Researches On Ubiquitous Computing Security Based On Trust And Service Model

Ubiquitous computing is the integration of the physical space and the information space where the users can obtain digital services expediently and transparently.During this integration processes,the security problems are coming into our view,which become more and more significant when the quality of life is expected to improve by applying the ubiquitous computing into our real world on a large-scale.The identity authentication is the first pass to the security services.The classical identity authentication mechanisms are confronted with many new challenges while they are used to solve the applications in the ubiquitous computing.The difficult points are the weakening and denial of the online TTP-based test,the complexity of identity authentication processes,the requirements of anonymity identity authentication,multi-level identity authentication,multi-classification identity authentication,direct and bidirectional identity authentication etc while applying these identity authentication mechanisms into ubiquitous computing environments.These let the ubiquitous computing identity authentication be researched.The identity authentication does not ensure the principal itself any security,that is to say,security only depends on the trust to the principal. For example,the user is granted the correct rights to access the secret resource and to enjoy secret service by using password and biometrics,but the resource or the service is security just when the user is credible. Therefore the identity authentication should be combined with trust to improve the security of the implementation processes of the services in ubiquitous computing environments. The researches on classical trust are faced with the new challenges while they are used to solve the applications in the ubiquitous computing. These challenges include the non-duality of trust,the non-static-state of trust, and the multi-hierarchy(The identity must be integrated with the behavior trust,the trust must be connected with the service sorts,and the trust computing must be associated with decision-making etc).Thus,it is necessary to research the ubiquitous computing trust mechanism.In order to provide the suitable and real-time services to the principal under the ubiquitous computing environments,the environments and the services provides and the principals face the special troubles during the implementation of the services,which include the security delegation to the services,the difference between the different environments,the service level and the service classification,the identity hiding to the principal etc.These troubles must be researched and solved in this paper.The main work and contributions of our researches are summarized as follows:To solve the problems of the identity authentication to the principal and the service authorization in the ubiquitous computing environments,the SPKI theory is introduced.The attribute-based ubiquitous computing identity authentication protocol is presented,that answer the identity authentication challenges.Application to this protocol is also presented to show how does the ubiquitous computing security identity authentication work.This application research is named UCIAMdess that is ubiquitous computing identity authentication model based on D-S theory and extended SPKI/SDSI.That develops the theory and application values to the ubiquitous computing identity authentication researches.Secondly,the Dempster-Shafer Theory is introduced into my researches,which has been improved into related trust computing theorem. Ubiquitous computing trust model is presented,the application scenarios and the simulation experiment results to this model are given and analyzed as well.The ubiquitous computing trust compute problems such as the non-static-state of trust,the multi-hierarchy and the trust recommendation are all solved by using these researches.Following is the eSPKI theory by combining the SPKI theory with D-S theory.Ubiquitous computing service security recommendation authorization protocol UCSSRAP and ubiquitous computing service model UCSMss are presented.The former achieved service security recommendation authorization by using service certificate recommendation authorization and certificate chain management.The later achieved the security service by using service authorization and certificate validation and service control.And then,the security application researches are presented based on these theories.These researches are UCSMssp that used to extend application area to whole Internet,UCSMdess that used to integrated the identity authentication and trust computing and design-making and risk evaluation,UCCSSM that used to provide suitable and Real-time service and UCAIPM that used to protect sensitivity information during the service processes.This work is partially supported by the Ministry of Education Technology Research Key Foundation of China under grant(NO.104086).