A Secure Infrastructure for Service Discovery and Access in Pervasive Computing

Thumbnail Image

Files

5.pd.pdf (267.03 KB)

Links to Files

https://dl.acm.org/citation.cfm?id=772054

Permanent Link

10.1023/A:1022224912300
 http://hdl.handle.net/11603/12323

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

Date

2003-10-12

Type of Work

journal articles preprints
Text

Department

Program

Citation of Original Publication

Filip Perich, Andrej Cedilnik, Lalana Kagal, and Anupam Joshi, A Secure Infrastructure for Service Discovery and Access in Pervasive Computing, Mobile Networks and Applications - Security in mobile computing environments archive Volume 8 Issue 2, April 2003 , DOI : 10.1023/A:1022224912300

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
This is a pre-print of an article published in Mobile Networks and Applications. The final authenticated version is available online at: https://doi.org/10.1023/A:1022224912300

Subjects

service discovery
pervasive computing
secure infrastructure
UMBC Ebiquity Research Group
distributed services
smartcards
extensible markup language

Abstract

Security is paramount to the success of pervasive computing environments. The system presented in this paper provides a communications and security infrastructure that goes far in advancing the goal of anywhere - anytime computing. Our work securely enables clients to access and utilize services in heterogeneous networks. We provide a service registration and discovery mechanism implemented through a hierarchy of service management. The system is built upon a simplified Public Key Infrastructure that provides for authentication, non-repudiation, anti-playback, and access control. Smartcards are used as secure containers for digital certi cates. The system is implemented in Java and we use Extensible Markup Language as the sole medium for communications and data exchange. Currently, we are solely dependent on a base set of access rights for our distributed trust model however, we are expanding the model to include the delegation of rights based upon a predefined policy. In our proposed expansion, instead of exclusively relying on predefined access rights, we have developed a flexible representation of trust information, in Prolog, that can model permissions, obligations, entitlements, and prohibitions. In this paper, we present the implementation of our system and describe the modifications to the design that are required to further enhance distributed trust. Our implementation is applicable to any distributed service infrastructure, whether the infrastructure is wired, mobile, or ad-hoc.