Although pervasive computing technology looks promising, one critical challenge needs to be addressed before it can be widely deployed -- security. The very knowledge that enables a pervasive computing application to provide better services and functionalities may easily be misused, causing security breaches. The problem is serious because pervasive computing applications involve interactions between a large number of entities that can span different organizational boundaries. Unlike traditional applications, these applications do not usually have well-defined security perimeter and are dynamic in nature. Moreover, these applications use knowledge of surrounding physical spaces. This requires security policies to use contextual information that, in turn, must be adequately protected from security breaches. Uncontrolled disclosure of information or unconstrained interactions among entities can lead to very serious consequences. Traditional security policies and mechanisms rarely address these issues and are thus inadequate for securing pervasive computing applications.
The current work seeks to develop a new model and framework for securing pervasive computing applications. It proposes new security policies and models and shows how these can be used to design such applications. The first step is to identify the policies needed in a pervasive computing environment and to develop models that formalize their syntax and semantics. Unlike traditional policy models where the subjects are known a priori, pervasive computing applications may need to interact with entities who are not completely trusted. Therefore, the second step is to formalize a suitable trust model and develop strategies for establishing trust between entities. The model must accomodate the notion of different degrees of trust, identify how to determine the trust value, and define how trust changes over time. The trust negotiation strategies must take into account the constraints imposed by pervasive computing applications, such as timing constraints. The third and final step is to use the models developed previously and design secure pervasive computing applications. The research will encompass the following three tasks.