Access Control to Information in Pervasive Computing Environments

Many types of information available in a pervasive computing environment, such as people location information, should be accessible only by a limited set of people. Some properties of the information raise unique challenges for the design of an access control mechanism: Information can emanate from more than one source, it might change its nature or granularity before reaching its final receiver, and it can flow through nodes administrated by different entities. We propose three design principles for the architecture of an access control mechanism: (1) extract pieces of information in raw data streams early, (2) define policies controlling access at the information level, and (3) exploit information relationships for access control. We describe an example architecture in which we apply these principles. We also report how our earlier work about adding access control to a people location service contributed to the more general access control architecture proposed here.

[1]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[2]  Alan T. Sherman,et al.  Key Establishment in Large Dynamic Groups Using One-Way Function Trees , 2003, IEEE Trans. Software Eng..

[3]  Vijayalakshmi Atluri,et al.  An authorization model for temporal and derived data: securing information portals , 2002, TSEC.

[4]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[5]  Timothy W. Finin,et al.  A policy language for a pervasive computing environment , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[6]  Kent E. Seamons,et al.  Concealing complex policies with hidden credentials , 2004, CCS '04.

[7]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[8]  Mark Strembeck,et al.  An approach to engineer and enforce context constraints in an RBAC environment , 2003, SACMAT '03.

[9]  Nikita Borisov,et al.  Active Certificates: A Framework for Delegation , 2002, NDSS.

[10]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[11]  Jon Howell,et al.  End-to-end authorization , 2000, OSDI.

[12]  Peter Honeyman,et al.  Kerberized Credential Translation: A Solution to Web Access Control , 2001, USENIX Security Symposium.

[13]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[14]  Peter Steenkiste,et al.  Implementing access control to people location information , 2004, SACMAT '04.

[15]  Harry Chen,et al.  An ontology for context-aware pervasive computing environments , 2003, The Knowledge Engineering Review.

[16]  Timothy W. Finin,et al.  Trust-Based Security in Pervasive Computing Environments , 2022 .

[17]  Ninghui Li,et al.  RT: a Role-based Trust-management framework , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[18]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[19]  Vipul Gupta,et al.  Sizzle: A Standards-Based End-to-End Security Architecture for the Embedded Internet (Best Paper) , 2005, PerCom.

[20]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[21]  Elisa Bertino,et al.  A model of authorization for next-generation database systems , 1991, TODS.

[22]  Trevor Jim,et al.  SD3: a trust management system with certified evaluation , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[23]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[24]  Marianne Winslett,et al.  A unified scheme for resource protection in automated trust negotiation , 2003, 2003 Symposium on Security and Privacy, 2003..

[25]  Mikhail J. Atallah,et al.  Hidden access control policies with hidden credentials , 2004, WPES '04.

[26]  Martín Abadi,et al.  Authentication in distributed systems: theory and practice , 1991, SOSP '91.

[27]  Diana K. Smetters,et al.  Domain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPSEC , 2003, USENIX Security Symposium.

[28]  Gregory D. Abowd,et al.  Securing context-aware applications using environment roles , 2001, SACMAT '01.

[29]  Lujo Bauer,et al.  Distributed proving in access-control systems , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[30]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[31]  Peter Steenkiste,et al.  Providing contextual information to ubiquitous computing applica-tions , 2002 .

[32]  Diana K. Smetters,et al.  Secret handshakes from pairing-based key agreements , 2003, 2003 Symposium on Security and Privacy, 2003..

[33]  Patrick D. McDaniel,et al.  On context in authorization policy , 2003, SACMAT '03.

[34]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[35]  Karen R. Sollins,et al.  Cascaded authentication , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[36]  Mihir Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2005, Journal of Cryptology.

[37]  Lujo Bauer,et al.  A General and Flexible Access-Control System for the Web , 2002, USENIX Security Symposium.

[38]  Bob Briscoe,et al.  MARKS: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences , 1999, Networked Group Communication.

[39]  Nigel Davies,et al.  Preserving Privacy in Environments with Location-Based Applications , 2003, IEEE Pervasive Comput..

