Multilaterally secure pervasive cooperation

People tend to interact and communicate with others throughout their life. In the age of pervasive computing, information and communication technology (ICT) that is no longer bound to desktop computers enables digital cooperations in everyday life and work in an unprecedented manner. However, the privacy and IT security issues inherent in pervasive computing are often associated with negative consequences for the users and the (information) society as a whole. Addressing this challenge, this thesis demonstrates that carefully devised protection mechanisms can become enablers for multilaterally acceptable and trustworthy digital interactions and cooperations. It contributes to the design of multilaterally secure cooperative pervasive systems by taking a scenario-oriented approach. Within our reference scenario of ICT-supported emergency response, we derive the following scientific research questions. Firstly, we investigate how to enable real-world auditing in pervasive location tracking systems, while striking a balance between privacy protection and accountability. Secondly, we aim to support communication between a sender and mobile receivers that are unknown by identity, while end-to-end security is enforced. The required concepts and mechanisms define the scope of what we denote as multilaterally secure pervasive cooperation. We take a novel integrated approach and provide the supporting security techniques and mechanisms. The main contributions of this thesis are (i) pseudonyms with implicit attributes, which is an approach to multilevel linkable transaction pseudonyms that is based on a combination of threshold encryption techniques, secure multiparty computation and cryptographically secure pseudo-random number generators, (ii) multilaterally secure location-based auditing, a novel consideration of auditing mechanisms in the context of real-world actions that reconciles privacy protection and accountability while proposing location traces as evidence, (iii) a hybrid encryption technique for expressive policies, which allows encrypting under policies that include a continuous dynamic attribute, leveraging an efficient combination of ciphertext-policy attribute-based encryption, location-based encryption and symmetric encryption concepts, and (iv) end-to-end secure attribute-based messaging, a communication mechanism for end-to-end confidential messaging with receivers unknown by identity that is suitable also for resource constrained mobile devices. Harnessing these buildings blocks, we present an integrated architecture that supports location-aware first response. We therein consider location as the central integrating concept for pervasive cooperations. Both communication during incident handling as well as ex-post auditing are conceived as being location-based. Our research draws from experiences with potential real users (first responders and emergency decision makers) and from an interdisciplinary study. We contribute results derived from simulated court cases, indicating the trustworthiness and practicality of our proposal. Experiments conducted with prototype systems support the claim that our concepts are suitable for resource-constrained devices. In a theoretical analysis, we show that our security requirements are fulfilled. Our proposals have multiple further applications, e.g. to pseudonym-based access control.

[1]  Jon Finke Identity Management , 2006, LISA.

[2]  Achim D. Brucker,et al.  Information Flow in Disaster Management Systems , 2010, 2010 International Conference on Availability, Reliability and Security.

[3]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[4]  Stefan G. Weber,et al.  Inherent Tradeoffs in Ubiquitous Computing Services , 2007, GI Jahrestagung.

[5]  E. Bauserman,et al.  Disaster Strikes , 1955 .

[6]  Peter Langendörfer,et al.  Adapting pervasive systems to multiuser privacy requirements , 2008, Int. J. Ad Hoc Ubiquitous Comput..

[7]  David W. J. Stringer-Calvert,et al.  Digital Evidence , 2002, Commun. ACM.

[8]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[9]  Radia J. Perlman,et al.  Network security - private communication in a public world , 2002, Prentice Hall series in computer networking and distributed systems.

[10]  Levente Buttyán,et al.  Security and Cooperation in Wireless Networks: Thwarting Malicious and Selfish Behavior in the Age of Ubiquitous Computing , 2007 .

[11]  Rakesh Bobba,et al.  Using Attribute-Based Access Control to Enable Attribute-Based Messaging , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[12]  Max Mühlhäuser,et al.  Towards an Architecture for Balancing Privacy and Traceability in Ubiquitous Computing Environments , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[13]  Anna Redz,et al.  On equuality testing protocols and their security , 2003 .

[14]  Alan Borning,et al.  Location-Aware Tools for Improving Public Transit Usability , 2010, IEEE Pervasive Computing.

