Kui Ren
Abstract
In pervasive computing environments (PCEs), privacy and security are two important but contradictory objectives. Users enjoy services provided in PCEs only after their privacy issues being sufficiently addressed. That is, users could not be tracked down for wherever they are and whatever they are doing. However, service providers always want to authenticate the users and make sure they are accessing only authorized services in a legitimate way. In PCEs, such user authentication may include context authentication in addition to the entity authentication. In this paper, we propose a novel privacy enhanced anonymous authentication and access control scheme to secure the interactions between mobile users and services in PCEs with optional context authentication capability. The proposed scheme seamlessly integrates two underlying cryptographic primitives, blind signature and hash chain, into a highly flexible and lightweight authentication and key establishment protocol. It provides explicit mutual authentication and allows multiple current sessions between a user and a service, while allowing the user to anonymously interact with the service. The proposed scheme is also designed to be DoS resilient by requiring the user to prove her legitimacy when initializing a service session.
- 1. Microsoft Research. Easy living. http://research.microsoft. com/easyliving/.]]Google Scholar
- 2. GAIA-active spaces for ubiquitous computing. University of Illinois, Urbana-Champaign, IL. http://choices.cs. uiuc.edu/gaia/.]]Google Scholar
- 3. Location privacy protection act and other privacy related law. http://www.techlawjournal.com/cong107/Privacy.]]Google Scholar
- 4. MIT project oxygen. http://oxygen.lcs.mit.edu/.]]Google Scholar
- 5. National Institute of Standards and Technology (NIST), Pervasive Computing SmartSpace Laboratory. http://www. nist.gov/smartspace/.]]Google Scholar
- 6. Georgia Institute of Technology. The aware home. http:// www.cc.gatech.edu/fce/ahri/.]]Google Scholar
- 7. Al-Muhtadi J, Campbell R, Kapadia A, Mickunas D, Yi S (2002) Routing through the mist: privacy preserving communication in ubiquitous computing environments. In: International conference of distributed computing systems (ICDCS 2002), Vienna, Austria.]] Google Scholar
- 8. Al-Muhtadi J, Campbell R, Kapadia A, Mickunas D, Yi S (2002) Routing through the mist: design and implementation. Technical report UIUCDCS-R-2002-2267, March 2002.]]Google Scholar
- 9. Al-Muhtadi J, Ranganathan A, Campbell R, Mickunas M (2002) A flexible, privacy-preserving authentication framework for ubiquitous computing environments, ICDCS Workshops 2002, Vienna, Austria, pp 771-776.]] Google Scholar
- 10. Al-Muhtadi J, Ranganathan A, Campbell R, Mickunas M, (2003) Cerberus: a context-aware security scheme for smart spaces, PerCom, Fort Worth, TX, pp 489-496.]] Google Scholar
- 11. Burnside M et al (2002) Proxy-based security protocols in networked mobile devices. In: ACM SAC 2002, Madrid, Spain.]] Google Scholar
- 12. Camenisch J, Lysyanskaya A (2001) Efficient nontransferable anonymous multi-show credential system with optional anonymity revocation. In: Advances in cryptology, EUROCRYPT. LNCS 2045, Springer, Berlin Heidelberg New York, pp 93-118.]] Google Scholar
- 13. Campbell R, Al-Muhtadi J, Naldurg P, Sampemane G, Mickunas M (2002) Towards security and privacy for pervasive computing. In: ISSS, Tokyo, Japan, pp 1-15.]]Google Scholar
- 14. Chaum D (1982) Blind signatures for untraceable payments. In: Chaum D, Rivest RL, Sherman AT (eds) Advances in cryptology proceedings of crypto, vol 82. Plenum, New York, pp 199-203.]]Google Scholar
- 15. Chaum D (1981) Untraceable electronic mail, return addresses, and digital pseudonyms. Commun ACM 24(2): 84-88.]] Google ScholarDigital Library
- 16. Chaum D (1985) Security without identification: transaction systems to make Big Brother obsolete. Commun ACM 28(10):1030-1044.]] Google ScholarDigital Library
- 17. Creese S et al (2004) Authentication for pervasive computing. In: Security in pervasive computing 2003. LNCS 2803, Springer, Berlin Heidelberg New York, pp 116-129.]]Google ScholarCross Ref
- 18. Gruteser M, Grunwald D (2003) Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitiative analysis. In: WMASH'03, San Diego, CA.]] Google Scholar
