Abstract
In pervasive computing environments (PCEs), privacy and security are two important but contradictory objectives. Users enjoy services provided in PCEs only after their privacy issues being sufficiently addressed. That is, users could not be tracked down for wherever they are and whatever they are doing. However, service providers always want to authenticate the users and make sure they are accessing only authorized services in a legitimate way. In PCEs, such user authentication may include context authentication in addition to the entity authentication. In this paper, we propose a novel privacy enhanced anonymous authentication and access control scheme to secure the interactions between mobile users and services in PCEs with optional context authentication capability. The proposed scheme seamlessly integrates two underlying cryptographic primitives, blind signature and hash chain, into a highly flexible and lightweight authentication and key establishment protocol. It provides explicit mutual authentication and allows multiple current sessions between a user and a service, while allowing the user to anonymously interact with the service. The proposed scheme is also designed to be DoS resilient by requiring the user to prove her legitimacy when initializing a service session.
Similar content being viewed by others
References
Microsoft Research. Easy living. http://research.microsoft.com/easyliving/
GAIA—active spaces for ubiquitous computing. University of Illinois, Urbana-Champaign, IL. http://choices.cs.uiuc.edu/gaia/
Location privacy protection act and other privacy related law. http://www.techlawjournal.com/cong107/Privacy
MIT project oxygen. http://oxygen.lcs.mit.edu/
National Institute of Standards and Technology (NIST), Pervasive Computing SmartSpace Laboratory. http://www.nist.gov/smartspace/
Georgia Institute of Technology. The aware home. http://www.cc.gatech.edu/fce/ahri/
Al-Muhtadi J, Campbell R, Kapadia A, Mickunas D, Yi S (2002) Routing through the mist: privacy preserving communication in ubiquitous computing environments. In: International conference of distributed computing systems (ICDCS 2002), Vienna, Austria
Al-Muhtadi J, Campbell R, Kapadia A, Mickunas D, Yi S (2002) Routing through the mist: design and implementation. Technical report UIUCDCS-R-2002-2267, March 2002
Al-Muhtadi J, Ranganathan A, Campbell R, Mickunas M (2002) A flexible, privacy-preserving authentication framework for ubiquitous computing environments, ICDCS Workshops 2002, Vienna, Austria, pp 771–776
Al-Muhtadi J, Ranganathan A, Campbell R, Mickunas M (2003) Cerberus: a context-aware security scheme for smart spaces. PerCom, Fort Worth, TX, pp 489–496
Burnside M et al (2002) Proxy-based security protocols in networked mobile devices. In: ACM SAC 2002, Madrid, Spain
Camenisch J, Lysyanskaya A (2001) Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In: Advances in cryptology, EUROCRYPT. LNCS 2045, Springer, Berlin Heidelberg New York, pp 93–118
Campbell R, Al-Muhtadi J, Naldurg P, Sampemane G, Mickunas M (2002) Towards security and privacy for pervasive computing. In: ISSS, Tokyo, Japan, pp 1–15
Chaum D (1982) Blind signatures for untraceable payments. In: Chaum D, Rivest RL, Sherman AT (eds) Advances in cryptology proceedings of crypto, vol 82. Plenum, New York, pp 199–203
Chaum D (1981) Untraceable electronic mail, return addresses, and digital pseudonyms. Commun ACM 24(2):84–88
Chaum D (1985) Security without identification: transaction systems to make Big Brother obsolete. Commun ACM 28(10):1030–1044
Creese S et al (2004) Authentication for pervasive computing. In: Security in pervasive computing 2003. LNCS 2803, Springer, Berlin Heidelberg New York, pp 116–129
Gruteser M, Grunwald D (2003) Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitiative analysis. In: WMASH’03, San Diego, CA
He Q et al (2004) The quest for personal control over mobile location privacy. IEEE Commun Mag 42(5):130–136
Hengartner U, Steenkiste P (2003) Access control to information in pervasive computing environments. In: Proc. of 9th workshop on hot topics in operating systems (HotOS IX), Lihue, HI, May 2003
Henrici D, Muller P (2004) Tackling security and privacy issues in radio frequency identification devices. In: PERVASIVE 2004, LNCS 3001. Springer, Berlin Heidelberg New York, pp 219–224
Jendricke U, Kreutzer M, Zugenmaier A (2002) Pervasive privacy with identity management. In: The 1st workshop on security, UbiComp 2002, Göteborg, Sweden
Jendricke U, Kreutzer M, Zugenmaier A (2002) Mobile identity management. In: The 1st security workshop, UBICOMP, Sep. 2002, Göteborg, Sweden
Langheinrich M (2002) A privacy awareness system for ubiquitous computing environments. In: UbiComp 2002. LNCS 2498. Springer, Berlin Heidelberg New York, pp 237–245
Lysyanskaya A, Rivest R, Sahai A, Wolf S (1999) Pseudonym systems. In: Proceedings of selected areas in cryptography 1999. Springer, Berlin Heidelberg New York, pp 184–199
Nakanishi K, Nakazawa J, Tokuda H (2003) LEXP: preserving user privacy and certifying location information. In: The 2nd workshop on security (Ubicomp2003)
Park D (2001) Cryptographic protocols for third generation mobile communication systems. PhD thesis, Queensland University of Technology, Australia
Rivest R, Shamir A, Adleman L (1978) A Method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21:120–126
Rivest R (1992) The MD5 Message Digest Algorithms. IETF RFC 1321
Lamport L (1981) Password authentication with insecure communication. Commun ACM 24(11):770–771
Weimerskirch A, Westhoff D (2003) Zero common-knowledge authentication for pervasive networks. In: Proceedings of selected areas of cryprotgraphy (SAC 2003), Ottawa, Ontario
Ren K, Lou W, Deng R, Kim K (in press) A novel privacy preserving authentication and access control scheme in pervasive computing environments. IEEE Trans Veh Technol
Weiser M (1991) The computer for the 21st century. Sci Am 265(3):94–104
Wu M, Friday A (2002) Integrating privacy enhancing services in ubiquitous computing environments. In: Workshop on security in ubiquitous computing, 4th international UBICOMP, Göteborg, Sweden
Zugenmaier A, Hohl A (2003) Anonymity for users of ubiquitous computing. In: Security workshop, UbiComp 2003, Seattle, October 2003
Xu S, Yung M (2004) k-anonymous secret handshakes with reusable credentials. In: Proc. of ACM conference on computer and communications security (CCS) 2004, pp 158–167
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Ren, K., Lou, W. Privacy-enhanced, Attack-resilient Access Control in Pervasive Computing Environments with Optional Context Authentication Capability. Mobile Netw Appl 12, 79–92 (2007). https://doi.org/10.1007/s11036-006-0008-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-006-0008-7