论文信息 - Further improvement on a novel privacy preserving authentication and access control scheme for pervasive computing environments

Further improvement on a novel privacy preserving authentication and access control scheme for pervasive computing environments

Privacy and authentication are very important concepts and service levels to anonymous communications and data confidentiality. Recently, Ren et al. proposed an authentication and access control scheme for preserving privacy in pervasive computing environments (PCEs). However, in this paper, it is demonstrated that the so-called secure, privacy preserving authentication and access control scheme proposed by Ren et al. is vulnerable to service abuse attacks and, as a result, illegitimate users can freely access the service through the service provider without any worries and this flaw would lead to a serious accounting problem with their scheme. Therefore, we proposed a security improvement to their scheme to neutralize this weakness and an efficiency improvement to enhance the performance of their scheme in the user operational phase. More importantly, a new improved proposal for a scheme can still allow the mobile user to anonymously interact with the service provider in a PCE is demonstrated.

[1] Johann Cas,et al. Privacy in pervasive computing environments - a contradiction in terms? , 2005, IEEE Technology and Society Magazine.

[2] Lionel M. Ni,et al. Facilitating secure ad hoc service discovery in public environments , 2005, J. Syst. Softw..

[3] Martín Abadi,et al. A logic of authentication , 1990, TOCS.

[4] Min-Shiang Hwang,et al. A Study of Micro-payment Based on One-way Hash Chain , 2006, Int. J. Netw. Secur..

[5] Sheikh Iqbal Ahamed,et al. Security in Pervasive Computing: Current Status and Open Issues , 2006, Int. J. Netw. Secur..

[6] Johann van der Merwe,et al. A survey on peer-to-peer key management for mobile ad hoc networks , 2007, CSUR.

[7] David Chaum,et al. Advances in Cryptology: Proceedings Of Crypto 83 , 2012 .

[8] Robert H. Deng,et al. A novel privacy preserving authentication and access control scheme for pervasive computing environments , 2006, IEEE Transactions on Vehicular Technology.

[9] Qi He,et al. The quest for personal control over mobile location privacy , 2004, IEEE Communications Magazine.

[10] Min-Shiang Hwang,et al. A new strong-password authentication scheme using one-way hash functions , 2006 .