[15]  Bill N. Schilit,et al.  Disseminating active map information to mobile hosts , 1994, IEEE Network.

[16]  Brent Waters,et al.  Secure attribute-based systems , 2006, CCS '06.

[17]  Andreas Pfitzmann,et al.  Networks without user observability , 1987, Comput. Secur..

[18]  Hans Hedbom,et al.  Unlinking database entries: Implementation issues in privacy preserving secure logging , 2010, 2010 2nd International Workshop on Security and Communication Networks (IWSCN).

[19]  David Hausheer,et al.  Towards the Future Internet - A European Research Perspective , 2009, Future Internet Assembly.

[20]  Marc Langheinrich,et al.  Scanning with a Purpose - Supporting the Fair Information Principles in RFID Protocols , 2004, UCS.

[21]  Lars Kulik,et al.  Location privacy and location-aware computing , 2006 .

[22]  Giovanni Iachello,et al.  Privacy and Proportionality , 2006 .

[23]  Chunming Rong,et al.  Identity-Based Cryptography , 2009, Cryptology and Information Security Series.

[24]  Achim D. Brucker,et al.  Attribute-Based Encryption with Break-Glass , 2010, WISTP.

[25]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[26]  Stefan G. Weber Harnessing Pseudonyms with Implicit Attributes for Privacy-Respecting Mission Log Analysis , 2009, 2009 International Conference on Intelligent Networking and Collaborative Systems.

[27]  Sergey Bratus,et al.  Software on the Witness Stand: What Should It Take for Us to Trust It? , 2010, TRUST.

[28]  Ammar Rayes,et al.  Geo-Encryption Protocol For Mobile Networks , 2007, Comput. Commun..

[29]  Mare Langheinrich,et al.  Personal privacy in ubiquitous computing: Tools and system support , 2005 .

[30]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.

[31]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[32]  B. W. Murgatroyd End to end encryption in public safety TETRA networks , 2003 .

[33]  Costas Lambrinoudakis,et al.  Protecting privacy and anonymity in pervasive computing: trends and perspectives , 2006, Telematics Informatics.

[34]  Schahram Dustdar,et al.  ESCAPE - An Adaptive Framework for Managing and Providing Context Information in Emergency Situations , 2007, EuroSSC.

[35]  Vlad Coroama,et al.  The Smart Tachograph - Individual Accounting of Traffic Costs and Its Implications , 2006, Pervasive.

[36]  Koutarou Suzuki,et al.  Cryptographic Approach to “Privacy-Friendly” Tags , 2003 .

[37]  Norbert A. Streitz,et al.  The Disappearing Computer, Interaction Design, System Infrastructures and Applications for Smart Environments , 2007, The Disappearing Computer.

[38]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[39]  Susana Alcalde Bagüés,et al.  Sentry@Home - Leveraging the Smart Home for Privacy in Pervasive Computing , 2007 .

[40]  Simone Fischer-Hübner IDA (Intrusion Detection and Avoidance System): ein einbruchsentdeckendes und einbruchsvermeidendes System , 1993 .

[41]  B. S. Manoj,et al.  Communication challenges in emergency response , 2007, Commun. ACM.

[42]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[43]  Jong Hyuk Park,et al.  Privacy and fair information practices in ubiquitous environments: Research challenges and future directions , 2009, Internet Res..

[44]  Martin Pielot,et al.  Tactile Wayfinder: Comparison of Tactile Waypoint Navigation with Commercial Pedestrian Navigation Systems , 2010, Pervasive.

[45]  Marco Gruteser,et al.  Protecting privacy, in continuous location-tracking applications , 2004, IEEE Security & Privacy Magazine.

[46]  Apostolos P. Fournaris Trust Ensuring Crisis Management Hardware Module , 2010, Inf. Secur. J. A Glob. Perspect..

[47]  Frank Stajano,et al.  Security Issues in Ubiquitous Computing , 2010, Handbook of Ambient Intelligence and Smart Environments.

[48]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[49]  Melanie Hartmann,et al.  Context Models and Context Awareness , 2008, Handbook of Research on Ubiquitous Computing Technology for Real Time Enterprises.

