PERVASIVE AUTHENTICATION AND AUTHORIZATION INFRASTRUCTURES FOR MOBILE USERS USING PERVASIVE-PKI
Journal Title: International Journal of Advanced Research in Computer Engineering & Technology(IJARCET) - Year 2013, Vol 2, Issue 4
Abstract
In computer science distributed systems could be more secured with a distributed trust model based on PKI. PKI provides a framework to verify the identities of each entities of given domain. Network and device heterogeneity, nomadic mobility, intermittent connectivity and, more generally, extremely dynamic operating conditions, are major challenges in the design of security infrastructures for pervasive computing. Yet, in a ubiquitous computing environment, limitations of traditional solutions for authentication and authorization can be overcome with a pervasive public key infrastructure (pervasive-PKI). This choice allows the validation of credentials of users roaming between heterogeneous networks, even when global connectivity is lost and some services are temporarily unreachable. Proof-of-concept implementations and test bed validation results demonstrate that strong security can be achieved for users and applications through the combination of traditional PKI services with a number of enhancements like dynamic and collaborative trust model, use of attribute certificates for privilege management, and modular architecture enabling nomadic mobility and enhanced with reconfiguration capabilities.infrastructure (pervasive-PKI). This infrastructure, developed as part of the UBISEC project, is able to provide authentication and access control services for users roaming between different heterogeneous networks. In this sense, the pervasive-PKI fully supports nomadic mobility, enabling secure services for users connecting through many different networking technologies (Wi-Fi, UMTS, Bluetooth, etc.), and in multiple network topologies, even when global connectivity is lost and some services are temporarily unreachable. We clearly differentiate between two modes of operation: in connected mode, on-line trusted servers are available and traditional techniques are applicable for validation of user credentials; however, in disconnected mode, the information necessary for this validation is not always available. To support the disconnected mode, we combine different solutions: an adapted privilege verifier for authorization, a new trust model for authentication, and a collaborative model to obtain unavailable information. Some of the functions traditionally performed by authentication and authorization infrastructures are integrated into user devices, providing support for credential validation in situations where central authorities are not available, like in peer-to-peer mobile ad-hoc networks (MANETs). Furthermore, the pervasive-PKI is also endowed with reconfiguration capabilities. The rest of the paper is organized as follows. Section II presents the required background, including authentication and authorization infrastructures, evidence-based computational trust management, and component-based reconfigurable architectures. Section III points out the operation scenario for the pervasive-PKI. Then present the proposed architecture for the pervasive-PKI in Section IV, highlighting the components embedded in user devices. Section V describes a proof-of-concept implementation developed for the UBISEC project. Finally, Section VI concludes the
Authors and Affiliations
Ms. Sneha R. Kaware , Prof. Karuna G. Bagde
Keywords
Related Articles
- EP ID EP162010
- DOI -
- Views 71
- Downloads 0
A Comprehensive Review of Image Smoothing Techniques
Smoothing is often used to reduce noise within an image or to produce a less pixelated image. Image smoothing is a key technology of image enhancement, which can remove noise in images. So, it is a necessary functi...
Surface and Embedded Micro Strip Lines Characteristic Impedance and its Signal Propagation Delay Time in Optical Spectrum Transmission Regions
This paper has presented the characteristic impedance and signal propagation delay time for both surface and embedded microstrip lines that comprise a conducting strip line with width w, thickness t of conductivity...
ADAPTIVE SHARING METHOD FOR MULTIPLE CONTINUOUS QUERY
As the data management field has diversified to consider settings in which queries are increasingly complex, statistics are less available, or data is stored remotely, there has been an acknowledgment that the trad...
IMPLEMENTATION OF MOBILE TARGET DETECTION IN WIRELESS SENSOR NETWORKS
Through wireless sensor networks, the surveillance applications are considered where has to choose one path between a set of candidate sites where to place sensors in order to identify mobile targets traversing a p...
A 2.4 GHz Microstrip Patch Antenna with a Single Slot for WLAN Application
A newly design technique for enhancing Bandwidth that improves the performance of a conventional microstrip patch antenna is proposed. This paper presents a novel wideband slot antenna. The design adopts cont...