Enhancing Privacy-Preserving Access Control for Pervasive Computing Environments
Abstract.
The exchange of user-related sensitive data within a Pervasive Computing Environment (PCE) raises security and privacy concerns. On one hand, service providers require user authentication and authorization prior to the provision of a service, while at the same time users require anonymity, i.e., untraceability and unlinkability for their transactions. In this paper we discuss privacy and security requirements for access control in PCEs and show why a recently proposed efficient scheme [RL07] fails to satisfy these requirements. Furthermore, we discuss a generic approach for achieving a desired level of privacy against malicious insiders, while balancing with competing demands for access control and accountability.
Key words: Privacy and Security, Pervasive Computing Environments, Unlinkability, AccountabilityDownload: (PDF
file)