[50]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[51]  Patrick Traynor,et al.  Realizing Massive-Scale Conditional Access Systems Through Attribute-Based Cryptosystems , 2008, NDSS.

[52]  Sara A. Bly,et al.  Technology for care networks of elders , 2004, IEEE Pervasive Computing.

[53]  Abigail Sellen,et al.  Design for Privacy in Ubiquitous Computing Environments , 1993, ECSCW.

[54]  Marc Langheinrich,et al.  Personal Privacy in Ubiquitous Computing , 2005 .

[55]  Max Mühlhäuser,et al.  Sybil-Free Pseudonyms, Privacy and Trust: Identity Management in the Internet of Services , 2011, J. Inf. Process..

[56]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[57]  Koutarou Suzuki,et al.  RFID Privacy Issues and Technical Challenges , 2005, IEEE Engineering Management Review.

[58]  Charalampos Z. Patrikakis,et al.  Security and Privacy in Pervasive Computing , 2007, IEEE Pervasive Computing.

[59]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[60]  Sheikh Iqbal Ahamed,et al.  Privacy in Pervasive Computing and Open Issues , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[61]  Sandford Bessler,et al.  A Privacy Enhancement Mechanism for Location Based Service Architectures Using Transaction Pseudonyms , 2005, TrustBus.

[62]  Jaap-Henk Hoepman,et al.  In Things We Trust? Towards Trustability in the Internet of Things - (Extended Abstract) , 2011, AmI Workshops.

[63]  Dorothy E. Denning,et al.  Geo-Encryption: Using GPS to Enhance Data Security , 2003 .

[64]  David C. Parkes,et al.  On non-cooperative location privacy: a game-theoretic analysis , 2009, CCS.

[65]  Boris Dragovic,et al.  CASPEr: containment-aware security for pervasive computing environments , 2006 .

[66]  Marco Gruteser,et al.  Enhancing Location Privacy in Wireless LAN Through Disposable Interface Identifiers: A Quantitative Analysis , 2003, WMASH '03.

[67]  Hartmut König,et al.  The Intrusion Detection System AID - Architecture, and Experiences in Automated Audit Analysis , 1996, Communications and Multimedia Security.

[68]  Leonidas Kazatzopoulos,et al.  Share the Secret: Enabling Location Privacy in Ubiquitous Environments , 2005, LoCA.

[69]  Kai Rannenberg,et al.  Pseudonymous audit for privacy enhanced intrusion detection , 1997, SEC.

[70]  Hannes Federrath,et al.  Location management strategies increasing privacy in mobile communication , 1996, SEC.

[71]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[72]  Felix Flentge,et al.  Designing Context-Aware HCI for Collaborative Emergency Management , 2008 .

[73]  Seda F. Gürses,et al.  Multilateral security requirements analysis for preserving privacy in ubiquitous environments , 2006 .

[74]  A. Soppera,et al.  Maintaining Privacy in Pervasive Computing — Enabling Acceptance of Sensor-based Services , 2022 .

[75]  Joachim Biskup,et al.  Recent Advances in Intrusion Detection , 2000, Lecture Notes in Computer Science.

[76]  François Koeune Pseudo-random number generator , 2005, Encyclopedia of Cryptography and Security.

[77]  Xiang Yao,et al.  The Design of a Dynamic Emergency Response Management Information System (DERMIS) , 2004 .

[78]  Alastair R. Beresford,et al.  Location privacy in ubiquitous computing , 2005 .

[79]  David J. Phillips Beyond Privacy: Confronting Locational Surveillance in Wireless Communication , 2003 .

[80]  Markus Jakobsson,et al.  Mix and Match: Secure Function Evaluation via Ciphertexts , 2000, ASIACRYPT.

[81]  S. Fischer-Hübner IT-Security and Privacy: Design and Use of Privacy-Enhancing Security Mechanisms , 2001 .

[82]  Max Mühlhäuser,et al.  Concepts and Scheme for Multilaterally Secure, User-Friendly Attribute-Based Messaging , 2010 .

[83]  Stefan Schlott,et al.  Privacy- und Sicherheitsaspekte in ubiquitären Umgebungen , 2008 .

