A Security Architecture Based on Trust Management for Pervasive Computing Systems

Traditionally, stand-alone computers and small networks rely on user authentication and access control to provide security. These physical methods use system-based controls to verify the identity of a person or process, explicitly enabling or restricting the ability to use, change, or view a computer resource. However, these strategies are inadequate for the increased flexibility that distributed networks such as the Internet and ubiquitous/pervasive computing environments require, as these systems lack central control and in addition, their users are not all predetermined. Users in pervasive environments expect to access locally hosted resources and services anytime and anywhere leading to serious security risks and access control problems. We propose a solution based on distributed trust management which involves developing a security policy, assigning credentials to entities, verifying that the credentials conform to the policy, delegating trust to third parties, revoking rights and reasoning about users' access rights. This paper presents an infrastructure that complements existing security features like Public Key Infrastructure (PKI) and Role Based Access Control with distributed trust management to provide a highly flexible mode of enforcing security in a pervasive computing environments.