Trusted Mobile Interaction via Extended Digital Certificates

While pervasive computing provides a potentially vast business opportunity for many industry participants it also brings with it challenges. In this article, we further analyze and demonstrate how to use the previously developed MobiPass architecture to convert the unpredictable, highly dynamic pervasive environment into a trusted business platform .It utilizes the widely accepted passport concept to evaluate and classify the potential mobile entities into a trustworthy form. It allows fine-grained access control without necessarily having had prior interaction with or knowledge of other parties and environments by setting customized rules against a MobiPolicy. The case-study of mobile social introduction is used to further describe the architecture and techniques. As the architecture provides the solid foundation for building a trusted and autonomous platform, it can greatly increase the users' confidence in interacting in ubiquitous environments and boost mobile business

[1]  Mark S. Ackerman,et al.  Privacy in pervasive environments: next generation labeling protocols , 2004, Personal and Ubiquitous Computing.

[2]  Ravi S. Sandhu,et al.  RBAC on the Web by smart certificates , 1999, RBAC '99.

[3]  Kyung Hyune Rhee,et al.  Securing Admission Control in Ubiquitous Computing Environment , 2005, ICN.

[4]  Paul Dourish,et al.  Security in the wild: user strategies for managing security as an everyday, practical problem , 2004, Personal and Ubiquitous Computing.

[5]  Tim Finin,et al.  A Security Architecture Based on Trust Management for Pervasive Computing Systems , 2002 .

[6]  Will Tao,et al.  MobiPass: a passport for mobile business , 2006, Personal and Ubiquitous Computing.

[7]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.

[8]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.

[9]  Will Tao,et al.  An Architecture for Unifying Web Services Authentication and Authorization , 2005, ICSOC.

[10]  Tharam S. Dillon,et al.  A design methodology for user access control (UAC) middleware , 2005, 2005 IEEE International Conference on e-Technology, e-Commerce and e-Service.

[11]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[12]  Paul Resnick,et al.  Trust among strangers in internet transactions: Empirical analysis of eBay' s reputation system , 2002, The Economics of the Internet and E-commerce.

[13]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.