KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

Context-Aware Security System for the Smart Phone-based M2M Service Environment

  • Lee, Hyun-Dong (Dept. of Computer Engineering, Pukyong National University) ;
  • Chung, Mok-Dong (Dept. of Computer Engineering, Pukyong National University)
  • Received : 2011.09.02
  • Accepted : 2012.01.17
  • Published : 2012.01.30
Download PDF
⟨ Previous Next ⟩

Abstract

The number of smart phone users is rapidly growing due to recent increase in wireless Internet usage, development of a wide variety of applications, and activation of M2M (Machine to machine) services. Although the smart phone offers benefits of mobility and convenience, it also has serious security problems. To utilize M2M services in the smart phone, a flexible integrated authentication and access control facility is an essential requirement. To solve these problems, we propose a context-aware single sign-on and access control system that uses context-awareness, integrated authentication, access control, and an OSGi service platform in the smart phone environment. In addition, we recommend Fuzzy Logic and MAUT (Multi-Attribute Utility Theory) in handling diverse contexts properly as well as in determining the appropriate security level. We also propose a security system whose properties are flexible and convenient through a typical scenario in the smart phone environment. The proposed context-aware security system can provide a flexible, secure and seamless security service by adopting diverse contexts in the smart phone environment.

Keywords

References

  1. KH. Nam. et al., "Smartphone security technology and solution trends," Weekly Technical Trends, No. 1466, pp. 1-7, 2010.
  2. ETSI TS 102 689 v1.1.1, "Machine-to-Machine communications(M2M); M2M service requirements," 2010.
  3. ETSI TS 102 690 v0.10.1, "Machine-to-Machine communications(M2M); M2M functional architecture," 2011.
  4. SY, Na. et al., "Smart phones and mobile office security issues and strategies," National information society agency, vol. 26, pp. 12-20, 2010.
  5. A. K. Dey, "Understanding and using context," Personal and Ubiquitous Computing, vol. 5, no. 1, pp. 4-7, 2001. https://doi.org/10.1007/s007790170019
  6. Schilit, B., Adams and N. Want, R., "Context-Aware computing applications," in Proc. of the 1st International Workshop on mobile Computing Systems and Applications, pp. 85-90, 1995.
  7. H Chen, "An intelligent broker architecture for pervasive context-aware systems," PhD thesis of UMBC, 2004.
  8. Gaia project, http://gaia.cs.uiuc.edu/
  9. Gu, T. et al., "An ontology-based context model in intelligent environments," in Proc. of Communication Networks and Distributed Systems Modeling and Simulation Conference, 2004.
  10. H. Kim et al., "CAMUS - A middleware supporting context-aware services for network-based robots," in Proc. IEEE Workshop on Advanced Robotics and Its Social Impacts, 2005.
  11. L. A. Zadeh, "Fuzzy sets," Information and Control, vol.8, pp. 338-353, 1965. https://doi.org/10.1016/S0019-9958(65)90241-X
  12. R. L. Keeney and H. Raiffa, "Decisions with Multiple Objectives: Preferences and Value Tradeoffs," Cambridge university press, pp . 261-271, 1993.
  13. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C.E.Youman, "Role-based access control models," IEEE Computer, vol. 29, no. 2, pp. 38 - 47, Feb. 1996. https://doi.org/10.1109/2.485845
  14. M.J.Convington, M.J Moyer, and M.Ahamad, "Generalized role-based access control for Securing future applications," in Proc of 23rd National Information Systems Security Conference (NISSC), pp. 115-125, 2000.
  15. M.J. Moyer and M.Ahamad, "Generalized Role-Based Access Control," in Proc. of IEEE Int'l Conf. on Distributed Computing Systems (ICDSC2001), pp. 391-398, 2001.