A Private, Secure, and User-Centric Information Exposure Model for Service Discovery Protocols

Feng Zhu; Matt W. Mutka; Lionel M. Ni

doi:10.1109/TMC.2006.38

Publication
2006
Issue No. 4 - April
Abstract - A Private, Secure, and User-Centric Information Exposure Model for Service Discovery Protocols

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Feng Zhu Articles by Matt W. Mutka Articles by Lionel M. Ni

A Private, Secure, and User-Centric Information Exposure Model for Service Discovery Protocols

April 2006 (vol. 5 no. 4)

pp. 418-429

	ASCII Text	x
	Feng Zhu, Matt W. Mutka, Lionel M. Ni, "A Private, Secure, and User-Centric Information Exposure Model for Service Discovery Protocols," IEEE Transactions on Mobile Computing, vol. 5, no. 4, pp. 418-429, April, 2006.

	BibTex	x
	@article{ 10.1109/TMC.2006.38, author = {Feng Zhu and Matt W. Mutka and Lionel M. Ni}, title = {A Private, Secure, and User-Centric Information Exposure Model for Service Discovery Protocols}, journal ={IEEE Transactions on Mobile Computing}, volume = {5}, number = {4}, issn = {1536-1233}, year = {2006}, pages = {418-429}, doi = {http://doi.ieeecomputersociety.org/10.1109/TMC.2006.38}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - JOUR JO - IEEE Transactions on Mobile Computing TI - A Private, Secure, and User-Centric Information Exposure Model for Service Discovery Protocols IS - 4 SN - 1536-1233 SP418 EP429 EPD - 418-429 A1 - Feng Zhu, A1 - Matt W. Mutka, A1 - Lionel M. Ni, PY - 2006 KW - Pervasive computing KW - privacy KW - security. VL - 5 JA - IEEE Transactions on Mobile Computing ER -

Feng Zhu, IEEE

Matt W. Mutka, IEEE

Lionel M. Ni, IEEE

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TMC.2006.38

Service Discovery as an essential element in pervasive computing environments is widely accepted. Much research on service discovery has been conducted, but privacy and security have been ignored and may be sacrificed. While it is essential that legitimate users should be able to discover services, it is also necessary that services be hidden from illegitimate users. Since service information, service provider's information, service requests, user presence information, and user's identities may be sensitive, we may want to keep them private during service discovery processes. There appears to be no existing service discovery protocols that solve these problems. We present a user-centric model, called PrudentExposure, which exposes minimal information privately and securely. Users and service owners exchange code words in an efficient and scalable form to establish mutual trust. Based on the trust, secure service discovery sessions are set up. The model is further improved to counter attacks. We analyze the mathematical properties of our model, formally verify our security protocol, and measure the performance of our prototype system.

[1] F. Zhu, M. Mutka, and L. Ni, “Service Discovery in Pervasive Computing Environments,” IEEE Pervasive Computing, vol. 4, pp. 81-90, 2005.
[2] S. Czerwinski, B.Y. Zhao, T. Hodes, A. Joseph, and R. Katz, “An Architecture for a Secure Service Discovery Service,” Proc. Fifth Ann. Int'l Conf. Mobile Computing and Networks (MobiCom '99), 1999.
[3] C. Ellison, “Home Network Security,” Intel Technology J., vol. 6, pp. 37-48, 2002.
[4] B. Bloom, “Space/Time Trade-Offs in Hash Coding with Allowable Errors,” Comm. ACM, pp. 422-426, 1970.
[5] M. Burrows, M. Abadi, and R. Needham, “A Logic of Authentication,” ACM Trans. Computer Systems, 1990.
[6] Sun Microsystems, “Jini Technology Core Platform Specification,” Version 2.0, http://wwws.sun.com/software/jinispecs/, 2003.
[7] UPnP. Forum, “Universal Plug and Play Device Architecture 1.0,” http://www.upnp.org/resources/documentsCleanUPnPDA10 1 -20031202s.pdf , 2003.
[8] S. Cheshire and M. Krochmal, “DNS-Based ServiceDiscovery,” Apple Computer, http://files.dns-sd.orgdraft-cheshire-dnsext-dns-sd.txt , 2004.
[9] Bluetooth SIG, “Specification of the Bluetooth System,” http:/www.bluetooth.org/, 2004.
[10] Salutation Consortium, “Salutation Architecture Specification,” ftp://ftp.salutation.org/salutesa20e1a21.ps , 1999.
[11] E. Guttman, C. Perkins, J. Veizades, and M. Day, “Service Location Protocol, Version 2,” http://www.ietf.org/rfcrfc2608.txt, 1999.
[12] M. Nidd, “Service Discovery in DEAPspace,” IEEE Personal Comm., pp. 39-45, 2001.
[13] W. Adjie-Winoto, E. Schwartz, H. Balakrishnan, and J. Lilley, “The Design and Implementation of an Intentional Naming System,” Proc. 17th ACM Symp. Operating Systems Principles (SOSP '99), 1999.
[14] M. Balazinska, H. Balakrishnan, and D. Karger, “INS/Twine: A Scalable Peer-to-Peer Architecture for Intentional Resource Discovery,” Proc. Pervasive 2002— Int'l Conf. Pervasive Computing, 2002.
[15] P. Eronen and P. Nikander, “Decentralized Jini Security,” Proc. Network and Distributed System Security Symp. (NDSS 2001), 2001.
[16] R. Rivest and B. Lampson, “SDSI— A Simple Distributed Security Infrastructure,” http://theory.lcs.mit.edu/~rivestsdsi10.html , 1996.
[17] C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen, “SPKI Certificate Theory,” http://www.ietf.org/rfcrfc2693.txt, 1999.
[18] L. Fan, P. Cao, J. Almeida, and A. Broder, “Summary Cache: A Scalable Wide-Area Web Cache Sharing Protocol,” IEEE/ACM Trans. Networking, vol. 8, pp. 281-293, 2000.
[19] F. Stajano and R. Anderson, “The Resurrecting Duckling: Security Issues for Ad-Hoc Wireless Networks,” Proc. Seventh Int'l Workshop Security Protocols, 1999.
[20] F. Stajano and R. Anderson, “The Resurrecting Duckling— What Next?” Proc. Eighth Int'l Workshop Security Protocols, 2000.
[21] R. Want, T. Pering, G. Danneels, M. Kumar, M. Sundar, and J. Light, “The Personal Server— Changing the Way We Think about Ubiquitous Computing,” Proc. Fourth Int'l Conf. Ubiquitous Computing, 2002.
[22] iButton Home Page, http:/www.ibutton.com/, 2003.
[23] A. Menezes, P.v. Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography, pp. 321-383. CRC Press, 1996.
[24] M. Bellare, R. Canettiy, and H. Krawczykz, “Keying Hash Functions for Message Authentication,” Proc. Advances in Cryptology (CRYPTO '96), 1996.
[25] F. Zhu, M. Mutka, and L. Ni, “Splendor: A Secure, Private, and Location-Aware Service Discovery Protocol Supporting Mobile Services,” Proc. First IEEE Ann. Conf. Pervasive Computing and Comm., 2003.

Index Terms:

Pervasive computing, privacy, security.

Citation:

Feng Zhu, Matt W. Mutka, Lionel M. Ni, "A Private, Secure, and User-Centric Information Exposure Model for Service Discovery Protocols," IEEE Transactions on Mobile Computing, vol. 5, no. 4, pp. 418-429, April 2006, doi:10.1109/TMC.2006.38

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.