Evaluating Confidence in Context for Context-Aware Security

  • Marc Lacoste
  • Gilles Privat
  • Fano Ramparany
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4794)

Abstract

We propose a software framework that augments context data with a range of assorted confidence/reputation metadata for dimensions such as security, privacy, safety, reliability, or precision, defined according to a generic context confidence ontology. These metadata are processed through the network of federated distributed software services that support the acquisition, aggregation/fusion and interpretation of context, up to its exploitation by context-aware applications. This solution for qualifying and gauging context data makes possible its use in more critical applications of context awareness, such as adaptation of security mechanisms. We show how to implement with our framework a quality-critical application like contextual adaptation of security services, where security is tailored to the protection requirements of the current situation as captured by relevant context data.

Keywords

Access Control Context Information Resource Description Framework Pervasive Computing Context Data 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Almenárez, F., Marín, A., Campo, C., García, C.: TrustAC: Trust-Based Access Control for Pervasive Devices. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, Springer, Heidelberg (2005)Google Scholar
  2. 2.
    Almenárez, F., Marín, A., Díaz, D., Sánchez, J.: Developing a Model for Trust Management in Pervasive Devices. In: IEEE Workshop on Pervasive Computing and Communication Security, IEEE Computer Society Press, Los Alamitos (2006)Google Scholar
  3. 3.
    Al-Muhtadi, J., Ranganathan, A., Campbell, R., Mickunas, M.: Cerberus: A Context-Aware Security Scheme for Smart Spaces. In: International Conference on Pervasive Computing and Communications (PerCom) (2003)Google Scholar
  4. 4.
    Badger, L., Sterne, D., Sherman, D., Walker, K., Haghinghat, S.: Practical Domain and Type Enforcement for UNIX. In: IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos (1995)Google Scholar
  5. 5.
    Bell, D., La Padula, L.: Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report no MTR-2997, MITRE Corporation (1975)Google Scholar
  6. 6.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: IEEE Symposium on Security and Privacy, Oakland, California, USA (1996)Google Scholar
  7. 7.
    Bruneton, E., Coupaye, T., Leclerc, M., Quéma, V., Stéfani, J.-B.: The Fractal Component Model and its Support in Java. Software - Practice and Experience (SP&E) special issue on Experiences with Auto-adaptive and Reconfigurable Systems 36(11-12), 1257–1284 (2006)CrossRefGoogle Scholar
  8. 8.
    Chess, D., Palmer, C., White, S.: Security in an Autonomic Computing Environment. IBM Systems Journal 42(1), 107–118 (2003)Google Scholar
  9. 9.
    Covington, M., Fogla, P., Zhan, Z., Ahamad, M.: A Context-Aware Security Architecture for Emerging Applications. In: Annual Computer Security Applications Conference (ACSAC) (2002)Google Scholar
  10. 10.
    Covington, M., Moyer, M., Ahamad, M.: Generalized Role-Based Access control for Securing Future Applications. In: National Information Systems Security Conference (NISSC) (2000)Google Scholar
  11. 11.
    Damiani, E., De Capitani, S., Paraboschi, S., Samarati, P., Violante, F.: A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. In: ACM Conference on Computer and Communications Security (CCS), Washington DC, USA (2002)Google Scholar
  12. 12.
    Ebling, M., Hunt, G., Lei, H.: Issues for Context Services for Pervasive Computing. In: Guerraoui, R. (ed.) Middleware 2001. LNCS, vol. 2218, Springer, Heidelberg (2001)Google Scholar
  13. 13.
    Euzenat, J., Pierson, J., Ramparany, F.: A Context Information Manager Component for Dynamic Environments. In: International Conference on Pervasive Computing (2006)Google Scholar
  14. 14.
    Fassino, J.P., Stefani, J.B., Lawall, J., Muller, G.: Think: A Software Framework for Component-Based Operating System Kernels. In: USENIX Annual Technical Conference (2002)Google Scholar
  15. 15.
    Flury, T., Privat, G.: An Infrastructure Template for Scalable Location-Based Services. In: Smart Objects Conference (SoC), Grenoble (May 2003)Google Scholar
  16. 16.
    Ganek, A., Corbi, T.: The Dawning of the Autonomic Computing Era. IBM Systems Journal 42(1), 5–18 (2003)CrossRefGoogle Scholar
  17. 17.
    Goldberg, I.: A Pseudonymous Communications Infrastructure for the Internet. PhD thesis, University of California at Berkeley (2000)Google Scholar
  18. 18.
    Gonzáles, A., Salas, L., Ramos, B., Rigaborda, A.: Providing Personalization and Automation to Spatial-Temporal Stamping Services. In: International Workshop on Secure Ubiquitous Networks (SUN) (2005)Google Scholar
  19. 19.
    Grandison, T., Sloman, M.: A Survey of Trust in Internet Applications. IEEE Communications Surveys 4(4), 2–16 (2000)CrossRefGoogle Scholar
  20. 20.
    Gu, T., Pung, H.K., Zhang, D.Q.: A Middleware for Building Context-Aware Mobile Services. In: Vehicular Technology Conference (VTC) (2004)Google Scholar
