DISTRIBUTED MULTI LEVEL SECURITY TOKEN BASED AUTHENTICATION FOR UBIQUITOUS OBJECTS - Printable Version +- Free Academic Seminars And Projects Reports (https://easyreport.in) +-- Forum: Seminars Topics And Discussions (https://easyreport.in/forumdisplay.php?fid=30) +--- Forum: Engineering Seminars Topics (https://easyreport.in/forumdisplay.php?fid=7) +---- Forum: Computer Science Seminar Topics (https://easyreport.in/forumdisplay.php?fid=12) +---- Thread: DISTRIBUTED MULTI LEVEL SECURITY TOKEN BASED AUTHENTICATION FOR UBIQUITOUS OBJECTS (/showthread.php?tid=25883) |
DISTRIBUTED MULTI LEVEL SECURITY TOKEN BASED AUTHENTICATION FOR UBIQUITOUS OBJECTS - stuff4life - 08-16-2017 [attachment=3693] DISTRIBUTED MULTI LEVEL SECURITY TOKEN BASED AUTHENTICATION FOR UBIQUITOUS OBJECTS DMSA Presented By: A.R.Yardi 1 U.P.Kulkarni 2 J.V.Vadavi 3 Thyagaraju.G.S 4 S.M.Joshi 5 Principal, CSE Dept, Walchand CET, Sangli, India, Faculty, CSE Dept, SDM CET, Dharwad, India Faculty, CSE Dept, SDM CET, Dharwad, India Faculty, CSE Dept, SDM CET, Dharwad, India Faculty, CSE Dept, SDM CET, Dharwad, India ABSTRACT Ubiquitous computing technology provides an environment where users expect to access resources and services anytime and anywhere. The serious security risks and problems arise because resources can now be accessed by almost anyone with a mobile device in such an open model. This paper explores security in ubiquitous computing with focus on authentication. We propose a new model, which uses distributed hierarchical tree based approach for authenticating ubiquitous objects. We overcome the problems associated with having centralized source of information by dividing the information among Certifying Agents (CA), which are arranged in the form of a tree. Each Certifying Agent maintains information about the local objects and its immediate descendant certifying Agents. Certifying Agents communicate to each other for authenticating the ubicomp objects. The central idea of this solution is to efficiently spread the important information over several, separate Certifying Agents, which are distributed and hence highly available. Keywords: Ubiquitous, Certifying Agents, Security Tokens, Pervasive Computing 1. INTRODUCTION A ubiquitous computing is a new computing paradigm, which integrates computation into our lifestyle and to extend our reach into a global network of computing, freeing us from desk-bound application interaction. With the ability to take corporate and personal processes and data with us, no matter our destination, opportunities abound for improving and enhancing our personal and professional Life. Mainframe Computing, was dominating during 1940s to the early 1980s. In the early eighties the Personal computing evolved and allowed the symbiosis between a single person and a computer. Subsequently Internet computing was introduced with the invention of the World Wide Web in the early nineties. Today we have reached a stage where every object communicates to each other resulting in to the imaginary world called Pervasive computing thus making this a compelling vision for the future that is moving closer to realization at an accelerating pace. The combination of global wireless and wired connectivity along with mobile technologies has made the vision of ubiquitous computing much more realistic and feasible. Ubicomp [5] is an intelligent computing, integrated into everyday objects that, it becomes invisible to users. In this world, toys play together, pets converse with their owners, vehicle talk to road signs, refrigerators know when items inside expire. The inherent freedom of ubiquitous system introduces challenges for security and trust management [1]. Arguably, trust management is the most critical security issue in ubicomp objects. If ubicomp objects do not have any prior knowledge of each other, the trust establishment becomes complicated. In these kinds of situations the Ubicomp objects themselves should be responsible for their own security. But achieving this is impossible without depending on the third party for authentication. We propose a model for security management with focus on authentication in ubicomp objects that is based on distributed hierarchy of authority to authenticate any objects with multi level security tokens to identify the levels of security required for authentication. 