Scalability in a Secure Distributed Proof System
[minami:scalability]Kazuhiro Minami and David Kotz. Scalability in a Secure Distributed Proof System. Proceedings of the International Conference on Pervasive Computing (Pervasive), volume 3968 in Lecture Notes in Computer Science, pages 220–237. Springer-Verlag, Dublin, Ireland, May 2006. doi:10.1007/11748625_14. ©Copyright Springer-Verlag.
A logic-based language is often adopted in systems for pervasive computing, because it provides a convenient way to define rules that change the behavior of the systems dynamically. Those systems might define rules that refer to the users’ context information to provide context-aware services. For example, a smart-home application could define rules referring to the location of a user to control the light of a house automatically. In general, the context information is maintained in different administrative domains, and it is, therefore, desirable to construct a proof in a distributed way while preserving each domain’s confidentiality policies. In this paper, we introduce such a system, a secure distributed proof system for context-sensitive authorization and show that our novel caching and revocation mechanism improves the performance of the system, which depends on public key cryptographic operations to protect confidential information in rules and facts. Our revocation mechanism maintains dependencies among facts and recursively revokes across multiple hosts all the cached facts that depend on a fact that has become invalid. Our initial experimental results show that our caching mechanism, which maintains both positive and negative facts, significantly reduces the latency for handling a logical query.
Citable with [BibTeX]
Keywords: [context-aware] [security]
Available from the publisher: [DOI]
Available from the author:
This pdf is the authors' near-final copy; the publisher does not allow us to post the final pdf.