[84]  Max Mühlhäuser,et al.  Towards Trustworthy Identity and Access Management for the Future Internet , 2010 .

[85]  Division on Earth Successful Response Starts with a Map: Improving Geospatial Support for Disaster Management , 2007 .

[86]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[87]  Tobias Scherner,et al.  A Multilaterally Secure, Privacy-Friendly Location-Based Service for Disaster Management and Civil Protection , 2005, ICN.

[88]  Jungwoo Ryoo,et al.  A comparison and classification framework for disaster information management systems , 2006 .

[89]  Mark Weiser,et al.  Some computer science issues in ubiquitous computing , 1993, CACM.

[90]  Manuel Blum,et al.  Noninteractive Zero-Knowledge , 1991, SIAM J. Comput..

[91]  Markus Jakobsson,et al.  Threshold Password-Authenticated Key Exchange , 2002, Journal of Cryptology.

[92]  P. Ehlert INTELLIGENT USER INTERFACES Introduction and survey , 2003 .

[93]  Phillip J. Windley Digital identity , 2005 .

[94]  Max Mühlhäuser,et al.  Introduction to Ubiquitous Computing , 2008, Handbook of Research on Ubiquitous Computing Technology for Real Time Enterprises.

[95]  Ling Liu,et al.  Encyclopedia of Database Systems , 2009, Encyclopedia of Database Systems.

[96]  Roy Want,et al.  Bridging physical and virtual worlds with electronic tags , 1999, CHI '99.

[97]  Hugo Krawczyk,et al.  Secure Applications of Pedersen's Distributed Key Generation Protocol , 2003, CT-RSA.

[98]  Michael Goshey,et al.  Radio Frequency Identification (RFID) , 2008, ACM SIGSPATIAL International Workshop on Advances in Geographic Information Systems.

[99]  Christoph Busch,et al.  Scenario test of accelerometer-based biometric gait recognition , 2011, 2011 Third International Workshop on Security and Communication Networks (IWSCN).

[100]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[101]  Zhou Wang,et al.  MIKoBOS - A Mobile Information and Communication System for Emergency Response , 2006 .

[102]  Erwin Aitenbichler A Focus on Location Context , 2008, Handbook of Research on Ubiquitous Computing Technology for Real Time Enterprises.

[103]  Andreas Pfitzmann,et al.  Usable presentation of secure pseudonyms , 2005, DIM '05.

[104]  Slim Trabelsi,et al.  Enabling Secure Service Discovery with Attribute Based Encryption , 2006 .

[105]  Chris W. Johnson Complexity, Structured Chaos and the Importance of Information Management for Mobile Computing in the UK Floods of 2007 , 2008, Mobile Response.

[106]  Emily Troshynski,et al.  Accountabilities of presence: reframing location-based systems , 2008, CHI.

[107]  Nishant Dubey,et al.  End-to-end confidentiality for a message warehousing service using Identity-Based Encryption , 2010, 2010 IEEE 26th International Conference on Data Engineering Workshops (ICDEW 2010).

[108]  Joachim Biskup,et al.  Threshold-based identity recovery for privacy enhanced applications , 2000, CCS.

[109]  Gregory D. Abowd,et al.  Privacy and proportionality: adapting legal evaluation techniques to inform design in ubiquitous computing , 2005, CHI.

[110]  William Stallings,et al.  THE ADVANCED ENCRYPTION STANDARD , 2002, Cryptologia.

[111]  Dakshi Agrawal,et al.  Limits of Anonymity in Open Environments , 2002, Information Hiding.

[112]  Stefan G. Weber Securing First Response Coordination with Dynamic Attribute-Based Encryption , 2009, 2009 World Congress on Privacy, Security, Trust and the Management of e-Business.

[113]  Mahadev Satyanarayanan Privacy: The Achilles Heel of Pervasive Computing? , 2003 .

[114]  Bruce Schneier,et al.  Practical cryptography , 2003 .

[115]  Wei Zhao,et al.  On the confidential auditing of distributed computing systems , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..

[116]  Max Mühlhäuser,et al.  Multilaterally Secure Ubiquitous Auditing , 2010, Intelligent Networking, Collaborative Systems and Applications.

