: The Analysis of Fuzzy Information. Mathematics and Logic, vol. 1, pp. 51–84. CRC Press, Boca Raton (1987)
Jøsang, A., Pope, S.: Dempster’s rule as seen by little coloured balls, Manuscript, Submitted to Journal of Automated Reasoning (2009)
Berger, A.L., Pietra, S.D., Pietra, V.J.D.: A maximum entropy approach to natural language processing. Computational Linguistics 22(1), 39–71 (1996)
Jøsang, A., Pope, S., Marsh, S.: Exploring different types of trust propagation. In: Stølen, K., Winsborough, W.H., Martinelli, F., Massacci, F. (eds.) iTrust 2006. LNCS, vol. 3986, pp. 179–192. Springer, Heidelberg (2006)
Bardram, J.E., Kjær, R.E., Pederson, M.Ø.: Context-aware user authentication – supporting proximity-based login in pervasive computing. In: Dey, A.K., Schmidt, A., McCarthy, J.F. (eds.) UbiComp 2003. LNCS, vol. 2864, pp. 107–123. Springer, Heidelberg (2003)
Cheng, C., Jain, R., van den Berg, E.: Location prediction algorithms for mobile wireless systems, pp. 245–263. CRC Press, Inc., Boca Raton (2003)
Akoush, S., Sameh, A.: Bayesian learning of neural networks for mobile user position prediction. In: Proc. of 16th Int. Conf. on Computer Communications and Networks (ICCCN 2007), August 13-16, pp. 1234–1239 (2007)
Wu, H., Siegel, M., Stiefelhagen, R., Yang, J.: Sensor Fusion using Dempster-Shafer Theory. In: Proc. of 19th IEEE Instrumentation and Measurement Technology Conference (IMTC 2002), May 21-23, pp. 7–12. IEEE Computer Society, Anchorage (2002)
Wu, H., Siegel, M., Ablay, S.: Sensor Fusion using Dempster-Shafer Theory ii: Static Weighting and Kalman Filter-like Dynamic Weighting. In: Proc. of 20th IEEE Instrumentation and Measurement Technology Conference (IMTC 2003), May 20-22, pp. 907–912. IEEE Computer Society, Vail (2003)
Svensson, H., Jøsang, A.: Correlation of Intrusion Alarms with Subjective Logic. Technical Report IMM-TR-2001-14, Informatics and Mathematical Modelling, Technical University of Denmark, DTU (2001)
Jøsang, A., Gray, E., Kinateder, M.: Analysing Topologies of Transitive Trust. In: Dimitrakos, T., Martinelli, F. (eds.) Proc. of the 1st International Workshop on Formal Aspects in Security and Trust (FAST 2003), Pisa, Italy, September 8, pp. 9–22 (2003)
Jøsang, A., Gray, L., Kinateder, M.: Simplification and analysis of transitive trust networks. Web Intelligence and Agent Systems Journal 4(2), 139–161 (2006)
Yan, Z.: Autonomic trust management for a pervasive system. In: Proc. of the Int. Conf. on Security and Cryptography (SECRYPT 2008), Porto, Portugal, July 26-29 (2008)
Mulder, I., Lenzini, G., Bargh, M.S., Hulsebosch, B.: Reading the tea-leaves in an intelligent coffee corner: Challenges for understanding behavior. Behavior Research Methods 41, 820–826
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Lenzini, G. (2009). Trust-Based and Context-Aware Authentication in a Software Architecture for Context and Proximity-Aware Services. In: de Lemos, R., Fabre, JC., Gacek, C., Gadducci, F., ter Beek, M. (eds) Architecting Dependable Systems VI. Lecture Notes in Computer Science, vol 5835. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10248-6_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-10248-6_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10247-9
Online ISBN: 978-3-642-10248-6
eBook Packages: Computer ScienceComputer Science (R0)