[40]  Andrew W. Appel,et al.  Proof-carrying authentication , 1999, CCS '99.

[41]  Jeff Magee,et al.  Security Considerations for a Distributed Location Service , 1998, Journal of Network and Systems Management.

[42]  Morrie Gasser,et al.  An architecture for practical delegation in a distributed system , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[43]  Mahadev Satyanarayanan,et al.  Scale and performance in a distributed file system , 1988, TOCS.

[44]  Markus Jakobsson,et al.  Efficient Constructions for One-Way Hash Chains , 2005, ACNS.

[45]  Gaetano Borriello,et al.  Location Systems for Ubiquitous Computing , 2001, Computer.

[46]  Roy H. Campbell,et al.  Cerberus: a context-aware security scheme for smart spaces , 2003, Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003. (PerCom 2003)..

[47]  T ShermanAlan,et al.  Key Establishment in Large Dynamic Groups Using One-Way Function Trees , 2003 .

[48]  Hilarie K. Orman,et al.  Hidden Credentials , 2003, WPES '03.

[49]  Andrew W. Appel,et al.  Access control for the web via proof-carrying authorization , 2003 .

[50]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[51]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[52]  Harry Chen,et al.  Semantic Web in the context broker architecture , 2004, Second IEEE Annual Conference on Pervasive Computing and Communications, 2004. Proceedings of the.

[53]  Indrajit Ray,et al.  A cryptographic solution to implement access control in a hierarchy and more , 2002, SACMAT '02.

[54]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[55]  Mike Spreitzer,et al.  Providing Location Information in a Ubiquitous Computing Environment , 1994, Mobidata.

[56]  Anand R. Tripathi,et al.  Context-based secure resource access in pervasive computing environments , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[57]  Jennifer Seberry,et al.  New Solutions to the Problem of Access Control in a Hierarchy , 1993 .

[58]  Bradford W. Wade,et al.  An authorization mechanism for a relational database system , 1976, TODS.

[59]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[60]  Ian Horrocks,et al.  OWL Web Ontology Language Reference-W3C Recommen-dation , 2004 .

[61]  Refik Molva,et al.  Policy-Based Cryptography and Applications , 2005, Financial Cryptography.

[62]  Jon Howell,et al.  A Formal Semantics for SPKI , 2000, ESORICS.

[63]  Harry Chen,et al.  A Pervasive Computing Ontology for User Privacy Protection in the Context Broker Architecture , 2004 .

[64]  B. Clifford Neuman,et al.  Proxy-based authorization and accounting for distributed systems , 1993, [1993] Proceedings. The 13th International Conference on Distributed Computing Systems.

[65]  Peter Steenkiste,et al.  Exploiting Information Relationships for Access Control , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[66]  Ravi S. Sandhu,et al.  Cryptographic Implementation of a Tree Hierarchy for Access Control , 1988, Inf. Process. Lett..

[67]  Peter Steenkiste,et al.  Exploiting Hierarchical Identity-Based Encryption for Access Control to Pervasive Computing Information , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[68]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[69]  V. Rich Personal communication , 1989, Nature.

[70]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[71]  Steven Tuecke,et al.  X.509 Proxy Certificates for Dynamic Delegation , 2004 .

[72]  KagalLalana,et al.  Trust-Based Security in Pervasive Computing Environments , 2001 .

[73]  David Kotz,et al.  Controlling access to pervasive information in the "Solar" system , 2002 .

[74]  Peter Steenkiste,et al.  Protecting Access to People Location Information , 2003, SPC.

[75]  David Mazières,et al.  Separating key management from file system security , 1999, SOSP.

[76]  Joan Feigenbaum,et al.  The KeyNote Trust-Management System Version 2 , 1999, RFC.

[77]  James A. Hendler,et al.  The Semantic Web" in Scientific American , 2001 .

[78]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.

[79]  Silvana Castano,et al.  Database Security , 1997, IFIP Advances in Information and Communication Technology.

