authors
- HINAREJOS, FRANCISCA
- MARIN LOPEZ, ANDRES
- ALMENARES MENDOZA, FLORINA
- LOPEZ, JAVIER
- MONTENEGRO, JOSE A.
- LACOSTE, MARC
- DIAZ SANCHEZ, DANIEL
Pervasive authentication and authorization infrastructures for mobile users
Articles
Overview
published in
- COMPUTERS & SECURITY Journal
publication date
- June 2010
start page
- 501
end page
- 514
issue
- 4
volume
- 29
Digital Object Identifier (DOI)
International Standard Serial Number (ISSN)
- 0167-4048
Electronic International Standard Serial Number (EISSN)
- 1872-6208
abstract
- Network and device heterogeneity, nomadic mobility, intermittent connectivity and, more generally, extremely dynamic operating conditions, are major challenges in the design of security infrastructures for pervasive computing. Yet, in a ubiquitous computing environment, limitations of traditional solutions for authentication and authorization can be overcome with a pervasive public key infrastructure (pervasive-PKI). This choice allows the validation of credentials of users roaming between heterogeneous networks, even when global connectivity is lost and some services are temporarily unreachable. Proof-of-concept implementations and testbed validation results demonstrate that strong security can be achieved for users and applications through the combination of traditional PKI services with a number of enhancements like: (i) dynamic and collaborative trust model, (ii) use of attribute certificates for privilege management, and (iii) modular architecture enabling nomadic mobility and enhanced with reconfiguration capabilities.
Classification
keywords
- ubiquitous computing; authentication; authorization; trust; security architecture