A Secure Infrastructure for Service Discovery and Access in Pervasive Computing
Links to Fileshttps://dl.acm.org/citation.cfm?id=772054
MetadataShow full item record
Type of Work12 pages
journal articles preprints
Citation of Original PublicationFilip Perich, Andrej Cedilnik, Lalana Kagal, and Anupam Joshi, A Secure Infrastructure for Service Discovery and Access in Pervasive Computing, Mobile Networks and Applications - Security in mobile computing environments archive Volume 8 Issue 2, April 2003 , DOI : 10.1023/A:1022224912300
RightsThis item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
This is a pre-print of an article published in Mobile Networks and Applications. The final authenticated version is available online at: https://doi.org/10.1023/A:1022224912300
UMBC Ebiquity Research Group
extensible markup language
Security is paramount to the success of pervasive computing environments. The system presented in this paper provides a communications and security infrastructure that goes far in advancing the goal of anywhere - anytime computing. Our work securely enables clients to access and utilize services in heterogeneous networks. We provide a service registration and discovery mechanism implemented through a hierarchy of service management. The system is built upon a simplified Public Key Infrastructure that provides for authentication, non-repudiation, anti-playback, and access control. Smartcards are used as secure containers for digital certi cates. The system is implemented in Java and we use Extensible Markup Language as the sole medium for communications and data exchange. Currently, we are solely dependent on a base set of access rights for our distributed trust model however, we are expanding the model to include the delegation of rights based upon a predefined policy. In our proposed expansion, instead of exclusively relying on predefined access rights, we have developed a flexible representation of trust information, in Prolog, that can model permissions, obligations, entitlements, and prohibitions. In this paper, we present the implementation of our system and describe the modifications to the design that are required to further enhance distributed trust. Our implementation is applicable to any distributed service infrastructure, whether the infrastructure is wired, mobile, or ad-hoc.