Abstract
Security is paramount to the success of pervasive computing environments. The system presented in this paper provides a communications and security infrastructure that goes far in advancing the goal of anywhere-anytime computing. Our work securely enables clients to access and utilize services in heterogeneous networks. We provide a service registration and discovery mechanism implemented through a hierarchy of service management. The system is built upon a simplified Public Key Infrastructure that provides for authentication, non-repudiation, anti-playback, and access control. Smartcards are used as secure containers for digital certificates. The system is implemented in Java and we use Extensible Markup Language as the sole medium for communications and data exchange. Currently, we are solely dependent on a base set of access rights for our distributed trust model however, we are expanding the model to include the delegation of rights based upon a predefined policy. In our proposed expansion, instead of exclusively relying on predefined access rights, we have developed a flexible representation of trust information, in Prolog, that can model permissions, obligations, entitlements, and prohibitions. In this paper, we present the implementation of our system and describe the modifications to the design that are required to further enhance distributed trust. Our implementation is applicable to any distributed service infrastructure, whether the infrastructure is wired, mobile, or ad hoc.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
M. Blaze, J. Feigenbaum and J. Lacy, Decentralized trust management, in: Proceedings of the 17th IEEE Symposium (1996).
G. Candea and A. Fox, Using dynamic mediation to integrate cots entities in a ubiquitous computing environment, in: Second International Symposium on Handheld and Ubiquitous Computing 2000 (2000) pp. 248–254.
M. Esler, J. Hightower, T. Anderson and G. Borriello, Next century challenges: Data-centric networking for invisible computing, in: Fifth Annual ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom-99), August 15‐20 (ACM Press, New York, 1999) pp. 256–262.
I. Goldberg, S.D. Gribble, D. Wagner and E.A. Brewer, The Ninja jukebox, in: Proceedings of the 2nd USENIX Symposium on Internet Technologies and Systems (USITS-99), Berkeley, CA, USENIX Association (October 11‐14, 1999) pp. 37–46.
S.D. Gribble et al., The Ninja architecture for robust Internet-scale systems and services, Computer Networks 35(4) (March 2001) 473–497.
R. Housley, W. Ford, W. Polk and D. Solo, RFC 2459 Internet X.509 Public Key Infrastructure Certificate and CRL Profile (Janaury 1999).
IETF, Simple public key infrastructure (spki) charter, http: //www. ietf.org/html.charters/spkicharter.html
L. Kagal, T. Finin and Y. Peng, A framework for distributed trust management, in: Proceedings of IJCAI-01 Workshop on Autonomy, Delegation and Control (2001).
L. Kagal, V. Korolev, S. Avancha, A. Joshi, T. Finin and Y. Yesha, Highly adaptable infrastructure for service discovery and management in ubiquitous computing, Technical report, TR CS-01-06, Department of Computer Science and Electrical Engineering, University of Maryland Baltimore County, Baltimore, MD (2001).
L. Kagal, V. Korolev, H. Chen, A. Joshi and T. Finin, Project Centaurus: A framework for indoor services mobile services, in: Proceedings of International Workshop on Smart Appliances and Wearable Computing IWSAWC, in the 21st International Conference on Distributed Computing Systems (ICDCS-21), 2001, Department of Computer Science and Electrical Engineering, University of Maryland Baltimore County, Baltimore, MD (April 2001).
E.C. Lupu, D.A. Marriott, M.S. Sloman and N. Yialelis, A policy based role framework for access control (1995).
E. Lupu and M. Sloman, A policy based role object model (1997).
Orange and Unisys build the house that listens.
R.L. Rivest and B. Lampson, SDSI ‐ A simple distributed security infrastructure, presented at CRYPTO'96 Rumpsession (1996).
RSA Laboratories, PKCS 11-cryptographic token interface standard (January 1994).
P.R. Zimmermann, The Official PGP User's Guide (MIT Press, Cambridge, MA, 1995).
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Undercoffer, J., Perich, F., Cedilnik, A. et al. A Secure Infrastructure for Service Discovery and Access in Pervasive Computing. Mobile Networks and Applications 8, 113–125 (2003). https://doi.org/10.1023/A:1022224912300
Issue Date:
DOI: https://doi.org/10.1023/A:1022224912300