1.1. Security in Ubicomp Classical security models rely extensively on perimeter defenses and stable trust relationships. Thus the use of firewalls to enforce perimeter security based on a tightly defined network boundary. Also, users of a system are assumed to be pre-registered and thus authentication and access control are centered on user identities. In other words, in centralized systems [18], authentication is completed via a login and password and transmitted through terminals directly connected to a host, and from which the access rights and authorization are based only on the user s connection from the terminal and not on the validity or verification of the individual. In a pervasive environment, the above assumptions simply do not hold. Pervasive computing extends traditional computing boundaries. Also, trust relationships are dynamic as the user community may be anonymous and constantly changing, making pre-registration unworkable, and user identity may not be known, available or relevant [19]. The various security problems [16] that are barriers to moves from the lab to the real world. The security issues for Ubiquitous objects can be considered with respect to the following four criteria: Confidentiality is the guarantee that information is shared only between a user and the entities the user is willing to communicate the information to. Authenticity is the assurance that the Ubiquitous object in a ubiquitous connection has the claimed identity and has subscribed to the ubiquitous service. Integrity means the correctness of stored and communicated personal (and annotation) data, in the sense that only the corresponding person (the author or a responsible moderator) can alter them. Availability means that the ubiquitous service is accessible and usable for subscribed persons using appropriate mobile devices 1.2. Authentication in ubiquitous computing An authentication process establishes the identity of some entity under scrutiny. For example, a traveler authenticates them-self to a border guard by presenting a passport. Possession of the passport and resemblance to the attached photograph is deemed sufficient proof that the traveler is the identified person. The act of validating the passport (by checking a database of known passport serial numbers) and assessing the resemblance of the traveler is a form of authentication. Successful mainstream pervasive computing are: device authentication does not imply that the authenticated entity authentications, privacy, trust management, device assurance, resource, and availability. The trust, security, and privacy issues inherent in pervasive computing environments present unique challenges that require a fundamental re -examination of how to build large-scale, trustworthy, distributed systems. Ubiquitous systems need to be secure. The heart of Ubiquitous computing vision lies in an inherent contradiction [3]. On the one hand, a computing environment must be highly knowledgeable about a user, to conform to his/her needs and desires without explicit interactions, almost reading the user s mind. On the other hand a system that is truly ubiquitous will encompass numerous users, physical regions, and service providers. At such large scale, perfect trust among all parties is an un-attainable and is ideal. Trust boundaries thus represent seams of discontinuity in the fabric of pervasive computing. Building secure systems is a challenge for the number of reasons. While establishing a trust 3], users must be confident of their computing environments, trust worthiness. The infrastructure must be confident of a user s identity and authorization level before responding to the requests. This will become a key requirement as pervasive computing is given access. An authorization process uses authentication, possibly with other information, to make decisions about whom to give access. For example, not all authenticated visitors will be permitted to enter any where in the defense building i.e we need to establish some mechanism on, who can do what? and what not? , though they are authenticated visitors. For this reason we have introduced the concept of multi level security token concept. Each ubicomp object is issued token at particular level, depending on associated risk involved, by the third part certifying agents. When such object A, negotiate with other object B , it is up to the object B, to decide whether to permit A for whatever it is requesting or not ?,depending on the security toke level of the object A and vice versa.. Existing security infrastructures [1] deal with authentication and access control. These mechanisms are inadequate for the increased flexibility required by distributed networks. We suggest enhancing security by the addition of trust, which is similar to the way security is handled in human societies. A person is trusted if someone we trust, says that the person can be trusted. In terms of distributed computing, a user is allowed to access a service or information, if the user has the access right to do so, or if the user has been delegated the ability by a trusted authority. Trust management can be viewed as developing of security policies, the assignment of credentials to entities, checking if the credentials fulfill the policy and the delegation of trust to third parties. 2. MOTIVATIONS AND RELATED WORK The five hard trust-related problems in a pervasive computing environment [16] are: 1. Who am I talking to? 2. Will my privacy be safeguarded? 3. Can I trust the device I am communicating? 4. Does the system provide the resource? 