Research Article
Hierarchical Trustworthy Authentication for Pervasive Computing
@INPROCEEDINGS{10.1109/MOBIQ.2007.4450993, author={Hannan Xiao and James A. Malcolm and Bruce Christianson and Ying Zhang}, title={Hierarchical Trustworthy Authentication for Pervasive Computing}, proceedings={4th International ICST Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services}, publisher={IEEE}, proceedings_a={MOBIQUITOUS}, year={2008}, month={2}, keywords={Authentication Authorization Communication system security Computer science Data security Educational institutions Pervasive computing Printers Printing Roaming}, doi={10.1109/MOBIQ.2007.4450993} }- Hannan Xiao
James A. Malcolm
Bruce Christianson
Ying Zhang
Year: 2008
Hierarchical Trustworthy Authentication for Pervasive Computing
MOBIQUITOUS
IEEE
DOI: 10.1109/MOBIQ.2007.4450993
Abstract
Conventional entity authentication is not enough to build a secure pervasive computing environment. Being sure that you are talking to the expected entity does not guarantee it is going to do what you expect him to do, and only that. This paper introduces a concept of “trustworthy authentication” in pervasive computing which is defined as entity authentication accompanied by an assurance of trustworthy behaviour of the authenticated entity. It discusses how to provide trustworthy authentication in pervasive computing using the example of a roaming customer wishing to print his email on a public printer. A two-level hierarchical trustworthy authentication scheme is proposed where local and higher-level authorization servers issue trustworthiness certificates after receiving trustworthiness records from the printer, signed by its users. The proposed scheme may be generalized for trustworthy authentication of security devices such as firewalls.