Security for Heterogeneous and Ubiquitous Environments Consisting of Resource-Limited Devices: An Approach to Authorization Using Kerberos
Recent widespread of small electronic devices with a low capacity microprocessor and wireless communication capabilities integrated, has given place to the emergence of new communication scenarios, mainly characterized by their heterogeneity and ubiquity. As an example, in the near future, it will be very common for users to access and control electrical appliances or high performance sensors in remote locations just by using their mobile phone or PDA. However, for these environments to achieve the expected success they must probe to be secure and reliable. The security algorithms and mechanisms used to date are meant for powerful workstations and not suitable for small devices with specific constraints regarding energy and processing power. Therefore, in this paper we present a lightweight authentication and authorization solution based on the Kerberos symmetric key protocol, and we propose an extension of its functionalities in order to add authorization support.
KeywordsAuthorization system Communication system security Kerberos
Unable to display preview. Download preview PDF.
- 1.Al-Muhtadi, J., Mickunas, D., Campbell, R.: Wearable security services. In: 21st International Conference on Distributed Computing Systems, Phoenix, pp. 266–271 (2001)Google Scholar
- 2.Abadi, D.J., Lindner, W., Madden, S., Schuler, J.: An integration framework for sensor networks and data stream management systems. In: 30th international Conference on Very Large Data Bases, Toronto, vol. 30, pp. 1361–1364 (2004)Google Scholar
- 3.Kansal, A., Goraczko, M., Zhao, F.: Building a sensor network of mobile phones. In: 6th international conference on Information processing in sensor networks, Cambridge, Massachusetts, pp. 547–548 (2007)Google Scholar
- 4.Dunkels, A., Alonso, J., Voigt, T.: Making TCP/IP Viable for Wireless Sensor Networks. In: Work-in-Progress Session of the first European Workshop on Wireless Sensor Networks, Berlin (2004)Google Scholar
- 5.6lowpan IETF group, http://www.ietf.org/html.charters/6lowpan-charter.html
- 6.Neuman, C., Hartman, S., Raeburn, K.: The Kerberos network authentication service, v5 (2005), http://www.ietf.org/rfc/rfc4120.txt
- 8.Ruangchaijatupon, N., Krishnamurthy, P.: Encryption and power consumption in wireless LANs-N. In: 3rd IEEE Workshop on Wireless LANs, Newton, Massachusetts (2001)Google Scholar
- 9.Potlapally, N.R., Ravi, S., Raghunathan, A., Jha, N.K.: Analyzing the energy consumption of security protocols. In: 2003 International Symposium on Low Power Electronics and Design, Seoul, pp. 30–35 (2003)Google Scholar
- 10.Wettstein, G.H., Grosen, J.: IDfusion, an open-architecture for Kerberos based authorization. In: AFS and Kerberos Best Practices Workshop, Michigan (2006)Google Scholar
- 11.Neuman, C.: Proxy-based authorization and accounting for distributed systems. In: 13th International Conference on Distributed Computing Systems, Pittsburgh, pp. 283–291 (1993)Google Scholar
- 12.Walla, M.: Kerberos explained, issue of Windows 2000 Advantage magazine (2000), http://technet.microsoft.com/en-us/library/bb742516.aspx