Kagal, LalanaUndercoffer, JeffreyPerich, FilipJoshi, AnupamFinin, Tim2018-12-202018-12-202002-10-09http://hdl.handle.net/11603/12330Grace Hopper Celebration of Women in ComputingTraditionally, stand-alone computers and small networks rely on user authentication and access control to provide security. These physical methods use system-based controls to verify the identity of a person or process, explicitly enabling or restricting the ability to use, change, or view a computer resource. However, these strategies are inadequate for the increased flexibility that distributed networks such as the Internet and ubiquitous/pervasive computing environments require, as these systems lack central control and in addition, their users are not all predetermined. Users in pervasive environments expect to access locally hosted resources and services anytime and anywhere leading to serious security risks and access control problems. We propose a solution based on distributed trust management which involves developing a security policy, assigning credentials to entities, verifying that the credentials conform to the policy, delegating trust to third parties, revoking rights and reasoning about users' access rights. This paper presents an infrastructure that complements existing security features like Public Key Infrastructure (PKI) and Role Based Access Control with distributed trust management to provide a highly flexible mode of enforcing security in a pervasive computing environments.5 pagesen-USThis item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.security architecturetrust managementpervasive computingpublic key infrastructure (PKI)UMBC Ebiquity Research GroupText