skip to main content
10.1145/1968613.1968649acmconferencesArticle/Chapter ViewAbstractPublication PagesicuimcConference Proceedingsconference-collections
research-article

MundoMessage: enabling trustworthy ubiquitous emergency communication

Published: 21 February 2011 Publication History

Abstract

Efficient emergency communication is of high practical importance, but has specific challenges: unpredictable local emergency situations harden the establishment of communication structures, legal requirements dictate the use of end-to-end secure and documentable approaches, while users demand ease-of-use and privacy protection. Dealing with these challenges, the contribution of this paper is four-fold: first, together with emergency practioners we define realistic security requirements and patterns for ubiquitous emergency communication. Second, we devise techniques for privacy-respecting re-identificaton of pseudonymous receivers. Third, we propose a new hybrid encryption technique for expressive policies, which combines ciphertext-policy attribute-based encryption with location-based encryption. Fourth, building on the new techniques, we introduce MundoMessage, our approach to multilaterally end-to-end secure, user-friendly attribute-based messaging for emergency communication. Finally, we analyze our approach.

References

[1]
K. Rannenberg, "Multilateral Security - a Concept and Examples for Balanced Security," in Workshop on New Security Paradigms (NSPW '00). ACM, 2000, pp. 151--162.
[2]
B. Tognazzini, "Design for Usability," in Security and Usability: Designing Secure Systems That People Can Use, L. Cranor and S. Garfinkel, Eds. O'Reilly Media, 2005, pp. 31--96.
[3]
D. Chadwick, G. Lunt, and G. Zhao, "Secure Role Based Messaging," in IFIP Conference on Communications and Multimedia Security (CMS '04), 2004, pp. 303--316.
[4]
M. C. Mont, P. Bramhall, and K. Harrison, "A Flexible Role-Based Secure Messaging Service: Exploiting IBE technology for Privacy in Health Care," in Workshop on Database and Expert Systems Applications (DEXA '03). IEEE CS, 2003, pp. 432--437.
[5]
U. M. Maurer, "Modelling a Public-Key Infrastructure," in ESORICS, 1996, pp. 325--350.
[6]
R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman, "Role-Based Access Control Models," IEEE Computer, vol. 29, no. 2, pp. 38--47, 1996.
[7]
C. Gentry, "IBE (Identity-Based Encryption)," in Handbook of Information Security - Volume 2, H. Bidgoli, Ed. John Wiley and Sons, 2006, pp. 575--592.
[8]
R. Bobba, O. Fatemieh, F. Khan, C. A. Gunter, and H. Khurana, "Using Attribute-Based Access Control to Enable Attribute-Based Messaging," in Annual Computer Security Applications Conference (ACSAC '06). IEEE CS, 2006, pp. 403--413.
[9]
E. Yuan and J. Tong, "Attribute Based Access Control (ABAC) for Web Services," in Conference on Web Services (ICWS'05). IEEE CS, 2005, pp. 561--569.
[10]
A. Sahai and B. Waters, "Fuzzy Identity-Based Encryption," in Advances in Cryptology: EUROCRYPT '05. Springer, 2005, pp. 457--473.
[11]
V. Goyal, O. Pandey, A. Sahai, and B. Waters, "Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data," in ACM Conference on Computer and Communications Security (CCS '06). ACM, 2006, pp. 89--98.
[12]
S. G. Weber, "Securing First Response Coordination with Dynamic Attribute-Based Encryption," in Conference on Privacy, Security and Trust (PST '09) in conjunction with World Congress on Privacy, Security, Trust and the Management of e-Business (CONGRESS '09). IEEE CS, 2009, pp. 58--69.
[13]
R. Bobba, O. Fatemieh, F. Khan, A. Khan, C. A. Gunter, H. Khurana, and P. Manoj, "Attribute-Based Messaging: Access Control and Confidentiality," ACM Trans. Inf. Syst. Secur. (TISSEC), vol. 14, 2010.
[14]
J. Bethencourt, A. Sahai, and B. Waters, "Ciphertext-Policy Attribute-Based Encryption," in IEEE Symposium on Security and Privacy (SP '07). IEEE CS, 2007, pp. 321--334.
[15]
M. H. Blackmon, "Cognitive Walkthrough," in Encyclopedia of Human-Computer Interaction - Volume 1, W. S. Bainbridge, Ed. Berkshire Publishing Group, 2004, pp. 104--107.
[16]
C. Endres, A. Wurz, M. Hoffmann, and A. Behring, "A Task-Based Messaging Approach to Facilitate Staff Work," in International Conference on Information Systems for Crisis Response and Management (ISCRAM 2010), 2010.
[17]
F. Flentge, S. G. Weber, A. Behring, and T. Ziegert, "Designing Context-Aware HCI for Collaborative Emergency Management," in Int'l Workshop on HCI for Emergencies in conjunction with CHI '08, 2008.
[18]
L. Scott and D. E. Denning, "A Location Based Encryption Technique and Some of Its Applications," in ION National Technical Meeting 2003, 2003, pp. 730--740.
[19]
Committee on Planning for Catastrophe, Ed., Successful Response Starts With A Map: Improving Geospatial Support for Disaster Management. National Academy Press, 2007.
[20]
S. G. Weber, "Harnessing Pseudonyms with Implicit Attributes for Privacy-Respecting Mission Log Analysis," in Conference on Intelligent Networking and Collaborative Systems (INCoS '09). IEEE Computer Society, 2009, pp. 119--126.
[21]
S. G. Weber and M. Mühlhäuser, "Multilaterally Secure Ubiquitous Auditing," in Intelligent Networking and Collaborative Systems and Applications, SCI 329. Springer, 2010, pp. 207--233.
[22]
B. W. Murgatroyd, "End to End Encryption in Public Safety TETRA Networks," IE Seminar on Secure GSM and Beyond: End to End Security for mobile Communication, no. Digest No. 2003/10059, 2003.
[23]
T. ElGamal, "A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory, vol. 31, no. 4, pp. 469--472, 1985.
[24]
A. Juels and R. Pappu, "Squealing Euros: Privacy Protection in RFID-Enabled Banknotes," in Financial Cryptography. Springer, 2003, pp. 103--121.
[25]
T. P. Pedersen, "A Threshold Cryptosystem without a Trusted Party (Extended Abstract)," in Advances in Cryptology: EUROCRYPT '91. Springer, 1991, pp. 522--526.
[26]
M. Jakobsson and A. Juels, "Mix and Match: Secure Function Evaluation via Ciphertexts," in Advances in Cryptology: ASIACRYPT '00. Springer, 2000, pp. 162--177.
[27]
A. Shamir, "How to Share a Secret," Communications of the ACM, vol. 22, no. 11, pp. 612--613, 1979.
[28]
Y. Tsiounis and M. Yung, "On the Security of ElGamal Based Encryption," in Workshop on Practice and Theory in Public Key Cryptography (PKC '98). Springer, 1998, pp. 117--134.
[29]
D. Boneh and M. K. Franklin, "Identity-Based Encryption from the Weil Pairing," SIAM J. Comput., vol. 32, no. 3, pp. 586--615, 2003.
[30]
D. E. Denning and L. Scott, "Geo-Encryption - Using GPS to Enhance Data Security," GPS World, 2003.
[31]
A. Al-Fuqaha and O. Al-Ibrahim, "Geo-Encryption Protocol for Mobile Networks," Comput. Commun., vol. 30, no. 11--12, pp. 2510--2517, 2007.
[32]
C. E. Shannon, "Communication Theory of Secrecy Systems," The Bell System Technical Journal, vol. 28, pp. 656--715, 1949.
[33]
A. D. Brucker, H. Petritsch, and S. G. Weber, "Attribute-Based Encryption with Break-Glass," in Workshop in Information Security Theory and Practice (WISTP'10). Springer, 2010, pp. 237--244.
[34]
D. Boneh, "The Decision Diffie-Hellman Problem," in ANTS-III, ser. Lecture Notes in Computer Science, vol. 1423. Springer, 1998, pp. 48--63.
[35]
S. Müller, S. Katzenbeisser, and C. Eckert, "Distributed Attribute-Based Encryption," in International Conference on Information Security and Cryptology (ICISC'08). Springer, 2008, pp. 20--36.

