Skip to main content
Log in

Privacy-enhanced, Attack-resilient Access Control in Pervasive Computing Environments with Optional Context Authentication Capability

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

In pervasive computing environments (PCEs), privacy and security are two important but contradictory objectives. Users enjoy services provided in PCEs only after their privacy issues being sufficiently addressed. That is, users could not be tracked down for wherever they are and whatever they are doing. However, service providers always want to authenticate the users and make sure they are accessing only authorized services in a legitimate way. In PCEs, such user authentication may include context authentication in addition to the entity authentication. In this paper, we propose a novel privacy enhanced anonymous authentication and access control scheme to secure the interactions between mobile users and services in PCEs with optional context authentication capability. The proposed scheme seamlessly integrates two underlying cryptographic primitives, blind signature and hash chain, into a highly flexible and lightweight authentication and key establishment protocol. It provides explicit mutual authentication and allows multiple current sessions between a user and a service, while allowing the user to anonymously interact with the service. The proposed scheme is also designed to be DoS resilient by requiring the user to prove her legitimacy when initializing a service session.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Microsoft Research. Easy living. http://research.microsoft.com/easyliving/

  2. GAIA—active spaces for ubiquitous computing. University of Illinois, Urbana-Champaign, IL. http://choices.cs.uiuc.edu/gaia/

  3. Location privacy protection act and other privacy related law. http://www.techlawjournal.com/cong107/Privacy

  4. MIT project oxygen. http://oxygen.lcs.mit.edu/

  5. National Institute of Standards and Technology (NIST), Pervasive Computing SmartSpace Laboratory. http://www.nist.gov/smartspace/

  6. Georgia Institute of Technology. The aware home. http://www.cc.gatech.edu/fce/ahri/

  7. Al-Muhtadi J, Campbell R, Kapadia A, Mickunas D, Yi S (2002) Routing through the mist: privacy preserving communication in ubiquitous computing environments. In: International conference of distributed computing systems (ICDCS 2002), Vienna, Austria

  8. Al-Muhtadi J, Campbell R, Kapadia A, Mickunas D, Yi S (2002) Routing through the mist: design and implementation. Technical report UIUCDCS-R-2002-2267, March 2002

  9. Al-Muhtadi J, Ranganathan A, Campbell R, Mickunas M (2002) A flexible, privacy-preserving authentication framework for ubiquitous computing environments, ICDCS Workshops 2002, Vienna, Austria, pp 771–776

  10. Al-Muhtadi J, Ranganathan A, Campbell R, Mickunas M (2003) Cerberus: a context-aware security scheme for smart spaces. PerCom, Fort Worth, TX, pp 489–496

    Google Scholar 

  11. Burnside M et al (2002) Proxy-based security protocols in networked mobile devices. In: ACM SAC 2002, Madrid, Spain

  12. Camenisch J, Lysyanskaya A (2001) Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In: Advances in cryptology, EUROCRYPT. LNCS 2045, Springer, Berlin Heidelberg New York, pp 93–118

    Chapter  Google Scholar 

  13. Campbell R, Al-Muhtadi J, Naldurg P, Sampemane G, Mickunas M (2002) Towards security and privacy for pervasive computing. In: ISSS, Tokyo, Japan, pp 1–15

  14. Chaum D (1982) Blind signatures for untraceable payments. In: Chaum D, Rivest RL, Sherman AT (eds) Advances in cryptology proceedings of crypto, vol 82. Plenum, New York, pp 199–203

    Google Scholar 

  15. Chaum D (1981) Untraceable electronic mail, return addresses, and digital pseudonyms. Commun ACM 24(2):84–88

    Article  Google Scholar 

  16. Chaum D (1985) Security without identification: transaction systems to make Big Brother obsolete. Commun ACM 28(10):1030–1044

    Article  Google Scholar 

  17. Creese S et al (2004) Authentication for pervasive computing. In: Security in pervasive computing 2003. LNCS 2803, Springer, Berlin Heidelberg New York, pp 116–129

    Google Scholar 

  18. Gruteser M, Grunwald D (2003) Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitiative analysis. In: WMASH’03, San Diego, CA

  19. He Q et al (2004) The quest for personal control over mobile location privacy. IEEE Commun Mag 42(5):130–136

    Article  Google Scholar 

  20. Hengartner U, Steenkiste P (2003) Access control to information in pervasive computing environments. In: Proc. of 9th workshop on hot topics in operating systems (HotOS IX), Lihue, HI, May 2003

  21. Henrici D, Muller P (2004) Tackling security and privacy issues in radio frequency identification devices. In: PERVASIVE 2004, LNCS 3001. Springer, Berlin Heidelberg New York, pp 219–224

    Google Scholar 

  22. Jendricke U, Kreutzer M, Zugenmaier A (2002) Pervasive privacy with identity management. In: The 1st workshop on security, UbiComp 2002, Göteborg, Sweden

  23. Jendricke U, Kreutzer M, Zugenmaier A (2002) Mobile identity management. In: The 1st security workshop, UBICOMP, Sep. 2002, Göteborg, Sweden

  24. Langheinrich M (2002) A privacy awareness system for ubiquitous computing environments. In: UbiComp 2002. LNCS 2498. Springer, Berlin Heidelberg New York, pp 237–245

    Chapter  Google Scholar 

  25. Lysyanskaya A, Rivest R, Sahai A, Wolf S (1999) Pseudonym systems. In: Proceedings of selected areas in cryptography 1999. Springer, Berlin Heidelberg New York, pp 184–199

    Google Scholar 

  26. Nakanishi K, Nakazawa J, Tokuda H (2003) LEXP: preserving user privacy and certifying location information. In: The 2nd workshop on security (Ubicomp2003)

  27. Park D (2001) Cryptographic protocols for third generation mobile communication systems. PhD thesis, Queensland University of Technology, Australia

  28. Rivest R, Shamir A, Adleman L (1978) A Method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21:120–126

    Article  MATH  MathSciNet  Google Scholar 

  29. Rivest R (1992) The MD5 Message Digest Algorithms. IETF RFC 1321

  30. Lamport L (1981) Password authentication with insecure communication. Commun ACM 24(11):770–771

    Article  MathSciNet  Google Scholar 

  31. Weimerskirch A, Westhoff D (2003) Zero common-knowledge authentication for pervasive networks. In: Proceedings of selected areas of cryprotgraphy (SAC 2003), Ottawa, Ontario

  32. Ren K, Lou W, Deng R, Kim K (in press) A novel privacy preserving authentication and access control scheme in pervasive computing environments. IEEE Trans Veh Technol

  33. Weiser M (1991) The computer for the 21st century. Sci Am 265(3):94–104

    Article  Google Scholar 

  34. Wu M, Friday A (2002) Integrating privacy enhancing services in ubiquitous computing environments. In: Workshop on security in ubiquitous computing, 4th international UBICOMP, Göteborg, Sweden

  35. Zugenmaier A, Hohl A (2003) Anonymity for users of ubiquitous computing. In: Security workshop, UbiComp 2003, Seattle, October 2003

  36. Xu S, Yung M (2004) k-anonymous secret handshakes with reusable credentials. In: Proc. of ACM conference on computer and communications security (CCS) 2004, pp 158–167

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Kui Ren.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Ren, K., Lou, W. Privacy-enhanced, Attack-resilient Access Control in Pervasive Computing Environments with Optional Context Authentication Capability. Mobile Netw Appl 12, 79–92 (2007). https://doi.org/10.1007/s11036-006-0008-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-006-0008-7

Keywords

Navigation