Abstract
Ubiquitous networks and seamless terminals are potential enablers for session mobility and session transfer. In a business environment, session mobility is restricted by the security requirements set forth by corporate security policies to protect corporate assets. Session mobility can be supported to the extent that specified corporate assets are still protected even though a session is transferred to another mobile device. We describe a policy-driven approach for secure session transfers. Secure session transfer mechanisms validate whether or not a session transfer is allowed, establish secure interaction channels with target devices, perform security context negotiation and, if all previous steps are successful, facilitate transferring a session from a source to a target device. The protocol is supported by security policies and digitally signed assertion tokens. Policies define the constraints to be met before (i.e. decision whether transfer is possible or not) and after session transfer (i.e. respective security context.), while tokens are utilized to identify suitable mobile devices that claim trustworthiness, which may be target of a session transfer.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Kouadri Mostéfaoui, G., Brézillon, P.: A Generic Framework for Context-Based Distributed Authorizations. In: Blackburn, P., Ghidini, C., Turner, R.M., Giunchiglia, F. (eds.) CONTEXT 2003. LNCS, vol. 2680, pp. 204–217. Springer, Heidelberg (2003)
Bagrodia, R., Bhattacharyya, S., Cheng, F., et al.: iMASH: Interactive Mobile Application Session Handoff. In: ACM International Conference on Mobile Systems, Applications, and Services (MobiSys 2003) (May 2003)
Skow, E., Kong, J., Phan, T., Cheng, F., et al.: A Security Architecture for Application Session Handoff. In: International Conference on Communications (ICC 2002), April 28 - May 2 (2002)
ITU-T Recommendation X.511: Abstract Service Definition (1993)
Berndt, H., et al.: The TINA Book. Prentice Hall, Europe (1999)
NTT DoCoMo: All-IP Mobile Network Platform supporting a Ubiquitous Society – cover page. NTT DoCoMo Technical Journal 4(4) (March 2003)
Shirey, R.: Internet Security Glossary. In: IETF International Request for Comments, vol. 2828 (May 2000)
Robinson, P., Rits, M., Kilian-Kehr, R.: An Aspect of Application Security Management. In: AOSD Workshop on Application-level security (AOSDSEC), Lancaster, UK (March 2004)
Thakolsri, S., Kellerer, W.: Application-layer mobility, DoCoMo Euro-Labs Internal Technical Report (January 2004)
Handley, M., Jacobson, V.: Session Definition Protocol, IETF RFC 2327 (April 1998)
Walter, T., Bussard, L., Roudier, Y., Haller, J., Kilian-Kehr, R., Posegga, J., Robinson, P.: Secure Mobile Business Applications – Framework. Architecture and Implementation, Information Security Technical Report 9(4) (2004)
Schulzrinne, H., Wedlund, E.: Application-Layer Mobility Using SIP. ACM Mobile Computing and Communications Review 4(3) (July 2000)
Rosenberg, J., et al.: SIP: Session Initiation Protocol, IETF RFC 3261 (June 2002)
Dulay, N., Lupu, E., Sloman, M., Damianou, N.: A Policy Deployment Model for the Ponder Language. In: IFIP/IEEE Symposium on Integrated Network Management, Seattle, USA (2001)
Bussard, L., Roudier, Y., Kilian-Kehr, R., Crosta, S.: Trust and Authorization in Pervasive B2E Scenarios. In: 6th Information Security Conference, Bristol, UK (October 2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Robinson, P., Schaefer, C., Walter, T. (2005). POSSET – Policy-Driven Secure Session Transfer. In: Deng, R.H., Bao, F., Pang, H., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2005. Lecture Notes in Computer Science, vol 3439. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31979-5_2
Download citation
DOI: https://doi.org/10.1007/978-3-540-31979-5_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25584-0
Online ISBN: 978-3-540-31979-5
eBook Packages: Computer ScienceComputer Science (R0)