TUM Logo

Identity Metasystem in Location Based Persistent Authentication

Persistent authentication in smart environments (PAISE) is a new effective approach that has changed the device-centric paradigm in traditional token based authentication systems to a much more user-centric one. Instead of carrying a security token, such as an RFID tag, all the time the location of a previously authenticated user is simply persistently tracked by sensors in the smart environment, such as cameras. For closed scenarios, recent publications have already shown various advantages, such as consistent user experience across contexts and a decreased probability of impersonation. In order to address even more complex and privacy-enhanced scenarios, we propose to enhance PAISE with Identity Management (IdM). Taking advantage of IdM, users can easily choose among different virtual identities and, at the same time, we can now support open and cross-context application scenarios. This paper addresses the balance between the security requirements of service providers in smart environments and the privacy concerns of users. Therefore, this paper discusses first security and privacy implications in PAISE and evaluates then the adaptability and interoperability of existing identity management systems for persistent authentication in changing and open scenarios. As our main result and in order to ensure interoperability an Identity Metasystem on top of the PAISE architecture will be described in detail.

Identity Metasystem in Location Based Persistent Authentication

In Proceedings of the 3rd European Workshop on Combining Context with Trust, Security and Privacy (EuroCAT09)

Authors: Hasan Ibne Akram, Christian Damsgaard, Christian Damsgaard Jensen, and Mario Hoffmann
Year/month: 2009/9
Booktitle: In Proceedings of the 3rd European Workshop on Combining Context with Trust, Security and Privacy (EuroCAT09)
Address: Pisa, Italy
Fulltext:

Abstract

Persistent authentication in smart environments (PAISE) is a new effective approach that has changed the device-centric paradigm in traditional token based authentication systems to a much more user-centric one. Instead of carrying a security token, such as an RFID tag, all the time the location of a previously authenticated user is simply persistently tracked by sensors in the smart environment, such as cameras. For closed scenarios, recent publications have already shown various advantages, such as consistent user experience across contexts and a decreased probability of impersonation. In order to address even more complex and privacy-enhanced scenarios, we propose to enhance PAISE with Identity Management (IdM). Taking advantage of IdM, users can easily choose among different virtual identities and, at the same time, we can now support open and cross-context application scenarios. This paper addresses the balance between the security requirements of service providers in smart environments and the privacy concerns of users. Therefore, this paper discusses first security and privacy implications in PAISE and evaluates then the adaptability and interoperability of existing identity management systems for persistent authentication in changing and open scenarios. As our main result and in order to ensure interoperability an Identity Metasystem on top of the PAISE architecture will be described in detail.

Bibtex:

@inproceedings {
author = { Hasan Ibne Akram and Christian Damsgaard and Christian Damsgaard Jensen and Mario Hoffmann},
title = { Identity Metasystem in Location Based Persistent Authentication },
year = { 2009 },
month = { September },
booktitle = { In Proceedings of the 3rd European Workshop on Combining Context with Trust, Security and Privacy (EuroCAT09) },
address = { Pisa, Italy },

}