Designing Authentication and Privacy Schemes for Ubiquitous Services

Abstract

Ubiquitous services in ubiquitous environments provide personalized and adaptive services to a user anytime anywhere, by considering the context information such as profile information and history of the users. Ubiquitous services, like ubiquitous health care service, ubiquitous shopping complex, ubiquitous tourist guide systems, ubiquitous learning systems, provide adaptive, user-centric, context-aware services intelligently in healthcare, product purchase, tourism and education fields respectively.

The objective of the work is to design secured ubiquitous services for ubiquitous users. Proposes user authentication, mutual authentication between user and service provider, service access control and user privacy schemes for ubiquitous services. Ubiquitous services require context aware information of a user such as interests, activities or preferences. Proposed work uses hybrid Genetic Algorithm - Agent technology. Agents are intelligent and have the capability to take decisions by themselves, and dynamically resolve the local problems. Two variants of agents, Static Agent (SA) and Mobile Agents (MAs) are employed, where the SA resides at the ubiquitous service provider and deploys MA on requirement. Correlations among contexts are established and relevant contexts are obtained through genetic algorithm(GA).

To have a secured ubiquitous service for ubiquitous users, we have proposed the following works: • Ubiquitous User Authentication: To avail ubiquitous services, users need to be authenticated. Using GA-Agent technology, authentication certificates are generated based on user context information considering user personal and professional information, activity, relation, location, status, etc. The proposed authentication scheme is analysed and validated using BAN Logic. The designed scheme is implemented over the ubiquitous health care service and the results demonstrate that a consistent authentication was rendered to the users and health-workers. The certificate generated is simple, accurate, and smaller.

• Mutual Authentication: To enable users to roam seamlessly to avail ubiquitous services, one should be authenticated by the new subnetworks which he visits, also users need to authenticate the entity who provides the services, and with whom the user shares all his data. We propose mutual authentication of entities involved in ubiquitous services and GA are assisted with SA-MA to enable mutual authentication. Authentication based access control: On mutual authentication, dynamic access control policies are assigned to the users, and ubiquitous services are allocated fairly, by the SA and MA’s . It calculates the context priorities of the users - by considering the importance of the services executed, service utilization history and cost effectiveness of the service. The scheme is validated using BAN Logic and we have tested the proposed scheme over ubiquitous health care services, and the results shown are satisfactory.

• Preservation of user privacy: The main goal of ubiquitous service is to create the information space, where users can share information like events, knowledge, activities, etc., securely without giving up their privacy. We propose a privacy preserving technique by considering the user’s interests,preferences, history, etc. In this method, intelligent agents are deployed, where the SA is responsible for determination of privacy policies of users. On the other hand, MAs are responsible for ensuring enforcement of privacy policies over the users. The proposed scheme is tested over an ubiquitous tourist guide service, where we simulated different sets of services related to the tour-guide. Subsequently, privacy threats and their prevention are also discussed.