5. Will the pervasive services be reliably available? At the present time, pervasive computing researchers are investigating specific security issues in the context of narrowly defined point problems [16]. The main future challenge of pervasive computing consists in offering access anywhere and anytime with any devices. However, before it becomes a reality, the problems of access control and authentication have to be solved, among others. Existing solutions are inadequate without adaptation to this specific environment. Reijo Savola et al [1] , proposes an approach for authentication using self-signed certificates. This approach resembles the ideally used PGP approach [2]. Here the node creates and signs a public key certificate using corresponding secrete key. The self-signed certificate is not proof of identity. But the proof that the node posses public secrete key pair. As with PGP the certificate gradually becomes proof of identity, when other nodes have signed it. The self signed certificate approach suits the situations in which the same node form network regularly. Here the first contact is insecure. But in the subsequent contacts, the nodes have sufficient information about each other, and hence the communication is secured. Among the promising approaches, the trust paradigm seems to be more flexible than others. The APC (Access Pass Certificate) proposed [10] has model to enable authorized user to roam and to access trusted hosts without being known locally. Each user can have an APC certificate from two kinds of hosts: the main host (where the user is member) and the trusted host (that trust the user). Using these certificates, the user extends progressively his access scope. Moreover, this model implements a decentralized mapping policy, where correspondence between the user s home profile and its rights on the trusted hosts is determined as needed. The main disadvantage of this model is the difficulty while managing relationship among organizations (hosts) and applying the mapping policy. In fact, an organization, having a trust relationship with other organizations, must validate and value relations manually and is not acceptable in case of true pervasive system. Security in Ubiquitous computing environment such as Pervasive or Ad-hoc, security models based on trust, (PGP Pretty good Privacy) [12], X509[11], [13], [14] and [15], are implemented .Almost all these models use the delegation concept to extend the access scope. They can use a certification [13], [14], or agents [15], which enable any, authorized entity the right to delegate an access to certain resources. The delegation mechanism is considered to be efficient, but not quite sufficient to perform a broad access, because the user s scope is restricted only to environments where he could be locally known. Consequently, he can have an access if there is at least one entity that trusts him. In a pervasive computing environment, users have many devices that are used to initiate or answer remote service requests, such as obtaining real-time stock quotes, handling corporate email, or accepting telephone calls. We envision that in the future, many applications will be distributed, running across many of a user s specialized pervasive devices rather than on a single system. In this case, a user needs the ability to log into the personal pervasive domain, which spans each of the pervasive devices representing this user. In addition, the pervasive devices belonging to the user s pervasive domain must be able to represent this user to external services. The paper [17] solve the problem of managing the authorization for pervasive devices belonging to a user s personal pervasive domain by introducing a central personal authorization gateway that accompanies the user and allows pervasive devices in the user s pervasive domain to be automatically configured and authorized. The Pervasive Authentication Domain proposed [17] consists of a Personal Authentication Gateway (PAG) and a collection of pervasive devices. The Personal Authentication Gateway is transparent to external parties and constitutes the security hub for the domain. A pervasive device can request its security configuration at boot-time from the gateway or the pervasive devices can refresh their security configuration on demand. The architecture of the Personal Authentication Gateway and pervasive devices that implement the Pervasive Authentication Domain is illustrated in Figure 1. As PAD model works on central repository like model, it may have poor performance when huge number of pervasive objects are involved and hence is not scalable. So we are proposing Distributed Multi level Security token-based Authentication for ubiquitous objects (DMSA). 3. PROPOSED MODEL The Distributed Multi level Security token-based Authentication (DMSA) protocol for ubiquitous object operates in distributed, multi-level security environment, which is modeled as forest of hosts operating as Certifying Agents (CA). Certifying Agents authenticate the Ubiquitous Objects (O) for communication. CAs is arranged in the form of a tree, root being the single point authority, yet the whole structure is geographically distributed. Each CA maintains information about its immediate descendants, which can be CAs or ubiquitous objects, registered with it, as shown in the figure-2. To illustrate the working of the proposed model, consider the Certifying Agents in the hierarchy as shown in the following figure -2. The authentication process is carried out through the following phases. 