Abstract
Ubiquitous environments require special properties that traditional computing does not support. The high diversity of mobile devices and the marked rise in ubiquitous resources have originated a great variety of challenges such as a proper resource management which plays a fundamental role in pervasive computing, where adaptation and dynamic re-configuration of resources take place. In previous works [MoGi08], [MoOG10] we have presented CARM (Composable-Adaptive Resource Management), a new adaptive resource management approach that supports adaptation for the required resources. CARM constitutes a component-based model to abstract system’s ubiquitous resources in a transparent and uniform way to the applications. Due to its network heterogeneity and the dynamic population of nomadic users, important security challenges arise; therefore, in this article we address CARM’s primary security concerns towards the development of a “Security module” capable of certifying the eligibility of devices to join a personal network without compromising privacy. Our approach is analyzed in terms of Authentication and Authorization, essentially consisting of an authorization scheme using Attribute Certificates (ACs) and supported by control policies that define all authorization decisions needed among unknown devices. This paper mainly describes ongoing work towards a proof-of-concept implementation in the given scenarios; initially considering two CARM enabled mobile-phones with Bluetooth connectivity and enforcing security without altering the bandwidth efficiency.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Morales, R. and Gil, M., CARM: Composable, Adaptive Resource Management System in Ubiquitous Computing Environments. Advances in Soft Computing. J. M. Corchado, D. I. Tapia and J. Bravo, Springer Berlin /Heidelberg. Volume 51/2009: 335–342, 2008.
Morales, R., Otero, B. and Gil, M., Mobile Resource Management for a Better User Experience: An Audio Case Study, 4th Symposium of Ubiquitous Computing and Ambient Intelligence (UCAmI), 2010.
Roy, W., Trevor, P., Sud, S., Rosario, B., et al. Dynamic Composable Computing, Proceedings of the 9th workshop on Mobile computing systems and applications. Napa Valley, California, ACM, 2008.
Xiang, S. and R. Umakishore, MobiGo: A Middleware for Seamless Mobility, Proceedings of the 13th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, IEEE Computer Society, 2007.
Claycomb, W. and Shin, D. 2007. Towards secure resource sharing for impromptu collaboration in pervasive computing. In Proceedings of the 2007 ACM Symposium on Applied Computing (Seoul, Korea, March 11 - 15, 2007). SAC ’07. ACM, New York, NY, 940–946. DOI=http://doi.acm.org/10.1145/1244002.1244208
OASIS. eXtensible Access Control Markup Language (XACML) Version 2.0, 2005. OASIS Committee Specification: Tim Moses (editor).
S. Farrell. An Internet Attribute Certificate Profile for Authorization. Network Working Group, Request for Comments: 3281, April 2002. RFC-3281. Online. Network Working Group. Available http://tools.ietf.org/html/rfc3281-section-4.1
P. Yee. Attribute Certificate Request Message Format. PKIX Working Group, Internet Draft, March 2002. Online. Available http://tools.ietf.org/html/draft-ietf-pkix-acrmf-01
C. Francis Raytheon and D. Pinkas Bull. Attribute Certificate (AC) Policies Extension. Network Working Group, Request for Comments: 4476, May 2006, RFC-4476. Online. Network Working Group. Available http://www.faqs.org/rfcs/rfc4476.html
Patroklos G. Argyroudis and D. O’Mahony. ÆTHER: an Authorization Management Architecture for Ubiquitous Computing. In Proceedings of 1st European PKI Workshop: Research and Applications (EuroPKI04), 246–259, Springer-Verlag 2004.
A. Boukerche and Y. Ren A trust-based security system for ubiquitous and pervasive computing environments. Computers and Communications 31: 4343–4351, 2008.
L. Kagal, T. Finin and A. Joshi Trust-Based Security in Pervasive Computing Environments. Computer, vol. 34, no. 12, pp. 154–157, Dec. 2001.
D. Chadwick, Z.Gansen, S. Otenko, R. Laborde, L. Su and T. A. Nguyen. PERMIS: A Modular Authorization Infrastructure. Concurrency and Computation: Practice & Experience – Volume 20 , Issue 11 1341–1357, August 2008.
W. Zhou and C. Meinel Implement role based access control with attribute certificates. In Proceedings of the 6th International Conference on Advanced Communication Technology - Volume 1, 536–541, Feb. 2004.
U.M. Mbanaso, G.S. Cooper, D.W. Chadwick and S. Proctor Privacy Preserving Trust Authorization Framework Using XACML. In Proceedings of the International Symposium on on World of Wireless, Mobile and Multimedia Networks. 673–678, 2006.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden GmbH
About this chapter
Cite this chapter
Morales, R., Serna, J., Medina, M. (2011). A Policy-based Authorization Scheme for Resource Sharing in Pervasive Environments. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2010 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9788-6_26
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9788-6_26
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-1438-8
Online ISBN: 978-3-8348-9788-6
eBook Packages: EngineeringEngineering (R0)