Cited By

View all
  • (2022) RESCUE : A Resilient and Secure Device-to-Device Communication Framework for Emergencies IEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2020.303622419:3(1722-1734)Online publication date: 1-May-2022
  • (2017)SEDCOS: A Secure Device-to-Device Communication System for Disaster Scenarios2017 IEEE 42nd Conference on Local Computer Networks (LCN)10.1109/LCN.2017.47(195-198)Online publication date: Oct-2017
  • (2017)An empirical hunt for ally co-operative cloud computing utility2017 11th International Conference on Intelligent Systems and Control (ISCO)10.1109/ISCO.2017.7856031(422-438)Online publication date: Jan-2017
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ICUIMC '11: Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication
February 2011
959 pages
ISBN:9781450305716
DOI:10.1145/1968613
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 February 2011

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Research-article

Conference

ICUIMC '11
Sponsor:

Acceptance Rates

ICUIMC '11 Paper Acceptance Rate 135 of 534 submissions, 25%;
Overall Acceptance Rate 251 of 941 submissions, 27%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)0
  • Downloads (Last 6 weeks)0
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2022) RESCUE : A Resilient and Secure Device-to-Device Communication Framework for Emergencies IEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2020.303622419:3(1722-1734)Online publication date: 1-May-2022
  • (2017)SEDCOS: A Secure Device-to-Device Communication System for Disaster Scenarios2017 IEEE 42nd Conference on Local Computer Networks (LCN)10.1109/LCN.2017.47(195-198)Online publication date: Oct-2017
  • (2017)An empirical hunt for ally co-operative cloud computing utility2017 11th International Conference on Intelligent Systems and Control (ISCO)10.1109/ISCO.2017.7856031(422-438)Online publication date: Jan-2017
  • (2013)Crafting Requirements for Mobile and Pervasive Emergency Response based on Privacy and Security by Design PrinciplesInternational Journal of Information Systems for Crisis Response and Management10.4018/jiscrm.20130401015:2(1-18)Online publication date: 1-Apr-2013
  • (2013)Towards trustworthy mobile social networking services for disaster response2013 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops)10.1109/PerComW.2013.6529553(528-533)Online publication date: Mar-2013
  • (2012)Multilaterally secure pervasive cooperationJournal of Ambient Intelligence and Smart Environments10.5555/2350758.23507664:2(135-136)Online publication date: 1-Apr-2012

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media