Publications - Pervasive Computing Laboratory

Access control anomaly detection anotacionsemantica authentication Cloud computing coap compromise cryptography cynamon emadrid emrisco home network I-Shaper identity management inrisco inteligenciafuentesabiertas Internet of Things IoT magos Pervasive computing privacy Protection Protocols Qursa raudo2 Security Smart Card Trust management Ubisec VANETs 
Show all
2009
 Forné, Jordi;  Hinarejos, Francisca;  Marín, Andrés;  Almenárez, Florina;  Lopez, Javier;  Montenegro, Jose A.;  Lacoste, Marc;  Díaz, Daniel
Pervasive authentication and authorization infrastructures for mobile users Journal Article 
In: COMPUTERS & SECURITY, vol. 29, iss. 4, pp. 501-514, 2009, ISSN: 0167-4048.
Abstract | Links | BibTeX | Tags: authentication, Authorization, ITACA, security architecture, trust, Ubiquitous computing, Ubisec
@article{marin001,

title = {Pervasive authentication and authorization infrastructures for mobile users},

author = {Jordi Forné and Francisca Hinarejos and Andrés Marín and Florina Almenárez and Javier Lopez and Jose A. Montenegro and Marc Lacoste and Daniel Díaz},

url = {https://www.sciencedirect.com/science/article/pii/S0167404809000911?via%3Dihub},

doi = {https://doi.org/10.1016/j.cose.2009.09.001},

issn = {0167-4048},

year  = {2009},

date = {2009-09-25},

urldate = {2009-09-25},

journal = {COMPUTERS & SECURITY},

volume = {29},

issue = {4},

pages = {501-514},

abstract = {Network and device heterogeneity, nomadic mobility, intermittent connectivity and, more generally, extremely dynamic operating conditions, are major challenges in the design of security infrastructures for pervasive computing. Yet, in a ubiquitous computing environment, limitations of traditional solutions for authentication and authorization can be overcome with a pervasive public key infrastructure (pervasive-PKI). This choice allows the validation of credentials of users roaming between heterogeneous networks, even when global connectivity is lost and some services are temporarily unreachable. Proof-of-concept implementations and testbed validation results demonstrate that strong security can be achieved for users and applications through the combination of traditional PKI services with a number of enhancements like: (i) dynamic and collaborative trust model, (ii) use of attribute certificates for privilege management, and (iii) modular architecture enabling nomadic mobility and enhanced with reconfiguration capabilities.},

keywords = {authentication, Authorization, ITACA, security architecture, trust, Ubiquitous computing, Ubisec},

pubstate = {published},

tppubtype = {article}

}

Close
Network and device heterogeneity, nomadic mobility, intermittent connectivity and, more generally, extremely dynamic operating conditions, are major challenges in the design of security infrastructures for pervasive computing. Yet, in a ubiquitous computing environment, limitations of traditional solutions for authentication and authorization can be overcome with a pervasive public key infrastructure (pervasive-PKI). This choice allows the validation of credentials of users roaming between heterogeneous networks, even when global connectivity is lost and some services are temporarily unreachable. Proof-of-concept implementations and testbed validation results demonstrate that strong security can be achieved for users and applications through the combination of traditional PKI services with a number of enhancements like: (i) dynamic and collaborative trust model, (ii) use of attribute certificates for privilege management, and (iii) modular architecture enabling nomadic mobility and enhanced with reconfiguration capabilities.
Close
https://www.sciencedirect.com/science/article/pii/S0167404809000911?via%3Dihub
doi:https://doi.org/10.1016/j.cose.2009.09.001
Close