Secure and Private Service Discovery in Pervasive Computing Environments

With the convergence of embedded computers and wireless communication, pervasive computing has become the inevitable future of computing. Every year, billions of computing devices are built. They are ubiquitously deployed and are gracefully integrated with people and their environments. Service discovery is an essential step for the devices to properly discover, configure, and communicate with each other. Authentication for pervasive service discovery is difficult. In this chapter, we introduce a user-centric service discovery model, called PrudentExposure, which automates authentication processes. It encodes hundreds of authentication messages in a novel code word form. Perhaps the most serious challenge for pervasive service discovery is the integration of computing devices with people. A critical privacy challenge can be expressed as a "chicken-andegg problem": both users and service providers want the other parties to expose sensitive information first. We discuss how a progressive and probabilistic model can protect both users' and service providers' privacy.

[1]  S. Srinivasan,et al.  Global Analysis of Security and Trust Perceptions in Web Design for E-Commerce , 2012, Int. J. Inf. Secur. Priv..

[2]  Hamid R. Nemati International Journal of Information Security and Privacy , 2007 .

[3]  Ben Y. Zhao,et al.  An architecture for a secure service discovery service , 1999, MobiCom.

[4]  Anirban Sengupta,et al.  A Mark-Up Language for the Specification of Information Security Governance Requirements , 2011, Int. J. Inf. Secur. Priv..

[5]  Sim Kim Lau,et al.  To Ease the Dilemma of Help Desk: The Application of Knowledge Management Techniques in Manipulating Help Desk Knowledge , 2007 .

[6]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[7]  Robert Hauptman Encyclopedia of Information Ethics and Security , 2007, Encyclopedia of Information Ethics and Security.

[8]  Hamid Nemati Security and Privacy Assurance in Advancing Technologies: New Developments , 2010 .

[9]  Michael Nidd,et al.  Service discovery in DEAPspace , 2001, IEEE Wirel. Commun..

[10]  Umakant P. Kulkarni,et al.  Algorithms to Resolve Conflict in Multiuser Context Aware Ubiquitous Environment , 2012, Int. J. Adv. Pervasive Ubiquitous Comput..

[11]  Lionel M. Ni,et al.  Service discovery in pervasive computing environments , 2005, IEEE Pervasive Computing.

[12]  Hari Balakrishnan,et al.  The design and implementation of an intentional naming system , 1999, SOSP.

[13]  Lionel M. Ni,et al.  A private, secure, and user-centric information exposure model for service discovery protocols , 2006 .

[14]  T. Nixon,et al.  Home networking with Universal Plug and Play , 2001 .

[15]  Lionel M. Ni,et al.  Splendor: A secure, private, and location-aware service discovery protocol supporting mobile services , 2003, Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003. (PerCom 2003)..

[16]  Te-Shun Chou Information Assurance and Security Technologies for Risk Assessment and Threat Management: Advances , 2011 .

[17]  Robert W. Stone,et al.  Factors Influencing College Students' Use of Computer Security , 2010, Int. J. Inf. Secur. Priv..

[18]  Erland Jonsson,et al.  Privacy, Intrusion Detection, and Response: Technologies for Protecting Networks , 2011 .

[19]  David Parry,et al.  Auto-Identification and Ubiquitous Computing Applications , 2009 .

[20]  Stuart D. Cheshire,et al.  Discovering Named Instances of Abstract Services using DNS , 2001 .

[21]  Charles E. Perkins,et al.  Service Location Protocol, Version 2 , 1999, RFC.

[22]  Lionel M. Ni,et al.  Private and Secure Service Discovery via Progressive and Probabilistic Exposure , 2007, IEEE Transactions on Parallel and Distributed Systems.

[23]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[24]  Li-Minn Ang,et al.  Audio visual system for large scale people authentication and recognition over internet protocol (IP) , 2012 .

[25]  Ric Jentzsch,et al.  Intelligent Agents Framework for RFID Hospitals , 2009 .

[26]  Raphael C.-W. Phan Review of Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition by Ross J. Anderson , 2009, Cryptologia.

[27]  Ming Yang,et al.  Multimedia Information Security and Privacy: Theory and Applications , 2011 .

[28]  Tanya J. McGill,et al.  Understanding User Behavior towards Passwords through Acceptance and Use Modelling , 2009, Int. J. Inf. Secur. Priv..

[29]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[30]  Miltiadis D. Lytras,et al.  Ubiquitous and pervasive knowledge and learning management : semantics, social networking and new media to their full potential , 2007 .

[31]  David R. Karger,et al.  INS/Twine: A Scalable Peer-to-Peer Architecture for Intentional Resource Discovery , 2002, Pervasive.

[32]  Hou Jie Modern Educational Technique Center Educational Media Management Based on Design and Practice of Questionnaire , 2011, Int. J. Adv. Pervasive Ubiquitous Comput..

[33]  Bhavani M. Thuraisingham,et al.  Administering the Semantic Web: Confidentiality, Privacy, and Trust Management , 2007, Int. J. Inf. Secur. Priv..

[34]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[35]  Garry L. White,et al.  Global Information Security Factors , 2010, Int. J. Inf. Secur. Priv..

[36]  Ali A. Ghorbani,et al.  Dimension Reduction and its Effects on Clustering for Intrusion Detection , 2012 .

[37]  Gary F. Templeton,et al.  Information Security by Words Alone: The Case for Strong Security Policies , 2009, Int. J. Inf. Secur. Priv..