4th International ICST Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services

Research Article

Hierarchical Trustworthy Authentication for Pervasive Computing

  • @INPROCEEDINGS{10.1109/MOBIQ.2007.4450993,
        author={Hannan Xiao and James A. Malcolm and Bruce Christianson and Ying Zhang},
        title={Hierarchical Trustworthy Authentication for Pervasive Computing},
        proceedings={4th International ICST Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services},
        publisher={IEEE},
        proceedings_a={MOBIQUITOUS},
        year={2008},
        month={2},
        keywords={Authentication  Authorization  Communication system security  Computer science  Data security  Educational institutions  Pervasive computing  Printers  Printing  Roaming},
        doi={10.1109/MOBIQ.2007.4450993}
    }
    
  • Hannan Xiao
    James A. Malcolm
    Bruce Christianson
    Ying Zhang
    Year: 2008
    Hierarchical Trustworthy Authentication for Pervasive Computing
    MOBIQUITOUS
    IEEE
    DOI: 10.1109/MOBIQ.2007.4450993
Hannan Xiao1,*, James A. Malcolm1,*, Bruce Christianson1,*, Ying Zhang2,*
  • 1: School of Computer Science, University of Hertfordshire College Lane, Hatfield, AL10 9AB, UK
  • 2: Department of Engineering, University of Cambridge, Cambridge, CB3 0FA, UK
*Contact email: h.xiao@herts.ac.uk, j.a.malcolm@herts.ac.uk, b.christianson@herts.ac.uk, yz282@cam.ac.uk

Abstract

Conventional entity authentication is not enough to build a secure pervasive computing environment. Being sure that you are talking to the expected entity does not guarantee it is going to do what you expect him to do, and only that. This paper introduces a concept of “trustworthy authentication” in pervasive computing which is defined as entity authentication accompanied by an assurance of trustworthy behaviour of the authenticated entity. It discusses how to provide trustworthy authentication in pervasive computing using the example of a roaming customer wishing to print his email on a public printer. A two-level hierarchical trustworthy authentication scheme is proposed where local and higher-level authorization servers issue trustworthiness certificates after receiving trustworthiness records from the printer, signed by its users. The proposed scheme may be generalized for trustworthy authentication of security devices such as firewalls.