Security for Heterogeneous and Ubiquitous Environments Consisting of Resource-Limited Devices: An Approach to Authorization Using Kerberos

  • Jasone Astorga
  • Jon Matias
  • Purificacion Saiz
  • Eduardo Jacob
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 42)


Recent widespread of small electronic devices with a low capacity microprocessor and wireless communication capabilities integrated, has given place to the emergence of new communication scenarios, mainly characterized by their heterogeneity and ubiquity. As an example, in the near future, it will be very common for users to access and control electrical appliances or high performance sensors in remote locations just by using their mobile phone or PDA. However, for these environments to achieve the expected success they must probe to be secure and reliable. The security algorithms and mechanisms used to date are meant for powerful workstations and not suitable for small devices with specific constraints regarding energy and processing power. Therefore, in this paper we present a lightweight authentication and authorization solution based on the Kerberos symmetric key protocol, and we propose an extension of its functionalities in order to add authorization support.


Authorization system Communication system security Kerberos 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Al-Muhtadi, J., Mickunas, D., Campbell, R.: Wearable security services. In: 21st International Conference on Distributed Computing Systems, Phoenix, pp. 266–271 (2001)Google Scholar
  2. 2.
    Abadi, D.J., Lindner, W., Madden, S., Schuler, J.: An integration framework for sensor networks and data stream management systems. In: 30th international Conference on Very Large Data Bases, Toronto, vol. 30, pp. 1361–1364 (2004)Google Scholar
  3. 3.
    Kansal, A., Goraczko, M., Zhao, F.: Building a sensor network of mobile phones. In: 6th international conference on Information processing in sensor networks, Cambridge, Massachusetts, pp. 547–548 (2007)Google Scholar
  4. 4.
    Dunkels, A., Alonso, J., Voigt, T.: Making TCP/IP Viable for Wireless Sensor Networks. In: Work-in-Progress Session of the first European Workshop on Wireless Sensor Networks, Berlin (2004)Google Scholar
  5. 5.
  6. 6.
    Neuman, C., Hartman, S., Raeburn, K.: The Kerberos network authentication service, v5 (2005),
  7. 7.
    Kaijser, P., Parker, T., Pinkas, D.: SESAME: the solution to security for open distributed systems. Computer Communications 17(7), 501–518 (1994)CrossRefGoogle Scholar
  8. 8.
    Ruangchaijatupon, N., Krishnamurthy, P.: Encryption and power consumption in wireless LANs-N. In: 3rd IEEE Workshop on Wireless LANs, Newton, Massachusetts (2001)Google Scholar
  9. 9.
    Potlapally, N.R., Ravi, S., Raghunathan, A., Jha, N.K.: Analyzing the energy consumption of security protocols. In: 2003 International Symposium on Low Power Electronics and Design, Seoul, pp. 30–35 (2003)Google Scholar
  10. 10.
    Wettstein, G.H., Grosen, J.: IDfusion, an open-architecture for Kerberos based authorization. In: AFS and Kerberos Best Practices Workshop, Michigan (2006)Google Scholar
  11. 11.
    Neuman, C.: Proxy-based authorization and accounting for distributed systems. In: 13th International Conference on Distributed Computing Systems, Pittsburgh, pp. 283–291 (1993)Google Scholar
  12. 12.
    Walla, M.: Kerberos explained, issue of Windows 2000 Advantage magazine (2000),
  13. 13.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)CrossRefGoogle Scholar
  14. 14.
    Ferraiolo, D.F., Sandhu, R.S., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)CrossRefGoogle Scholar

Copyright information

© ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering 2010

Authors and Affiliations

  • Jasone Astorga
    • 1
  • Jon Matias
    • 1
  • Purificacion Saiz
    • 1
  • Eduardo Jacob
    • 1
  1. 1.Faculty of EngineeringUniversity of the Basque CountryBilbao

Personalised recommendations