Towards Security and Privacy for Pervasive Computing

Pervasive computing environments with their interconnected devices and services promise seamless integration of digital infrastructure into our everyday lives. While the focus of current research is on how to connect new devices and build useful applications to improve functionality, the security and privacy issues in such environments have not been explored in any depth. While traditional distributed computing research attempts to abstract away physical location of users and resources, pervasive computing applications often exploit physical location and other context information about users and resources to enhance the user experience. The need to share resources and collaborate introduces new types of interaction among users as well as between the virtual and physical worlds. In this context, it becomes difficult to separate physical security from digital security. Existing policies and mechanisms may not provide adequate guarantees to deal with new exposures and vulnerabilities introduced by the pervasive computing paradigm. In this paper we explore the challenges for building security and privacy into pervasive computing environments, describe our prototype implementation that addresses some of these issues, and propose some directions for future work.

[1]  Klara Nahrstedt,et al.  A Middleware Infrastructure for Active Spaces , 2002, IEEE Pervasive Comput..

[2]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[3]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[4]  Fabio Kon,et al.  Reflective Middleware: From Your Desk to Your Hand , 2001, IEEE Distributed Syst. Online.

[5]  Roy H. Campbell,et al.  Routing through the mist: privacy preserving communication in ubiquitous computing environments , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[6]  Klara Nahrstedt,et al.  Gaia: A Middleware Infrastructure to Enable Active Spaces1 , 2002 .

[7]  Wpin Samur Unified Login with Pluggable Authentication Modules ( PAM ) , 1999 .

[8]  Roy H. Campbell,et al.  Developing dynamic security policies , 2002, Proceedings DARPA Active Networks Conference and Exposition.

[9]  Timothy W. Finin,et al.  Trust-Based Security in Pervasive Computing Environments , 2022 .

[10]  M. Dennis Mickunas,et al.  Routing through the Mist : Design and Implementation , 2002 .

[11]  Denis Pinkas,et al.  SESAME: The solution to security for open distributed systems , 1994, Comput. Commun..

[12]  Roy H. Campbell,et al.  GaiaOS: An Infrastructure for Active Spaces , 2001 .

[13]  Roy H. Campbell,et al.  Gaia: enabling active spaces , 2000, ACM SIGOPS European Workshop.

[14]  Roy H. Campbell,et al.  An agent based architecture for supporting application level security , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[15]  Frank Stajano,et al.  Security for Ubiquitous Computing , 2002, ICISC.

[16]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[17]  L. Zadeh Fuzzy sets as a basis for a theory of possibility , 1999 .

[18]  Timothy W. Finin,et al.  Vigil: Enforcing Security in Ubiquitous Environments , 2002 .

[19]  Roy H. Campbell,et al.  Access control for Active Spaces , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[20]  H.A.M. Luiijf,et al.  Information Assurance and the Information Society , 1998 .

[21]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.