3.1. Registration Phase 3.1.1 Registering Certifying Agent All the Certifying Agents who are responsible for registering Objects need to register themselves with another Certifying Agent (Parent). 3.1.2 Registering Objects The Ubiquitous objects which want to communicate with other objects need to register them by providing Object ID to any CA and get appropriate Security Token, depending on the level at which CA believe that object. 3.2. Authentication Phase The communication between two Ubicomp objects commences with one object sending the service request message to the other. This initiates the authentication phase. For illustration consider two Ubicomp Objects - mobile handset and a laptop. In the registration phase, the Mobile is registered with the Certifying Agent CA1.1.1.0 and the Laptop is registered with the Certifying Agent CA1.3.2.0. Assume that in some context, at some different place, mobile (initiator) wish to access the service available at Laptop (Listener) and hence sends a request message to Laptop. Laptop forwards the message to its Certifying Agent CA1.3.2.0. The authentication process that is followed is as described below. Scenario 1 Here each Certifying Agent stores the information about all other Certifying Agents of the distributed tree. The Mobile, registered at Certifying Agent CA1.1.1.0 sends service request to the Laptop. The Laptop authenticates Mobile by sending message to its certifying Agent CA1.3.2.0. Since each Certifying Agent has the details about all other Certifying Agents, the Certifying Agent CA1.3.2.0. Forwards the Authentication message to Certifying Agent CA1.1.1.0 directly without going through up or down the tree. The reply from the Certifying Agent CA1.1.1.0 will be forwarded to Laptop by Certifying Agent CA1.3.2.0. Depending upon the reply, the Laptop can provide access to Mobile. This scenario is illustrated in figure3. The problem with this scenario is, regularly advertising the status of CA, addition/deletion of CAs at any place to all the CAs of the entire tree. One such problem is highlighted in figure-3.1, where CA1.1.1.0 is blocked by its parent CA1.1.0. By the time t , this information spreads to all CAs in tree, may be some CA say 1.3.2.0 may send message to blocked CA1.1.1.0 for authentication of some objects. This happens because the information of blocking CA 1.1.1.0 is not reached CA 1.3.2.0. Now CA 1.1.1.0 may respond and hence violate the whole objectives defined. Scenario 2 In this scenario each Certifying Agent stores the information about its children certifying Agents and about its parent certifying Agent only. Every Certifying Agent is assigned a unique hierarchical address (referred her as Ubiquitous Address similar to Internet Protocol address) by its parent Certifying Agent. The Mobile, registered at Certifying Agent CA1.1.1.0, sends service request to the Laptop. The Laptop authenticates Mobile by sending the message to its CA i.e CA1.3.2.0. Now CA1.3.2.0 searches CA1.1.1.0 in its table. Since Certifying Agent CA1.1.1.0, is not registered under CA1.3.2.0, it forwards the message to its parent certifying Agent or to its descendent Certifying Agents, by resolving the hierarchical address. Upon receiving the message from CA1.3.2.0, the certifying agent CA1.3.0 also follows the same procedure and the message will be forwarded finally to CA1.1.1.0. The CA1.1.1.0 authenticates the Mobile and the reply will be sent to Certifying Agent - CA1.3.2.0. Now CA1.3.2.0 forwards this reply to Laptop. The scenario-2 is represented in figure-4. The drawback of this scenario is the time t1 required to forward the authentication message through the up and down the hierarchy. However fro m the observation it is clear that, this time t1 is more acceptable than the time t mentioned in scenario 1. 4. DATA STRUCTURES USED Every CA maintains the records in the form of tables. Each CA has two tables, one for the information about its descendent CA and the other for the information about the registered ubiquitous objects in that region. It also has static information about the parent CA. The structure of the table to maintain the descendent CA s information is as shown in figure-5 and for registered objects is as shown in figure-6 Object ID : UA Address : The object and is different From Object ID. Retention Period : for which the entry will be maintained by the CA Security Token (ST): Unique Object ID. Ubiquitous Address for Maximum duration Value in this field Identifies the access Right for the object. Every Object should register with the local CA by specifying its ID and other details required so that CA can believe it. Based on all this information security token will be assigned to that object for some duration. More freedom implies less retention period and vice