| Proxy-based security protocols in networked mobile devices |
| Full text |
 Pdf
(765 KB)
|
| Source
|
Symposium on Applied Computing
archive
Proceedings of the 2002 ACM symposium on Applied computing
table of contents
Madrid, Spain
SESSION: Computer security
table of contents
Pages: 265 - 272
Year of Publication: 2002
ISBN:1-58113-445-2
|
|
Authors
|
|
M. Burnside
|
MIT Laboratory for Computer Science, Cambridge, MA
|
|
D. Clarke
|
MIT Laboratory for Computer Science, Cambridge, MA
|
|
T. Mills
|
MIT Laboratory for Computer Science, Cambridge, MA
|
|
A. Maywah
|
MIT Laboratory for Computer Science, Cambridge, MA
|
|
S. Devadas
|
MIT Laboratory for Computer Science, Cambridge, MA
|
|
R. Rivest
|
MIT Laboratory for Computer Science, Cambridge, MA
|
|
| Sponsor |
|
| Publisher |
|
| Bibliometrics |
Downloads (6 Weeks): 12, Downloads (12 Months): 64, Citation Count: 10
|
|
|
 ABSTRACT
We describe a resource discovery and communication system designed for security and privacy. All objects in the system, e.g., appliances, wearable gadgets, software agents, and users have associated trusted software proxies that either run on the appliance hardware or on a trusted computer. We describe how security and privacy are enforced using two separate protocols: a protocol for secure device-to-proxy communication, and a protocol for secure proxy-to-proxy communication. Using two separate protocols allows us to run a computationally-inexpensive protocol on impoverished devices, and a sophisticated protocol for resource authentication and communication on more powerful devices.We detail the device-to-proxy protocol for lightweight wireless devices and the proxy-to-proxy protocol which is based on SPKI/SDSI (Simple Public Key Infrastructure / Simple Distributed Security Infrastructure). A prototype system has been constructed, which allows for secure, yet efficient, access to networked, mobile devices. We present a quantitative evaluation of this system using various metrics.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
 |
1
|
|
| |
2
|
Guruduth Banavar , James Beck , Eugene Gluzberg , Jonathan Munson , Jeremy Sussman , Deborra Zukowski, Challenges: an application model for pervasive computing, Proceedings of the 6th annual international conference on Mobile computing and networking, p.266-274, August 06-11, 2000, Boston, Massachusetts, United States
[doi> 10.1145/345910.345957]
|
| |
3
|
D. Clarke. SPKI/SDSI HTTP Server / Certificate Chain Discovery in SPKI/SDSI. Master's thesis, Massachusetts Institute of Technology, 2001.
|
| |
4
|
Dwaine Clarke , Jean-Emile Elien , Carl Ellison , Matt Fredette , Alexander Morcos , Ronald L. Rivest, Certificate chain discovery in SPKI?SDSI, Journal of Computer Security, v.9 n.4, p.285-322, January 2001
|
| |
5
|
Steven E. Czerwinski , Ben Y. Zhao , Todd D. Hodes , Anthony D. Joseph , Randy H. Katz, An architecture for a secure service discovery service, Proceedings of the 5th annual ACM/IEEE international conference on Mobile computing and networking, p.24-35, August 15-19, 1999, Seattle, Washington, United States
[doi> 10.1145/313451.313462]
|
| |
6
|
M. Dertouzos. The Future of Computing. Scientific American, August 1999.
|
| |
7
|
C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. Simple Public Key Certificate. The Internet Society, July 1999. See http://world.std.com/~cme/spki.txt.
|
| |
8
|
P. Eronen and P. Nikander. Decentralized Jini Security. In Proc. of the Network and Distributed System Security Symposium, February 2001.
|
| |
9
|
Hewlett-Packard. CoolTown. See http://cooltown.hp.com.
|
| |
10
|
Hewlett-Packard. e-Speak. See http://www.e-speak.hp.com.
|
| |
11
|
IBM. TSpaces: Intelligent Connectionware. See http://www.almaden.ibm.com/cs/TSpaces.
|
| |
12
|
Intel. Intel Common Data Security Architecture. See http://developer.intel.com/ial/security.
|
| |
13
|
H. Krawczyk, M. Bellare, and R. Canetti. HMAC: Keyed-Hashing for Message Authentication. Internet Request for Comments RFC 2104, February 1997.