[117]  Andreas Pfitzmann Multilateral Security: Enabling Technologies and Their Evaluation , 2006, ETRICS.

[118]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[119]  René Mayrhofer,et al.  applied sciences , 2005 .

[120]  Rakesh Bobba,et al.  Attribute-Based Messaging: Access Control and Confidentiality , 2010, TSEC.

[121]  Records, Computers and the Rights of Citizens , 1973 .

[122]  Yiannis Tsiounis,et al.  On the Security of ElGamal Based Encryption , 1998, Public Key Cryptography.

[123]  Brian A. Carter,et al.  Advanced Encryption Standard , 2007 .

[124]  Kaoru Kurosawa,et al.  Efficient Anonymous Channel and All/Nothing Election Scheme , 1994, EUROCRYPT.

[125]  Hans-Werner Gellersen,et al.  Location and Navigation Support for Emergency Responders: A Survey , 2010, IEEE Pervasive Computing.

[126]  Andrey Bogdanov,et al.  Biclique Cryptanalysis of the Full AES , 2011, ASIACRYPT.

[127]  L. Jean Camp,et al.  Beyond Consent: Privacy in Ubiquitous Computing (Ubicomp) , 2007 .

[128]  Gregory D. Abowd,et al.  Opportunities for Pervasive Computing in Chronic Cancer Care , 2009, Pervasive.

[129]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[130]  Bill N. Schilit,et al.  Context-aware computing applications , 1994, Workshop on Mobile Computing Systems and Applications.

[131]  Hui Xiong,et al.  Secure information sharing and analysis for effective emergency management , 2008, DG.O.

[132]  James A. Landay,et al.  Privacy risk models for designing privacy-sensitive ubiquitous computing systems , 2004, DIS '04.

[133]  Giovanni Di Crescenzo,et al.  Contemporary cryptology , 2005, Advanced courses in mathematics : CRM Barcelona.

[134]  Frank Stajano,et al.  Security for Ubiquitous Computing , 2002, ICISC.

[135]  Matthias Baldauf,et al.  A survey on context-aware systems , 2007, Int. J. Ad Hoc Ubiquitous Comput..

[136]  Apu Kapadia,et al.  Models for Privacy in Ubiquitous Computing Environments , 2005 .

[137]  Daniel J. Solove A Taxonomy of Privacy , 2006 .

[138]  Oliver Berthold,et al.  Dummy Traffic against Long Term Intersection Attacks , 2002, Privacy Enhancing Technologies.

[139]  Paul Müller,et al.  Providing Security and Privacy in RFID Systems Using Triggered Hash Chains , 2008, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom).

[140]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[141]  Jan Camenisch,et al.  Rethinking accountable privacy supporting services: extended abstract , 2008, DIM '08.

[142]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[143]  Gregory D. Abowd,et al.  Charting past, present, and future research in ubiquitous computing , 2000, TCHI.

[144]  Thomas Walter,et al.  Security in Pervasive Computing Calling for new Security Principles , 2007, IEEE International Conference on Pervasive Services.

[145]  Erdal Cayirci,et al.  Security in Wireless Ad Hoc and Sensor Networks , 2009 .

[146]  Thomas Santen,et al.  Contextualizing Security Goals: A Method for Multilateral Security Requirements Elicitation , 2006, Sicherheit.

[147]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[148]  Jin Tong,et al.  Attributed based access control (ABAC) for Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[149]  Matt Welsh,et al.  Sensor networks for emergency response: challenges and opportunities , 2004, IEEE Pervasive Computing.

[150]  Andreas Haeberlen,et al.  CSAR: A Practical and Provable Technique to Make Randomized Systems Accountable , 2009, NDSS.

[151]  O. Siemoneit,et al.  Opportunities for privacy and trust in the development of ubiquitous computing , 2007 .

[152]  Mahadev Satyanarayanan,et al.  Pervasive computing: vision and challenges , 2001, IEEE Wirel. Commun..

[153]  Micah Adler,et al.  An Analysis of the Degradation of Anonymous Protocols , 2002, NDSS.