- 19. He Q et al (2004) The quest for personal control over mobile location privacy. IEEE Commun Mag 42(5):130-136.]]Google ScholarDigital Library
- 20. Hengartner U, Steenkiste P (2003) Access control to information in pervasive computing environments. In: Proc. of 9th workshop on hot topics in operating systems (HotOS IX), Lihue, HI, May 2003.]] Google Scholar
- 21. Henrici D, Muller, P (2004) Tackling security and privacy issues in radio frequency identification devices. In: PERVASIVE 2004, LNCS 3001. Springer, Berlin Heidelberg New York, pp 219-224.]]Google Scholar
- 22. Jendricke U, Kreutzer M, Zugenmaier A (2002) Pervasive privacy with identity management. In: The 1st workshop on security, UbiComp 2002, Göteborg, Sweden.]]Google Scholar
- 23. Jendricke U, Kreutzer M, Zugenmaier A (2002) Mobile identity management. In: The 1st security workshop, UBICOMP, Sep. 2002, Göteborg, Sweden.]]Google Scholar
- 24. Langheinrich M (2002) A privacy awareness system for ubiquitous computing environments. In: UbiComp 2002. LNCS 2498. Springer, Berlin Heidelberg New York, pp 237-245.]] Google Scholar
- 25. Lysyanskaya A, Rivest R, Sahai A, Wolf S (1999) Pseudonym systems. In: Proceedings of selected areas in cryptography 1999. Springer, Berlin Heidelberg New York, pp 184-199.]] Google Scholar
- 26. Nakanishi K, Nakazawa J, Tokuda H (2003) LEXP: preserving user privacy and certifying location information. In: The 2nd workshop on security (Ubicomp2003).]]Google Scholar
- 27. Park D (2001) Cryptographic protocols for third generation mobile communication systems. PhD thesis, Queensland University of Technology, Australia.]]Google Scholar
- 28. Rivest R, Shamir A, Adleman L (1978) A Method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21:120-126.]] Google ScholarDigital Library
- 29. Rivest R (1992) The MD5 Message Digest Algorithms. IETF RFC 1321.]] Google Scholar
- 30. Lamport L (1981) Password authentication with insecure communication. Commun ACM 24(11):770-771.]] Google ScholarDigital Library
- 31. Weimerskirch A, Westhoff D (2003) Zero common-knowledge authentication for pervasive networks. In: Proceedings of selected areas of cryprotgraphy (SAC 2003), Ottawa, Ontario.]]Google Scholar
- 32. Ren K, Lou W, Deng R, Kim K (2006) A novel privacy preserving authentication and access control scheme in pervasive computing environments. IEEE Trans Veh Technol 55(4):1373-1384, July.]]Google ScholarCross Ref
- 33. Weiser M (1991) The computer for the 21st century. Sci Am 265(3)94-104.]]Google Scholar
- 34. Wu M, Friday A (2002) Integrating privacy enhancing services in ubiquitous computing environments. In: Workshop on security in ubiquitous computing, 4th international UBICOMP, Göteborg, Sweden.]]Google Scholar
- 35. Zugenmaier A, Hohl A (2003) Anonymity for users of ubiquitous computing. In: Security workshop, UbiComp 2003, Seattle, October 2003.]]Google Scholar
- 36. Xu S, Yung M (2004) k-anonymous secret handshakes with reusable credentials. In: Proc. of ACM conference on computer and communications security (CCS) 2004, pp 158-167.]] Google Scholar
Index Terms
- Privacy-enhanced, attack-resilient access control in pervasive computing environments with optional context authentication capability
Recommendations
An efficient signcryption for data access control in cloud computing
Data storage is one of main services in cloud computing. How to ensure the confidentiality and authorized access of data is the central issue of data storage. In this paper, we propose a novel data access control scheme that can simultaneously achieve ...
Practical deniable authentication for pervasive computing environments
Pervasive computing environments allow users to get services anytime and anywhere. Security has become a great challenge in pervasive computing environments because of its heterogeneity, openness, mobility and dynamicity. In this paper, we propose two ...
Further improvement on a novel privacy preserving authentication and access control scheme for pervasive computing environments
Privacy and authentication are very important concepts and service levels to anonymous communications and data confidentiality. Recently, Ren et al. proposed an authentication and access control scheme for preserving privacy in pervasive computing ...
Comments