|
| |
14
|
A. Maywah. An Implementation of a Secure Web Client Using SPKI/SDSI Certificates. Master's thesis, Massachusetts Institute of Technology, 2000.
|
| |
15
|
T. Mills. An Architecture and Implementation of Secure Device Communication in Oxygen. Master's thesis, Massachusetts Institute of Technology, 2001.
|
| |
16
|
OpenSSL. The OpenSSL Project. http://www.openssl.org.
|
| |
17
|
N. Priyantha. Providing Precise Indoor Location Information to Mobile Devices. Master's thesis, Massachusetts Institute of Technology, January 2001.
|
| |
18
|
Nissanka B. Priyantha , Anit Chakraborty , Hari Balakrishnan, The Cricket location-support system, Proceedings of the 6th annual international conference on Mobile computing and networking, p.32-43, August 06-11, 2000, Boston, Massachusetts, United States
[doi> 10.1145/345910.345917]
|
| |
19
|
|
| |
20
|
R. Rivest. The MD5 Message-Digest Algorithm. Internet Request for Comments RFC 1321, April 1992.
|
| |
21
|
R. Rivest. The RC5 Encryption Algorithm. In Proc. of the 1994 Leuven Workshop on Fast Software Encryption, 2001.
|
| |
22
|
R. L. Rivest and B. Lampson. SDSI - A Simple Distributed Security Infrastructure. See http://theory.lcs.mit.edu/ rivest/sdsi10.ps.
|
| |
23
|
J. H. Saltzer, D. Reed, and D. D. Clark. End-to-End Arguments in System Design. See http://www.mit.edu/~Saltzer/publications/endtoend/.
|
| |
24
|
|
| |
25
|
|
| |
26
|
Sun Microsystems Inc. Jini Network Techonology. http://www.sun.com/jini.
|
| |
27
|
UC Berkeley. The Ninja Project: Enabling Internet-scale Services from Arbitrarily Small Devices. See http://ninja.cs.berkeley.edu.
|
| |
28
|
UC Berkeley. The OceanStore Project: Providing Global-Scale Persistent Data. See http://oceanstore.cs.berkeley.edu.
|
| |
29
|
University of Washington. Portolano: An Expedition into Invisible Computing. See http://portolano.cs.washington.edu.
|
| |
30
|
M. Weiner. Performance Comparison of Public-key Cryptosystems. RSA Laboratories' CryptoBytes, 4(1), 1998.
|
CITED BY 10
|
|
|
|
|
|
|
|
Arun Kejariwal , Sumit Gupta , Alexandru Nicolau , Nikil Dutt , Rajesh Gupta, Proxy-based task partitioning of watermarking algorithms for reducing energy consumption in mobile devices, Proceedings of the 41st annual conference on Design automation, June 07-11, 2004, San Diego, CA, USA
|
|
|
Sanjay Raman , Dwaine Clarke , Matt Burnside , Srinivas Devadas , Ronald Rivest, Access-controlled resource discovery for pervasive networks, Proceedings of the 2003 ACM symposium on Applied computing, March 09-12, 2003, Melbourne, Florida
|
|
|
Domenico Cotroneo , Almerindo Graziano , Stefano Russo, Security requirements in service oriented architectures for ubiquitous computing, Proceedings of the 2nd workshop on Middleware for pervasive and ad-hoc computing, p.172-177, October 18-22, 2004, Toronto, Ontario, Canada
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
INDEX TERMS
Primary Classification:
C.
Computer Systems Organization
C.2
COMPUTER-COMMUNICATION NETWORKS
C.2.0
General
Subjects:
Security and protection (e.g., firewalls)
Additional Classification:
C.
Computer Systems Organization
C.1
PROCESSOR ARCHITECTURES
C.1.3
Other Architecture Styles
Subjects:
Cellular architecture (e.g., mobile)
C.2
COMPUTER-COMMUNICATION NETWORKS
C.2.1
Network Architecture and Design
Subjects:
Wireless communication
General Terms:
Algorithms,
Design,
Experimentation,
Performance,
Security
Keywords:
authorization,
certificate,
certificate chain,
certificate chain discovery,
mobile device,
pervasive,
protocol,
proxy,
security,
ubiquitous,
wireless
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
