Title: Trust Context Spaces an Architecture for Security in Pervasive Computing SPC 2003, Boppard Germany, 13.03.2003
1Trust Context Spacesan Architecture for Security
in Pervasive ComputingSPC 2003, Boppard
Germany, 13.03.2003
- Philip Robinson Michael Beigl
- Telecooperation Office
- University of Karlsruhe
2Key Terms just to put things in context
- Context
- Interactive Context
- Security Context
- Trust Context
3Context
- any information that can be used to
characterize the situation of an entity, where an
entity can be a person, place, or physical or
computational object. (Abowd, Dey, 1999)
Physical Context
Application (Computational) Context
4Interactive Context
- any information that characterizes the state of
an interaction (more than one entity), including
the identites involved, relationships formed
(sessions established), accessible data and
operations.
Physical
Physical
Application (Computational)
Application (Computational)
5Security Context
- any information that characterizes the policies
and mechanisms used to meet the protection
requirements, and hence safeguard the current
interactive context
Physical
Physical
Application (Computational)
Application (Computational)
6Trust Context
- any information that can be used to characterize
the evidence and assurances that the security
context for a particular interactive context is
and will be maintained.
Physical
Physical
Application (Computational)
Application (Computational)
7What has changed in Pervasive Computing?
- Greater overlap of physical and virtual
environments - Networked Sensor technology led to Augmented
Reality - Physical actions and changes in the environment
have more significance in computer applications
(Context-Awareness) - Virtual events have more real-world significance,
without obtrusion (Ambient Technologies) - The interactive context has been widened
Application (Computational) Context
Physical Context
8What has changed in Pervasive Computing?
Each sector represents the scope of identities,
sessions, accessibility of data and operations
The implicitly shared interactive context has
been widened
Personal Interactive Context
Implictly Shared Interactive Context
Explictly Shared Interactive Context
Public Interactive Context
9but may result in...
10Security Vulnerability Windows
physical
virtual
Value of Context Information
Time (t)
11Goals of Trust Context Spaces
- Minimize occurences of Security Vulnerability
Windows - Control the security risks associated with
implicitly shared information
12Principle 1Equilibrium of Physical and Virtual
Security
- Perception physical cues for security translated
into invocation of virtual security mechanisms - Actuation virtual security-related events
produce active notification or adaptation of
physical environment
13Principle 2Trust in the Environment
- Some trust decisions are offloaded to the
environments security services (natural
behavior) - Environment rooms, offices, buildings etc. A
definite space - A Trust Context Space therefore has both physical
and virtual properties implying both physical
and virtual identities, assets, operations, and
relationships
14Principle 3Shared Unique Context as a Basis for
Security
- A good secret key must not be repeatable or
easily derived - Efforts to facilitate yet secure implicit
interaction - The more parties interact, the more unique their
shared context becomes (cumulative trust)
15Architecture
16Scenario
17Conclusion Contributions Evaluation
- Incubation of virtual identities/ counterparts
within Controlled spaces (meeting rooms,
offices...) - Public Trust Context Spaces are further challenge
- Entropy of context information has to be taken
into consideration, if being used for implicit
key generation