[154]  Max Mühlhäuser,et al.  MundoMessage: enabling trustworthy ubiquitous emergency communication , 2011, ICUIMC '11.

[155]  John Leubsdorf,et al.  Privacy and Freedom , 1968 .

[156]  Yasujiro Murakami Privacy issues in the ubiquitous information society and law in Japan , 2004, 2004 IEEE International Conference on Systems, Man and Cybernetics (IEEE Cat. No.04CH37583).

[157]  Louis D. Brandeis,et al.  The Right to Privacy , 1890 .

[158]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[159]  Adam Raphael When Disaster Strikes , 1986 .

[160]  Torben P. Pedersen,et al.  Distributed Provers and Verifiable Secret Sharing Based on the Discrete Logarithm Problem , 1992 .

[161]  Dijiang Huang,et al.  ASPE: attribute-based secure policy enforcement in vehicular ad hoc networks , 2009, Ad Hoc Networks.

[162]  James A. Landay,et al.  Siren: Context-aware Computing for Firefighting , 2004, Pervasive.

[163]  T. Cooper Department of Health, Education, and Welfare. , 1976, Military medicine.

[164]  Simone Fischer-Hübner,et al.  Combining Verified and Adaptive System Components Towards More Secure Computer Architectures , 1990, Security and Persistence.

[165]  James A. Landay,et al.  Ubiquitous computing for firefighters: field studies and prototypes of large displays for incident command , 2004, CHI '04.

[166]  Peter Steenkiste,et al.  Access Control to Information in Pervasive Computing Environments , 2003, HotOS.

[167]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[168]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[169]  Melanie Volkamer,et al.  Towards long-term free and secret electronic elections providing voter-verifiability in the bulletin board model , 2009, ICEGOV '09.

[170]  Johann Cas,et al.  Privacy in pervasive computing environments - a contradiction in terms? , 2005, IEEE Technology and Society Magazine.

[171]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, EUROCRYPT.

[172]  Max Mühlhäuser,et al.  Identifiers, Privacy and Trust in the Internet of Services , 2010 .

[173]  Stefan Weber A Hybrid Encryption Technique Supporting Expressive Policies , 2010 .

[174]  John Krumm,et al.  A survey of computational location privacy , 2009, Personal and Ubiquitous Computing.

[175]  Hermann Hellwagner,et al.  Information and Communication Systems for Mobile Emergency Response , 2008, UNISCON.

[176]  William C. Mann,et al.  Enabling location-aware pervasive computing applications for the elderly , 2003, Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003. (PerCom 2003)..

[177]  Mark Weiser The computer for the 21st century , 1991 .

[178]  Michael Friedewald,et al.  Ubiquitous computing: An overview of technology impacts , 2011, Telematics Informatics.

[179]  Claudio Agostino Ardagna Privacy and security in distributed and pervasive systems , 2008 .

[180]  Nalini Venkatasubramanian,et al.  Project rescue: challenges in responding to the unexpected , 2003, IS&T/SPIE Electronic Imaging.

[181]  Nalini Venkatasubramanian,et al.  On-Demand Information Portals for Disaster Situations , 2007, 2007 IEEE Intelligence and Security Informatics.

[182]  Kai Rannenberg Multilateral security a concept and examples for balanced security , 2001, NSPW '00.

[183]  William P. Marnane,et al.  Identity- Based Cryptography , 2008 .

[184]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[185]  Ulrich Flegel,et al.  Privacy-Respecting Intrusion Detection , 2007, Advances in Information Security.

[186]  A. Acquisti,et al.  Digital privacy : theory, technologies, and practices , 2007 .

[187]  Martin Hirt,et al.  Multi party computation: efficient protocols, general adversaries, and voting , 2001 .

[188]  Thomas Kirste,et al.  Design Challenges for an Integrated Disaster Management Communication and Information System , 2002 .

[189]  Marco Casassa Mont,et al.  A flexible role-based secure messaging service: exploiting IBE technology for privacy in health care , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[190]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[191]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[192]  Jason I. Hong,et al.  End-User Privacy in Human-Computer Interaction , 2007, Found. Trends Hum. Comput. Interact..