  21. 21.
    Hager, C.: Context Aware and Adaptive Security for Wireless Networks. PhD thesis, Virginia Polytechnic Institute and State University (2004)Google Scholar
  22. 22.
    Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 3280 (April 2002), http://www.ietf.org/rfc/rfc3280.txt
  23. 23.
    Jajodia, S., Samarati, P., Subrahmanian, V.: A Logical Language for Expressing Authorizations. In: IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos (1997)Google Scholar
  24. 24.
    Jarboui, T., Lacoste, M., Wadier, P.: A Component-Based Policy-Neutral Authorization Architecture. In: French Conference on Operating Systems (CFSE) (2006)Google Scholar
  25. 25.
    Jøsang, A., Ismail, R., Boyd, C.: A Survey of Trust and Reputation Systems for Online Service Provision. Decision Support Systems (2005)Google Scholar
  26. 26.
    Judd, G., Steenkiste, P.: Providing Contextual Information to Pervasive Computing Applications. In: PerCom 2003 (2003)Google Scholar
  27. 27.
    Hübscher, M.C., McCann, J.: Adaptive Middleware for Context-Aware Applications in Smart Homes. In: Workshop on Middleware for Pervasive and Ad Hoc Computing, Toronto (2004)Google Scholar
  28. 28.
    Lenat, D., Guha, R.V.: Building Large Knowledge-Based Systems: Representation and Inference in the Cyc Project. Addison-Wesley, Reading (1990)Google Scholar
  29. 29.
    McGuinness, D., van Harmelen, F.: OWL Web Ontology Language Overview. W3C Recommendation (2003), http://www.w3.org/TR/owl-features/
  30. 30.
    Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: Internet X.509 Public Key Infrastructure: Online Certificate Status Protocol – OCSP. RFC 2560 (June 1999), http://www.ietf.org/rfc/rfc2560.txt
  31. 31.
    Myles, G., Friday, A., Davies, N.: Preserving Privacy in Environments with Location-Based Applications. IEEE Pervasive Computing 2(1), 56–64 (2003)CrossRefGoogle Scholar
  32. 32.
    Pftizmann, A., Hansen, M.: Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management - A Consolidated Proposal for Terminology. Technical University of Dresden (2005)Google Scholar
  33. 33.
    Polakovic, J., Ozcan, A.E., Stefani, J.-B.: Building Reconfigurable Component-Based OS with Think. In: EUROMICRO 2006 (2006)Google Scholar
  34. 34.
    Ramparany, F., Euzenat, J., Broens, T., Pierson, J., Bottaro, A., Poortinga, R.: Context Management and Semantic Modelling for Ambient Intelligence. In: International Workshop on Future Research Challenges for Software and Services (FRCSS) (2006)Google Scholar
  35. 35.
    Ramparany, F., Poortinga, R., Stikic, M., Schmalenströer, J., Prante, T.: An Open Context Information Management Infrastructure. In: IE 2007. 3rd IET International Conference on Intelligent Environments, Ulm, Germany (September 2007)Google Scholar
  36. 36.
    Salber, D., Dey, A.K., Abowd, G.: The Context Toolkit: Aiding the Development of Context-Enabled Applications. In: Conference on Human Factors in Computing Systems (CHI) (1999)Google Scholar
  37. 37.
    Sastry, N., Shankar, U., Wagner, D.: Secure Verification of Location Claims. In: ACM Workshop on Wireless Security, pp. 1–10. ACM Press, New York (2003)CrossRefGoogle Scholar
  38. 38.
    Saxena, A., Lacoste, M., Jarboui, T., Lücking, U., Steinke, B.: A Software Framework for Autonomic Security in Pervasive Environments. In: International Conference on Information Systems Security (ICISS) (to appear, 2007)Google Scholar
  39. 39.
    SOAP Specifications. http://www.w3.org/TR/soap/
  40. 40.
  41. 41.
    Suryanarayana, G., Erenkrantz, J., Taylor, R.: An Architectural Approach for Decentralized Trust Management. IEEE Internet Computing 9(6), 16–23 (2005)CrossRefGoogle Scholar
  42. 42.
    Undercoffer, J., Perich, F., Cedilnik, A., Kagal, L., Joshi, A.: A Secure Infrastructure for Service Discovery and Access in Pervasive Computing. ACM Mobile Networks and Applications (MONET): Special Issue on Security in Mobile Computing Environments 8(2), 113–125 (2003)Google Scholar
  43. 43.
    Wullems, C., Looi, M., Clark, A.: Towards Context-aware Security: An Authorization Architecture for Intranet Environments. In: International Conference on Pervasive Computing and Communications Workshops (PerCom) (2004)Google Scholar
  44. 44.
    Yao, Z., Kim, D., Lee, I., Kim, K., Jang, J.: A Security Framework with Trust Management for Sensor Networks. In: IEEE Workshop on Security and QoS in Communication Networks (SecQoS), Athens, Greece (2005)Google Scholar
  45. 45.
    Zhang, K., Kindberg, T.: An Authorization Infrastructure for Nomadic Computing. In: Symposium on Access Control Models and Technologies (SACMAT) (2002)Google Scholar
  46. 46.
    Zugenmaier, A., Kreutzer, M., Kabatnik, M.: Enhancing Applications with Approved Location Stamps. In: IEEE Intelligent Network Workshop (IN), Boston, MA, USA (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Marc Lacoste
    • 1
  • Gilles Privat
    • 1
  • Fano Ramparany
    • 1
  1. 1.France Telecom R&D/Orange Labs 

Personalised recommendations