[80]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[81]  Andrew C. Myers,et al.  Complete, safe information flow with decentralized labels , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[82]  Liqun Chen,et al.  Applications of Multiple Trust Authorities in Pairing Based Cryptosystems , 2002, InfraSec.

[83]  Marianne Winslett,et al.  Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation , 2001, NDSS.

[84]  David Kotz,et al.  Secure Context-Sensitive Authorization , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[85]  L. Stein,et al.  OWL Web Ontology Language - Reference , 2004 .

[86]  Wen-Guey Tzeng,et al.  A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy , 2002, IEEE Trans. Knowl. Data Eng..

[87]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[88]  Ninghui Li,et al.  Oblivious signature-based envelope , 2003, PODC '03.

[89]  Harry Chen,et al.  SOUPA: standard ontology for ubiquitous and pervasive applications , 2004, The First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 2004. MOBIQUITOUS 2004..

[90]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[91]  Roberto Tamassia,et al.  Role-based cascaded delegation , 2004, SACMAT '04.

[92]  Elisa Bertino,et al.  A temporal authorization model , 1994, CCS '94.

[93]  Mustaque Ahamad,et al.  A context-aware security architecture for emerging applications , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[94]  Mark Weiser The computer for the 21st century , 1991 .

[95]  Ninghui Li,et al.  Distributed Credential Chain Discovery in Trust Management , 2003, J. Comput. Secur..

[96]  P. Hoffman Internet Draft , 1998 .

[97]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[98]  Frank Pfenning,et al.  System Description: Twelf - A Meta-Logical Framework for Deductive Systems , 1999, CADE.

[99]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[100]  Lein Harn,et al.  A cryptographic key generation scheme for multilevel data security , 1990, Comput. Secur..

[101]  Michael Waidner,et al.  Platform for Enterprise Privacy Practices: Privacy-Enabled Management of Customer Data , 2002, Privacy Enhancing Technologies.

[102]  Norman Hardy,et al.  The Confused Deputy: (or why capabilities might have been invented) , 1988, OPSR.

[103]  Chris Wullems,et al.  Towards context-aware security: an authorization architecture for intranet environments , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[104]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[105]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[106]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[107]  Ninghui Li,et al.  Towards practical automated trust negotiation , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[108]  Paul Ashley,et al.  E-P3P privacy policies and privacy authorization , 2002, WPES '02.

[109]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.

[110]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[111]  J. Feigenbaum,et al.  The KeyNote trust management system version2, IETF RFC 2704 , 1999 .

[112]  Marc Langheinrich,et al.  Privacy and trust issues with invisible computers , 2005, CACM.

[113]  David Garlan,et al.  Project Aura: Toward Distraction-Free Pervasive Computing , 2002, IEEE Pervasive Comput..

[114]  Fabien L. Gandon,et al.  A Semantic E-Wallet to Reconcile Privacy and Context Awareness , 2003, SEMWEB.

[115]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[116]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[117]  James A. Landay,et al.  Modeling Privacy Control in Context-Aware Systems , 2002, IEEE Pervasive Comput..

[118]  Elisa Bertino,et al.  A new Authorization Model for Object-Oriented Databases , 1994, DBSec.

[119]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[120]  Ivan Visconti,et al.  User privacy issues regarding certificates and the TLS protocol: the design and implementation of the SPSL protocol , 2000, CCS.

[121]  Yevgeniy Dodis,et al.  ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption , 2004, CCS '04.

[122]  Gene Tsudik,et al.  Secret Handshakes from CA-Oblivious Encryption , 2004, ASIACRYPT.

[123]  David Kotz,et al.  Secure Context-Sensitive Authorization , 2005, PerCom.

[124]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[125]  LangheinrichMarc,et al.  Privacy and trust issues with invisible computers , 2005 .

[126]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[127]  Jean Bacon,et al.  A model of OASIS role-based access control and its support for active security , 2002, ACM Trans. Inf. Syst. Secur..

[128]  Ninghui Li,et al.  Safety in Automated Trust Negotiation , 2004, IEEE Symposium on Security and Privacy.

[129]  Nigel P. Smart Access Control Using Pairing Based Cryptography , 2003, CT-RSA.