Security Provisioning in Pervasive Environments Using Multi-objective Optimization

  • Rinku Dewri
  • Indrakshi Ray
  • Indrajit Ray
  • Darrell Whitley
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5283)


Pervasive computing applications involve information flow across multiple organizations. Thus, any security breach in an application can have far-reaching consequences. However, effective security mechanisms can be quite different from those typically deployed in conventional applications since these mechanisms are constrained by various factors in a pervasive environment. In this paper, we propose a methodology to perform a cost-benefit analysis under such circumstances. Our approach is based on the formulation of a set of constrained multi-objective optimization problems to minimize the residual damage and the cost of security provisioning. We propose the use of workflow profiles to capture the contexts in which a communication channel is used in a pervasive environment. This is used to minimize the cost that the underlying business entity will have to incur in order to keep the workflow secure and running.


Security Pervasive computing Multi-objective optimization 


  1. 1.
    Judd, G., Steenkiste, P.: Providing Contextual Information to Pervasive Computing Applications. In: PerCom 2003, pp. 133–142 (2003)Google Scholar
  2. 2.
    Mostéfaoui, G.K., Brézillon, P.: Modeling Context-Based Security Policies with Contextual Graphs. In: PerCom 2004, pp. 28–32 (2004)Google Scholar
  3. 3.
    Mostéfaoui, G.K., Brézillon, P.: Context-Based Constraints in Security: Motivation and First Approach. Electronic Notes in Theoretical Computer Science 146(1), 85–100 (2006)CrossRefGoogle Scholar
  4. 4.
    Campbell, R.H., Al-Muhtadi, J., Naldurg, P., Sampemane, G., Mickunas, M.D.: Towards Security and Privacy for Pervasive Computing. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds.) ISSS 2002. LNCS, vol. 2609, pp. 1–15. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Chigan, C., Ye, Y., Li, L.: Balancing Security Against Performance in Wireless Ad Hoc and Sensor Networks. In: VTC 2004, vol. 7, pp. 4735–4739 (2004)Google Scholar
  6. 6.
    Ranganathan, A., Al-Muhtadi, J., Biehl, J., Ziebart, B., Campbell, R., Bailey, B.: Towards a Pervasive Computing Benchmark. In: PerCom 2005, pp. 194–198 (2005)Google Scholar
  7. 7.
    Bohn, J., Gärtner, F.: H.Vogt: Dependability Issues in Pervasive Computing in a Healthcare Environment. In: SPC 2003, pp. 53–70 (2003)Google Scholar
  8. 8.
    Black, J.P., Segmuller, W., Cohen, N., Leiba, B., Misra, A., Ebling, M.R., Stern, E.: Pervasive Computing in Health Care: Smart Spaces and Enterprise Information Systems. In: MobiSys 2004 Workshop on Context Awareness (2004)Google Scholar
  9. 9.
    Sanchez, C., Gruenwald, L., Sanchez, M.: A Monte Carlo Framework to Evaluate Context Based Security Policies in Pervasive Mobile Environments. In: MobiDE 2007, pp. 41–48 (2007)Google Scholar
  10. 10.
    Butler, S.A.: Security Attribute Evaluation Method: A Cost-benefit Approach. In: ICSE 2002, pp. 232–240 (2002)Google Scholar
  11. 11.
    Butler, S.A., Fischbeck, P.: Multi-attribute Risk Assessment. In: SREIS 2002 (2002)Google Scholar
  12. 12.
    Deb, K., Pratap, A., Agarwal, S., Meyarivan, T.: A Fast and Elitist Multiobjective Genetic Algorithm: NSGA–II. IEEE Transactions on Evolutionary Computation 6(2), 182–197 (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Rinku Dewri
    • 1
  • Indrakshi Ray
    • 1
  • Indrajit Ray
    • 1
  • Darrell Whitley
    • 1
  1. 1.Colorado State UniversityFort CollinsUSA

Personalised recommendations