An Agent Approach to Security in Pervasive Environments

Abstract

Research Overview Information technology is slowly becoming invisible and will eventually be completely integrated into the environment. Computers will soon become part of a network, connecting all devices from lamps, projectors, and printers to laptops, PDAs and cellphones. The number of computationally enabled devices will increase exponentially and people will be able to access these resources and perform computing operations anytime, and anywhere, through this integrated network known as ubiquitous/pervasive computing (Weiser 1991) (Satyanarayanan 2001). In these loosely coupled, highly dynamic environments, users will be able to move around and still be connected to this network of resources, which themselves will be constantly changing. As resources will be mutable, frequently changing their parameters like location, functionality, interoperability, accessing them uniformly will be difficult. Users will also be dynamic; moving in and out of range, using different devices for accessing the environment, and using different identities. Traditionally, stand-alone computers and small networks rely on user authentication and access control to provide security. These physical methods use system-based controls to verify the identity of a person or process, explicitly enabling or restricting the ability to use, change, or view a computer resource. However the existing security mechanisms fail to meet the requirements of pervasive systems, which include authenticating foreign users and providing authorization to a large number of entities in the absence of a central control or repository. Our research proposes to model pervasive systems using agent technologies and to use principles of distributed trust management as an alternative to traditional authentication and access control schemes. Pervasive systems suffer from several problems like service description and discovery, and negotiation for services, which have elegant interpretations in agent technologies. We believe that pervasive systems will greatly benefit from the adoption of these interpretations, as it will not only reduce development time, but also provide comprehensive and sophisticated solutions. Distributed trust management is similar to the way security is handled in human societies, where people are judged on their abilities, assets and relationships. The basis for