Description
The mechanisms which support secure communication, privacy protection and accountability are crucial parts of most computing systems. Pervasive computing is characterized by the large-scale collection, distribution and aggregation of information related to individuals and their activities. From the outset, the inherent privacy and IT security issues of pervasive computing have been an area of critical focus, and associated unforeseeable consequences for the individual have been mentioned. This book addresses these issues, and seeks to demonstrate that carefully devised protection mechanisms can become enablers for multilaterally acceptable and trustworthy digital interactions and ICT-based cooperations. It explores new facets of privacy protection and accountability for digitally recorded real-world actions as well as novel forms of communication in a descriptive manner.A thorough investigation of main pervasive computing concepts is presented, together with a motivation and elicitation of security requirements within the emergency response application domain; also the state-of-the-art of existing security mechanisms is discussed. The areas covered include: digital pseudonyms and auditing mechanisms, efficient encryption techniques and concepts for end-to-end secure messaging, as well as pervasive computing approaches to first response.The book will be of interest to anybody involved in the design, realization and use of secure and privacy-preserving pervasive computing sys
Chapter
Towards Pervasive Cooperation
Some Security Issues in Pervasive Computing
IT Security, Multilateral Security and Pervasive Systems
The Challenge of Securing a Pervasive System
Privacy and the Need for Privacy Protection
Privacy Protection versus Accountability
Reference Scenario: ICT-Supported Emergency Response
Introduction to Application Domain
Disaster Management Information Systems
Towards Location-Aware First Response
Protection Goals Motivated within Reference Scenario
One-to-Many Communication in Emergency Situations
Emergency Communication Patterns
Security Requirements for Emergency Communication
Privacy and Accountability Issues of Real-World Auditing
Application Examples within Reference Scenario
Security Requirements for Multilaterally Secure Auditing
Towards Multilaterally Secure Pervasive Auditing
Relevant Properties of Digital Pseudonyms
Location Privacy Protection based on Pseudonyms
Efficient Constructions of Transaction Pseudonyms
Towards End-to-End Secure Pervasive Communication
Approaches to Secure One-to-Many Messaging
Techniques for End-to-End Encryption
Novel Security Techniques
Pseudonyms with Implicit Attributes
Setting and Main Protocols
Registration and Generation of Transaction Pseudonyms
Authentication of Transaction Pseudonyms
Linking and Partial Re-Identification
Complete Disclosure of Pseudonyms
Hybrid Encryption Technique for Expressive Policies
Setting and Main Mechanisms for Hybrid Encryption
Encryption and Decryption Schemes
Management and Generation of Private Keys
Integrated Approach within Reference Scenario
Design of Security Mechanisms
Make Users Implicitly Addressable via Attributes
Provide Pseudonymous yet Linkable Location Updates
Communication Network Model
Properties of Outside Adversary
Properties of Inside Adversary
Further Types of Adversaries
Representation of Digital Identities
Activation and Group Communication
Logical Messaging Policy Layer
Protocol for End-to-End Secure Messaging
Multilaterally Secure Auditing
Disclosure Policy and Provision of Authorization Sets
Mechanism for Individual Log Access
Scenario and Application Example
Evaluation and Discussion
Prototype of Auditing Mechanisms
Storage Overhead induced by Transaction Pseudonyms
Prototype Implementation of ABM
Resource Consumptions of ABM
Security Analysis of Auditing
Trust Requirements relevant to Auditing
Independent Security Review of Pseudonymization Technique
Discussion of Hybrid Encryption Technique
Security Analysis of Communication Mechanisms
Using Pseudonymized Location Traces in Legal Disputes
Supporting Appropriateness of ABM to End Users
Pseudonyms with Implicit Attributes
Multilaterally Secure Auditing
Hybrid Encryption Technique