versa. When the object wants to communicate with other objects it has to send a request message as shown in figure-7, to the object with which it wants to communicate. Figure-7: Request format. : The address of the CA with which the object is registered. ST : The values can be 0 - No access (default) 1 - Read Only. 2 - Read and Write. These values are used for illustration purpose only. : Object ID with whom my -object wish to Negotiate. The receiving object forwards this message to the local, It s CA. If the sending object has registered with the local CA then ST will be verified locally else the CA Will query its parent CA by s ending the message as Shown in figure-8. Figure-8: Message format for query between CAs Finally the message will be forwarded to the proper CA, in which the object whose authentication details are registered. After verifying, this CA will respond back to the requesting CA. The local CA then sends reply to the object, which can then provide service depending on reply received. The proposed model was implemented using Aglet- an Agent platform developed by IBM. The empirical results show that the performance is acceptable though it involves exchange of huge message, which is essential; otherwise it is practically impossible to authenticate 5. CONCLUSION We believe that the trends in pervasive computing are increasing the diversity and heterogeneity of Networked Objects and their constituent devices. Developing security protocols that can handle diverse and mobile, devices, networked in various ways represents a major challenge. In this paper, we have taken a first step towards meeting one of such challenge i.e. authentication of ubiquitous objects. Empirical results have shown that the performance of the proposed DMSA model is acceptable in reality of pervasive world. It is also clear that perfect trust among all parties in pervasive world is an un- attainable ideal without compromising the true autonomy i.e. we need to depend on the trusted third party for whatever the algorithm used for authentication. REFERENCES [1] Reijo Savola,Ilkka Uusitalo, Towards Node-Level security management in self organizing Mobile Ad hoc Networks, devices in pervasive world. The GUI of the Advanced International on Telecommunication and implementation is shown in figure-9. [2] Zimmermann P., PGP User s Guide, MIT October 1994. [3] M.Satyannarayanan Privacy: The Achilles Heel of Pervasive Computing? Editor in Chief IEE Pervasive Computing Jan-March 2003. [5] George Roussos, Theano Moussouri Consumer perceptions of privacy, security and trust in ubiquitous commerce Springer-Verlag London Limited 2004ers Ubiquit Comput (2004) 8: 416-429 [6] Mark Weiser, Rich Gold, John Seely Brown, The origins of ubiquitous computing research at PARC in the ate 1980s,IBM Systems Journal; 1999; 38, 4;Wilson Applied Science & Technology pg. 693 [7] Mark S. Ackerman Privacy in pervasive environments: next generation labeling protocols Pers Ubiquit Comput (2004) 8: 430-439 [8] Weiser, Mark Some computer science issues in ubiquitous computing, Association for Computing Machinery. Communications of the ACM; Jul 1993; 36, 7; Wilson Applied Science & Technology Abstracts pg. 74 [9] Kay R mer, Thomas Schoch and Friedemann Mattern Smart Identification Frameworks for Ubiquitous Computing Applications, Wireless Networks 10, 689-700, 2004 Kluwer Academic Publishers. Manufactured in The Netherlands. [10] Rachd Saadi, et al, APC: Access Pass Certificate Distrust Certification Model for Large Access in Pervasive Environment 0-7803-9032-61051 $20.00 02005 IEE, pp361-370. [11] ITU-T Rec. X.509 (2000). ISOAEC 9594-8, The Directory: Authentication Framework.[12] P. R. Zimmermann. The Official PGP User's Guide. IT Press, Cambridge, MA, USA, 95. [12] Lalana Kagal, Tim Finin, and Anupam Joshi, Trust- based security in pervasive computing environments. IEE Computer, pages 154.157. DEC 01. [13] Laurent Bussard, Yves Roudier, Roger Kilian Kehr, Stefan0 Crosta. Trust and Authorization in Pervasive B2E Scenarios. In Proceedings o f 6th Information Security Conference (ISC'03) OCT 03. [14] Lalana Kagal, Tim Finin and Yun Peng, A Delegation Based Model for Distributed Trust, Proceedings of the IJCAI-01 Workshop on Autonomy, Delegation, and Control: Interacting with Autonomous Agents, pp 73-80. AWG 01. [15] Kumar Rang Nathan, Trustworthy Pervasive Computing: The Hard Security Problems, Proceedings of the Second IEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW 04) [16] Reiner Sailer, James R. Giles, Pervasive Authentication Domains for Automatic pervasive Device Authorization, Proceedings of the Second IEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW 04) [17] T. Ray Campbell, Self-Authorization: A Methodology for Secured Network Access in a Distributed Paradigm, 0 7803-8865-8/05/ 2005 IEE. [18] Roshan K. Thomas Ravi Sandhu, Models, Protocols, and Architectures for Secure Pervasive Computing: Challenges and Research Directions, Proceedings of the Second IEE Annual Conference on Pervasive Computing and Communications Workshops |