[193]  Dirk Bradler Peer-to-peer concepts for emergency first response , 2010 .

[194]  Paul Dourish,et al.  Yesterday’s tomorrows: notes on ubiquitous computing’s dominant vision , 2007, Personal and Ubiquitous Computing.

[195]  Kai Rannenberg,et al.  Online Privacy: Towards Informational Self-Determination on the Internet (Dagstuhl Perspectives Workshop 11061) , 2011, Dagstuhl Manifestos.

[196]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[197]  Yehuda Lindell,et al.  Secure Multiparty Computation for Privacy-Preserving Data Mining , 2009, IACR Cryptol. ePrint Arch..

[198]  H. Raghav Rao,et al.  Framework for Analyzing Critical Incident Management Systems (CIMS) , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[199]  Ueli Maurer,et al.  Modelling a Public-Key Infrastructure , 1996, ESORICS.

[200]  Alexander Roßnagel Datenschutz in der Welt allgegenwärtigen Rechnens (Privacy in a World of Ubiquitous Computing) , 2007, it Inf. Technol..

[201]  Hans Hedbom,et al.  Adding Secure Transparency Logging to the PRIME Core , 2009, PrimeLife.

[202]  Kazue Sako,et al.  An Efficient Scheme for Proving a Shuffle , 2001, CRYPTO.

[203]  Erwin Aitenbichler Ubiquitous Computing Technology for Real Time Enterprises , 2008 .

[204]  Adam Greenfield,et al.  Everyware: The Dawning Age of Ubiquitous Computing , 2006 .

[205]  David W. Chadwick,et al.  Secure Role Based Messaging , 2004, Communications and Multimedia Security.

[206]  Christoph Endres,et al.  A task-based messaging approach to facilitate staff work , 2010, ISCRAM.

[207]  Leonidas Kazatzopoulos,et al.  Applying privacy on the dissemination of location information , 2006, Telematics Informatics.

[208]  K. Lauter,et al.  The advantages of elliptic curve cryptography for wireless security , 2004, IEEE Wireless Communications.

[209]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[210]  Christian Floerkemeier,et al.  Issues with RFID Usage in Ubiquitous Computing Applications , 2004, Pervasive.

[211]  Max Mühlhäuser,et al.  Location Privacy , 2005, Handbook of Algorithms for Wireless Networking and Mobile Computing.

[212]  Ravi S. Sandhu,et al.  Identity management , 2003, IEEE Internet Computing.

[213]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[214]  Gerald Quirchmayr,et al.  A Privacy Enhancing Mechanism based on Pseudonyms for Identity Protection in Location-Based Services , 2007, ACSW.

[215]  Murray Turoff,et al.  Human-computer interaction , 2007, Commun. ACM.

[216]  Ari Juels,et al.  Squealing Euros: Privacy Protection in RFID-Enabled Banknotes , 2003, Financial Cryptography.

[217]  D. Denning,et al.  A Location Based Encryption Technique and Some of Its Applications , 2003 .

[218]  Seng Wai Loke,et al.  Context-aware pervasive systems - architectures for a new breed of applications , 2019 .

[219]  Hans Hedbom,et al.  A Survey on Transparency Tools for Enhancing Privacy , 2008, FIDIS.

[220]  Michael Friedewald,et al.  Privacy, identity and security in ambient intelligence: A scenario analysis , 2007, Telematics Informatics.

[221]  A. Menezes An Introduction to Pairing-Based Cryptography , 2005 .

[222]  Luís A. Castro,et al.  Large-Scale Opportunistic Sensing , 2011, IEEE Pervasive Computing.

[223]  Friedemann Mattern,et al.  Living in a smart environment - implications for the coming ubiquitous information society , 2004, 2004 IEEE International Conference on Systems, Man and Cybernetics (IEEE Cat. No.04CH37583).

[224]  Birgit Pfitzmann,et al.  Secure and Anonymous Electronic Commerce: Providing Legal Certainty in Open Digital Systems Without , 2000 .

[225]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[226]  Leonidas Kazatzopoulos,et al.  Location privacy through secret sharing techniques , 2005, Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks.

[227]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.