Security for Whom? The Shifting Security Assumptions of Pervasive Computing

  • Frank Stajano
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2609)


Pervasive computing will introduce hundreds of computing devices per user. This change is of such magnitude that it is qualitative as well as quantitative. Old solutions may not scale when the size of the problem grows by such a factor—passwords, for example, will no longer be a suitable user authentication method.

In this paper we examine new security issues for pervasive computing including authentication, biometrics and digital rights management. But the potential impact of pervasive computing on society is such that we have a responsibility to look further than just the technical issues.


Security Policy User Authentication Pervasive Computing Location Privacy Digital Right Management 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Mark Weiser. “The Computer for the Twenty-First Century”. Scientific American, 265(3):94–104, Sep 1991. Scholar
  2. 2.
    Frank Stajano. Security for Ubiquitous Computing. John Wiley and Sons, Feb 2002. ISBN 0-470-84493-0.
  3. 3.
    Ross Anderson, Frank Stajano and Jong-Hyeon Lee. “Security Policies”. In Marvin V. Zelkowitz (ed.), “(untitled)”, vol. 55 of Advances in Computers, pp. 185–235. Academic Press, 2001. ISBN 0-12-012155-7.Google Scholar
  4. 4.
    Ross Anderson and Markus Kuhn. “Tamper Resistance-A Cautionary Note”. In “Proc. 2nd USENIX Workshop on Electronic Commerce”, 1996. ISBN 1-880446-83-9.
  5. 5.
    Oliver Kömmerling and Markus G. Kuhn. “Design Principles for Tamper-Resistant Smartcard Processors”. In “Proceedings of the USENIX Workshop on Smartcard Technology (Smartcard’ 99)”, pp. 9–20. USENIX Association, Chicago, IL, 10–11 May 1999. ISBN 1-880446-34-0.
  6. 6.
    Michael Roe. Cryptography and Evidence. Ph.D. thesis, University of Cambridge, 1997.
  7. 7.
    Ross Anderson. Security Engineering-A Guide to Building Dependable Distributed Systems. John Wiley & Sons, 2001. ISBN 0-471-38922-6.Google Scholar
  8. 8.
    Lisa Thalheim, Jan Krissler and Peter-Michael Ziegler. “Body Check: Biometric Access Protection Devices and their Programs Put to the Test”. c’t, 11:114.., 22 May 2002. Originally in German, but translated into English at the URL provided.
  9. 9.
    John Gilmore. “What’s Wrong With Copy Protection”, 16 Feb 2001. Originally posted to the mailing list on 2001-01-18 in response to an invitation by Ron Rivest.
  10. 10.
    Ross Anderson. “dTCPA / Palladium Frequently Asked Questions, Version 1.0”, Jul 2002.
  11. 11.
    Richard Stallman. “Can you trust your computer?”, 21 Oct 2002. Also archived at
  12. 12.
    Philip R. Zimmermann. “Testimony of Philip R. Zimmermann to the Subcommittee on Science, Technology, and Space of the US Senate Committee on Commerce, Science, and Transportation”, 26 Jun 1996. legis/960626 Zimm test.html.
  13. 13.
    Roy Want, Andy Hopper, Veronica Falcão and Jonathan Gibbons. “The Active Badge Location System”. ACM Transactions on Information Systems, 10(1):91–102, Jan 1992. Also available as AT&T Laboratories Cambridge Technical Report 92.1.CrossRefGoogle Scholar
  14. 14.
    Andy Ward, Alan Jones and Andy Hopper. “A New Location Technique for the Active Office”. IEEE Personal Communications, 4(5):42–47, Oct 1997. Also available as AT&T Laboratories Cambridge Technical Report 97.10.
  15. 15.
    Alastair Beresford and Frank Stajano. “Location Privacy in Pervasive Computing”, 2003. Accepted by IEEE Pervasive Computing. To appear.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Frank Stajano
    • 1
  1. 1.University of CambridgeCambridge

Personalised recommendations