Title :
Trust-based security in pervasive computing environments
Author :
Kagal, Lalana ; Finin, Tim ; Joshi, Anupam
Author_Institution :
Maryland Univ., Baltimore, MD, USA
fDate :
12/1/2001 12:00:00 AM
Abstract :
Traditionally, stand-alone computers and small networks rely on user authentication and access control to provide security. These physical methods use system-based controls to verify the identity of a person or process, explicitly enabling or restricting the ability to use, change, or view a computer resource. However, these strategies are inadequate for the increased flexibility that distributed networks such as the Internet and pervasive computing environments require because such systems lack central control and their users are not all predetermined. Mobile users expect to access locally hosted resources and services anytime and anywhere, leading to serious security risks and access control problems. We propose a solution based on trust management that involves developing a security policy, assigning credentials to entities, verifying that the credentials fulfill the policy, delegating trust to third parties, and reasoning about users´ access rights. This architecture is generally applicable to distributed systems but geared toward pervasive computing environments
Keywords :
authorisation; distributed processing; mobile computing; security of data; transport protocols; Centaurus; access rights; credentials; distributed systems; mobile users; pervasive computing environments; security; security policy; third parties; trust management; Access control; Authentication; Centralized control; Computer networks; Computer security; Control systems; IP networks; Permission; Pervasive computing; Physics computing;
