Context-Aware Authentication for the Internet of Things

Many traditional authentication and access control mechanisms do not use context-aware approach, i.e., those mechanisms do not incorporate context parameters while mak- ing authentication and authorisation decisions. The context unaware mechanisms can be inadequate for the Internet of Things due to its dynamic and heterogeneous environment. The context information can be used to reconfigure security mechanisms and adjust security parameters. The contextual information can be integrated into various security mecha- nisms such as authentication, access control, encryption, etc. The context-aware security is the dynamic adjustment of secu- rity policy based on the context. In this paper, we discuss the context-awareness techniques for authentication and access control mechanisms. We present the concepts of context, con- text- awareness, and context based security and highlight con- textual attributes that can be used to support and enhance authentication and access control mechanisms for the Internet of Things.

[1]  Gabriele Lenzini Trust-Based and Context-Aware Authentication in a Software Architecture for Context and Proximity-Aware Services , 2008, WADS.

[2]  Claudia Linnhoff-Popien,et al.  A Context Modeling Survey , 2004 .

[3]  Alfred C. Weaver,et al.  A Dynamic, Context-Aware Security Infrastructure , 2004 .

[4]  Pierre E. Abi-Char,et al.  A dynamic trust-based context-aware secure authentication framework for pervasive computing environments. (Une architecture d'authentification dynamique et sécurisé, sensible au contexte et basé sur la confiance pour les environnements pervasifs) , 2010 .

[5]  Antti Evesti,et al.  Context-aware systems and adaptive user authentication , 2013, AmI 2013.

[6]  David Kirsh,et al.  The Context of Work , 2001, Hum. Comput. Interact..

[7]  Bill N. Schilit,et al.  Disseminating active map information to mobile hosts , 1994, IEEE Network.

[8]  Bachar El-Hassan,et al.  Towards a Context Aware Modeling of Trust and Access Control Based on the User Behavior and Capabilities , 2013, ICOST.

[9]  M. Parashar,et al.  Context-aware Dynamic Access Control for Pervasive Applications , 2004 .

[10]  Bruce Christianson,et al.  An adaptive access control model for medical data in Wireless Sensor Networks , 2013, 2013 IEEE 15th International Conference on e-Health Networking, Applications and Services (Healthcom 2013).

[11]  Ian Oakley,et al.  CASA: context-aware scalable authentication , 2013, SOUPS.

[12]  Konrad Wrona,et al.  ontext-aware security and secure context-awareness in ubiquitous computing environments , 2006 .

[13]  Arkady B. Zaslavsky,et al.  Context Aware Computing for The Internet of Things: A Survey , 2013, IEEE Communications Surveys & Tutorials.

[14]  Gregory D. Abowd,et al.  Towards a Better Understanding of Context and Context-Awareness , 1999, HUC.

[15]  David R. Morse,et al.  Enhanced Reality Fieldwork: the Context Aware Archaeological Assistant , 1997 .

[16]  Jakob E. Bardram,et al.  Context-Aware User Authentication - Supporting Proximity-Based Login in Pervasive Computing , 2003, UbiComp.

[17]  Tao Feng,et al.  TIPS: context-aware implicit user identification using touch screen in uncontrolled environments , 2014, HotMobile.

[18]  Seng Wai Loke,et al.  Context-based security (and safety) meta-policies for pervasive computing environments: the case of smart momes , 2005, CONTEXT Workshop on Safety and Context.

[19]  Jadwiga Indulska,et al.  A survey of context modelling and reasoning techniques , 2010, Pervasive Mob. Comput..

[20]  Wei Liu,et al.  A survey on context awareness , 2011, 2011 International Conference on Computer Science and Service System (CSSS).

[21]  Jean-Marie Bonnin,et al.  On the benefit of context-awareness for security mechanisms in LTE/EPS networks , 2013, 2013 IEEE 24th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC).

[22]  Chris Wullems,et al.  Towards context-aware security: an authorization architecture for intranet environments , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[23]  Laurent Gomez,et al.  Context-aware security and secure context-awareness in ubiquitous computing environments , 2006, Ann. UMCS Informatica.

[24]  Martin L. Griss,et al.  Context-Aware Authentication Framework , 2009, MobiCASE.

[25]  Patrick Brézillon,et al.  Context-based security policies: a new modeling approach , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[26]  Hisato Kobayashi,et al.  Inclusive Society: Health and Wellbeing in the Community, and Care at Home , 2013, Lecture Notes in Computer Science.

[27]  Ahmed Karmouch,et al.  A framework for context-aware authentication , 2008 .

[28]  Gregory D. Abowd,et al.  Providing architectural support for building context-aware applications , 2000 .

[29]  Ana M. Bernardos,et al.  A data fusion framework for context-aware mobile services , 2008, 2008 IEEE International Conference on Multisensor Fusion and Integration for Intelligent Systems.

[30]  Christoph Busch,et al.  Context-Aware Mobile Biometric Authentication based on Support Vector Machines , 2013, 2013 Fourth International Conference on Emerging Security Technologies.

[31]  Graça Bressan,et al.  A Continuous Authentication System Based on User Behavior Analysis , 2010, 2010 International Conference on Availability, Reliability and Security.

[32]  M. Kjærgaard,et al.  Towards a Formal Model of Context Awareness , 2006 .

[33]  Wolfgang Leister,et al.  A Novel Authentication Framework Based on Biometric and Radio Fingerprinting for the IoT in eHealth , 2014 .

[34]  Patrick Brézillon,et al.  Modeling context-based security policies with contextual graphs , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[35]  Federica Paganelli,et al.  A Context-Aware Security Framework for Next Generation Mobile Networks , 2009, MobiSec.

[36]  Stefan Poslad,et al.  Ubiquitous Computing: Smart Devices, Environments and Interactions , 2009 .

[37]  Bill N. Schilit,et al.  Context-aware computing applications , 1994, Workshop on Mobile Computing Systems and Applications.

[38]  Gabriele Lenzini,et al.  Context Sensitive Adaptive Authentication , 2007, EuroSSC.