Security policies and trust in ubiquitous computing

  title={Security policies and trust in ubiquitous computing},
  author={Anupam Joshi and Timothy W. Finin and Lalana Kagal and James Parker and Anand Patwardhan},
  journal={Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences},
  pages={3769 - 3780}
  • A. Joshi, Timothy W. Finin, A. Patwardhan
  • Published 28 October 2008
  • Computer Science
  • Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences
Ubiquitous environments comprise resource-constrained mobile and wearable devices and computational elements embedded in everyday artefacts. These are connected to each other using both infrastructure-based as well as short-range ad hoc networks. Limited Internet connectivity limits the use of conventional security mechanisms such as public key infrastructures and other forms of server-centric authentication. Under these circumstances, peer-to-peer interactions are well suited for not just… 

Trust Information-Based Privacy Architecture for Ubiquitous Health

The privacy management architecture developed in this study enables the DS to dynamically manage information privacy in ubiquitous health and to define individual policies for all systems considering their trust value and corresponding attributes.

Specificating and Verifying an Attribute-based Usage Control Approach regarding Open and Dynamic Computing Environments

This dissertation analyzes existing access and usage control approaches to identify a number of unique characteristics posed by ODCE and formally defines an attribute based usage control model for ODCE that is designed based on the identified requirements.

Trust Management Framework for Ubiquitous Computing Applications

This paper focuses on the critical trust management issues in the upcoming UC paradigm and proposes a trust management framework based on “community of trust” concept.

A Conceptual Framework and Principles for Trusted Pervasive Health

New principles for trusted pervasive health have been developed that enable trustworthiness and guarantee privacy in pervasive health.

Privacy Engineering in Dynamic Settings

  • Inah Omoronyia
  • Computer Science
    2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C)
  • 2017
This research presents an analysis framework for privacy engineering and demonstrates how the framework's outputs can help software architects achieve privacy-by-design of software platforms for smart objects.

Privacy-Related Context Information for Ubiquitous Health

This study added to the vision of ubiquitous health by analyzing information processing from the viewpoint of an individual's privacy by identifying privacy-related context information and corresponding components that support privacy management in ubiquitous health.

Trust in Distributed Computing

A general model of trust, intended to be broadly applicable to trust in distributed computing, is presented and the ability of the model to handle real-world situations is illustrated through a set of scenarios derived from the computer science literature.

Towards Differentiated Utilization of Attribute Mutability for Access Control in Ubiquitous Computing

An evaluation of current access control models based on a brief study of UbiCom access control requirements is presented, and a new access control approach that extends UCON towards a differentiated utilization of attribute mutability for easiness of administration, better performance and lower operational cost is proposed.

Trust and Reputation Management in Healthcare Systems: Taxonomy, Requirements and Open Issues

The main contributions of this paper include a taxonomy related to the soft trust in healthcare systems; a reference model for measuring the performance and features of TRSs; and future areas of research relatedTo address the importance of softtrust in healthcare, related literature that explore soft trust issues, associated challenges and requirements are largely missing.

Intermediate Common Model—The Solution to Separate Concerns and Responsiveness in Dynamic Context-Aware System

This paper provides a new architecture for context management that tries to solve both problems by focusing on a separation of contextual concerns at the design phase and preserves it as much as possible at runtime.



A policy language for a pervasive computing environment

A policy language designed for pervasive computing applications that is based on deontic concepts and grounded in a semantic language that demonstrates the feasibility of the policy language in pervasive environments through a prototype used as part of a secure pervasive system.

PatientService: electronic patient record redaction and delivery in pervasive environments

This work uses an architecture that incorporates policy based security and distributed trust management to provide a highly flexible approach for accessing electronic patient records that are electronically reacted depending on the users digital credentials.

A Survey of Trust in Internet Applications I E E E C O M M U N I C a T I O N S

The main motivation in studying trust specification and management is to use this as the starting point for subsequent refinement into security policies related to authorization and management of security.

Enforcing policies in pervasive environments

This work presents an architecture and a proof of concept implementation of a security infrastructure for mobile devices in an infrastructure based pervasive environment using "Rei", a lightweight and extensible language which is able to express comprehensive policies using domain specific information.

Security and privacy challenges in open and dynamic environments

Shared ontologies, declarative policies, and trust models offer the most promising approaches to meet these challenges of security and privacy enforcement in information networks evolving into more open and dynamic systems.

Decentralized trust management

This paper presents a comprehensive approach to trust management, based on a simple language for specifying trusted actions and trust relationships, and describes a prototype implementation of a new trust management system, called PolicyMaker, that will facilitate the development of security features in a wide range of network services.

In reputation we believe: query processing in mobile ad-hoc networks

A query processing model that relies on distributed trust and belief, where each device maintains and shares beliefs regarding the degree of trust it has for its peers - where trust is determined by experience and reputation.

Cross-layer analysis for detecting wireless misbehavior

The results of looking specifically at malicious RTS activity in the 802.11 MAC layer when combined with packet dropping at the Network layer are shown, showing that this scheme is more effective and accurate than those based on isolated observations from any single layer.

A Data Intensive Reputation Management Scheme for Vehicular Ad Hoc Networks

This work presents a reputation management system for vehicular ad hoc networks that enables devices to quickly adapt to changing local conditions and provides a bootstrapping method for establishing trust relationships where only a few may exist a priori.

A Policy Based Approach to Security for the Semantic Web

This research investigates the marking up of web entities with a semantic policy language and the use of distributed policy management as an alternative to traditional authentication and access control schemes.