This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
A Private, Secure, and User-Centric Information Exposure Model for Service Discovery Protocols
April 2006 (vol. 5 no. 4)
pp. 418-429
Feng Zhu, IEEE
Service Discovery as an essential element in pervasive computing environments is widely accepted. Much research on service discovery has been conducted, but privacy and security have been ignored and may be sacrificed. While it is essential that legitimate users should be able to discover services, it is also necessary that services be hidden from illegitimate users. Since service information, service provider's information, service requests, user presence information, and user's identities may be sensitive, we may want to keep them private during service discovery processes. There appears to be no existing service discovery protocols that solve these problems. We present a user-centric model, called PrudentExposure, which exposes minimal information privately and securely. Users and service owners exchange code words in an efficient and scalable form to establish mutual trust. Based on the trust, secure service discovery sessions are set up. The model is further improved to counter attacks. We analyze the mathematical properties of our model, formally verify our security protocol, and measure the performance of our prototype system.

[1] F. Zhu, M. Mutka, and L. Ni, “Service Discovery in Pervasive Computing Environments,” IEEE Pervasive Computing, vol. 4, pp. 81-90, 2005.
[2] S. Czerwinski, B.Y. Zhao, T. Hodes, A. Joseph, and R. Katz, “An Architecture for a Secure Service Discovery Service,” Proc. Fifth Ann. Int'l Conf. Mobile Computing and Networks (MobiCom '99), 1999.
[3] C. Ellison, “Home Network Security,” Intel Technology J., vol. 6, pp. 37-48, 2002.
[4] B. Bloom, “Space/Time Trade-Offs in Hash Coding with Allowable Errors,” Comm. ACM, pp. 422-426, 1970.
[5] M. Burrows, M. Abadi, and R. Needham, “A Logic of Authentication,” ACM Trans. Computer Systems, 1990.
[6] Sun Microsystems, “Jini Technology Core Platform Specification,” Version 2.0, http://wwws.sun.com/software/jinispecs/, 2003.
[7] UPnP. Forum, “Universal Plug and Play Device Architecture 1.0,” http://www.upnp.org/resources/documentsCleanUPnPDA10 1 -20031202s.pdf , 2003.
[8] S. Cheshire and M. Krochmal, “DNS-Based ServiceDiscovery,” Apple Computer, http://files.dns-sd.orgdraft-cheshire-dnsext-dns-sd.txt , 2004.
[9] Bluetooth SIG, “Specification of the Bluetooth System,” http:/www.bluetooth.org/, 2004.
[10] Salutation Consortium, “Salutation Architecture Specification,” ftp://ftp.salutation.org/salutesa20e1a21.ps , 1999.
[11] E. Guttman, C. Perkins, J. Veizades, and M. Day, “Service Location Protocol, Version 2,” http://www.ietf.org/rfcrfc2608.txt, 1999.
[12] M. Nidd, “Service Discovery in DEAPspace,” IEEE Personal Comm., pp. 39-45, 2001.
[13] W. Adjie-Winoto, E. Schwartz, H. Balakrishnan, and J. Lilley, “The Design and Implementation of an Intentional Naming System,” Proc. 17th ACM Symp. Operating Systems Principles (SOSP '99), 1999.
[14] M. Balazinska, H. Balakrishnan, and D. Karger, “INS/Twine: A Scalable Peer-to-Peer Architecture for Intentional Resource Discovery,” Proc. Pervasive 2002— Int'l Conf. Pervasive Computing, 2002.
[15] P. Eronen and P. Nikander, “Decentralized Jini Security,” Proc. Network and Distributed System Security Symp. (NDSS 2001), 2001.
[16] R. Rivest and B. Lampson, “SDSI— A Simple Distributed Security Infrastructure,” http://theory.lcs.mit.edu/~rivestsdsi10.html , 1996.
[17] C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen, “SPKI Certificate Theory,” http://www.ietf.org/rfcrfc2693.txt, 1999.
[18] L. Fan, P. Cao, J. Almeida, and A. Broder, “Summary Cache: A Scalable Wide-Area Web Cache Sharing Protocol,” IEEE/ACM Trans. Networking, vol. 8, pp. 281-293, 2000.
[19] F. Stajano and R. Anderson, “The Resurrecting Duckling: Security Issues for Ad-Hoc Wireless Networks,” Proc. Seventh Int'l Workshop Security Protocols, 1999.
[20] F. Stajano and R. Anderson, “The Resurrecting Duckling— What Next?” Proc. Eighth Int'l Workshop Security Protocols, 2000.
[21] R. Want, T. Pering, G. Danneels, M. Kumar, M. Sundar, and J. Light, “The Personal Server— Changing the Way We Think about Ubiquitous Computing,” Proc. Fourth Int'l Conf. Ubiquitous Computing, 2002.
[22] iButton Home Page, http:/www.ibutton.com/, 2003.
[23] A. Menezes, P.v. Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography, pp. 321-383. CRC Press, 1996.
[24] M. Bellare, R. Canettiy, and H. Krawczykz, “Keying Hash Functions for Message Authentication,” Proc. Advances in Cryptology (CRYPTO '96), 1996.
[25] F. Zhu, M. Mutka, and L. Ni, “Splendor: A Secure, Private, and Location-Aware Service Discovery Protocol Supporting Mobile Services,” Proc. First IEEE Ann. Conf. Pervasive Computing and Comm., 2003.

Index Terms:
Pervasive computing, privacy, security.
Citation:
Feng Zhu, Matt W. Mutka, Lionel M. Ni, "A Private, Secure, and User-Centric Information Exposure Model for Service Discovery Protocols," IEEE Transactions on Mobile Computing, vol. 5, no. 4, pp. 418-429, April 2006, doi:10.1109/TMC.2006.38
Usage of this product signifies your acceptance of the Terms of Use.