Authors:
Rui He
1
;
Jianwei Niu
1
;
Jianping Hu
2
and
Jian Ma
2
Affiliations:
1
Computer School, Beijing University of Aero. & Astro., China
;
2
Nokia Research Center, China
Abstract:
In the future world filled with pervasive computing, almost all entities can be mobile, which means not only service requesters but also service providers are always dynamic and unpredictable. This raises two security problems. For service providers, how can they keep their security capability when they move here and there? And for service requesters, how can they be trusted by various service providers that may have different security requirements? Unfortunately, available security mechanisms, including traditional authentication and authorization approaches and exotic trust management proposals, cannot solve the both two problems very well. In this paper, we propose a context-aware entity recognition scheme, which enables service providers to use their current trust infrastructures to determine whether requesters are trustworthy or not, and also enables service requesters to be recognized through exchanging different information with service providers according to different service
s they request and different security level service providers require. We argue for the notion of “Trust Infrastructure”, which is an abstract of all available trusted entities that can help an entity to recognize strangers in pervasive environments and can be dynamically built when entities move about. We also argue for an attribute-based recognition information exchange scheme, which makes it possible for service requesters to be checked in terms of trustworthiness in various scenarios. Finally, we give an algorithm to compute a service requester’s trust value based on the trust infrastructure of the service provider entity..
(More)