Attribute-Based Authentication Model for Dynamic Mobile Environments

  • Michael J. Covington
  • Manoj R. Sastry
  • Deepak J. Manohar
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3934)


Rich, context-aware applications are emerging for mobile computing environments that provide new and innovative services to consumers. Security is critical for the successful realization of this vision. We propose a new method for authentication that utilizes contextual information to overcome the limitations inherent in traditional approaches. We have defined a model that uses contextual attributes to achieve an approach to authentication that is better suited for dynamic, mobile computing environments. We examine the use of trusted platforms to provide assurances for these contextual attributes. Our model promotes the adoption of many revolutionary mobile applications by providing a seamless and flexible user experience that can protect privacy and reduce administrative overhead.


Service Provider Mobile Platform Trusted Platform Module Access Request Contextual Attribute 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Sastry, M.R., Covington, M.J.: Attribute-based authentication using trusted platforms. In: Proceedings of the 8th International Symposium on Wireless Personal Multimedia Communications (WPMC 2005), Aalborg, Denmark (2005); Special Session on Platform SecurityGoogle Scholar
  2. 2.
    Trusted Computing Group: TCG specifications. TCG Website (2005), Available from:
  3. 3.
    World Wide Web Consortium (W3C): Platform for Privacy Preferences (P3P) Project (2005), Available from:
  4. 4.
    Corner, M.D., Noble, B.D.: Protecting applications with transient authentication. In: Proceedings of the 1st international conference on Mobile systems, applications and services, pp. 57–70 (2003)Google Scholar
  5. 5.
    Covington, M.J., Ahamad, M., Essa, I., Venkateswaran, H.: Parameterized authentication. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, Springer, Heidelberg (2004)Google Scholar
  6. 6.
    Kindberg, T., Zhang, K., Shankar, N.: Context authentication using constrained channels. In: Proceedings of the Fourth IEEE Workshop on Mobile Computing Systems and Applications (2002)Google Scholar
  7. 7.
    Creese, S.J., Goldsmith, M.H., Zakiuddin, B.R.,, I.: Authentication in pervasive computing. In: 1st International Conference on Security in Pervasive Computing (SPC) (2003)Google Scholar
  8. 8.
    Liberty Alliance Project: Liberty alliance project specifications. Liberty Alliance Website (2006), Available from:
  9. 9.
    Giuri, L., Iglio, P.: Role templates for content-based access control. In: Proceedings of the Second ACM Workshop on Role Based Access Control, Fairfax, Virginia, USA, pp. 153–159 (1997)Google Scholar
  10. 10.
    Covington, M.J., Long, W., Srinivasan, S., Dey, A., Ahamad, M., Abowd, G.: Securing context-aware applications using environment roles. In: Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT), Chantilly, Virginia, USA, pp. 10–20 (2001)Google Scholar

Copyright information

© Intel Corporation 2006

Authors and Affiliations

  • Michael J. Covington
    • 1
  • Manoj R. Sastry
    • 1
  • Deepak J. Manohar
    • 1
  1. 1.Corporate Technology GroupIntel CorporationUSA

Personalised recommendations