The security challenges for mobile ubiquitous services

It is envisaged that in future mobile ubiquitous environments, users will be able to seamlessly, search, access and consume a rich offering of services and content from an array of Service/Content Providers, whilst they are on the move, anytime, anywhere. Unfortunately, this new computing paradigm also brings along new and unique security challenges. Novel security solutions are therefore required. But, in order for appropriate security solutions to be devised, all possible security threats must first be thoroughly analysed, and the corresponding security requirements be identified. In this paper, we examine the security issues germane to a mobile ubiquitous environment. We then suggest some possible solutions which may be employed to address these security issues. Open research issues are also highlighted.     

Context-adaptive and energy-efficient mobile transaction management in pervasive environments

Pervasive computing is a user-centric, scalable, parallel, and distributed computing paradigm, allowing users to access to their preferred services even while moving around. Transaction management for pervasive environments has to provide mobile users with reliable and transparent services anytime anywhere. To make such a vision a reality, the communication of pervasive transaction processing should be context-aware for adapting to dynamically changing execution environments, and energy-efficient for prolonging the lifetime of battery-powered mobile devices. In this paper, we propose a context model and a context-aware transaction model for pervasive transactions, and present a c\underline{\mathrm{c}} ontext-adaptive and e\underline{\mathrm{e}} nergy-efficient t\underline{\mathrm{t}} ransaction m\underline{\mathrm{m}} anagement mechanism (CETM) that can dynamically adjust transaction execution behaviors in terms of current context information. Moreover, we model and verify the correctness of the CETM through Petri nets. The simulation results have demonstrated that our transaction management mechanism CETM can significantly reduce the failed probability of concurrent pervasive transactions.     

基于信任的普适计算安全机制

在普通计算环境中，用户能够在任何时间任何地点访问资源，获得服务。但是这种无处不在性和移动性的环境带来了新的安全问题。资源的拥有者和请求者一般互相不知道。该文给出了主体的信任策略以及基于信仟的普适计算环境认证方法和访问拧制模型。     

An effective authentication mechanism for ubiquitous collaboration in heterogeneous computing environment

With the advent of new generation of mobile access devices such as smartphone and tablet PC, there is coming a need for ubiquitous collaboration which allows people to access information systems with their disparate access devices and to communicate with others in anytime and in anywhere. As the number of collaborators with a large number of disparate access devices increases in ubiquitous collaboration environment, the difficulties for protecting secured resources from unauthorized users as well as unsecured access devices will increase since the resources can be compromised by inadequately secured human and devices. Therfore, authentication mechanism for access of legitimate participants is essential in ubiquitous collaboration environment. In this paper we present an efficient authentication mechanism in ubiquitous collaboration environment. We show that proposed scheme is secure through security analysis and is efficient through the experimental results obtained from the practical evaluation of the scheme in ubiquitous collaboration environment.     

Trust-based security in pervasive computing environments

Traditionally, stand-alone computers and small networks rely on user authentication and access control to provide security. These physical methods use system-based controls to verify the identity of a person or process, explicitly enabling or restricting the ability to use, change, or view a computer resource. However, these strategies are inadequate for the increased flexibility that distributed networks such as the Internet and pervasive computing environments require because such systems lack central control and their users are not all predetermined. Mobile users expect to access locally hosted resources and services anytime and anywhere, leading to serious security risks and access control problems. We propose a solution based on trust management that involves developing a security policy, assigning credentials to entities, verifying that the credentials fulfill the policy, delegating trust to third parties, and reasoning about users' access rights. This architecture is generally applicable to distributed systems but geared toward pervasive computing environments     

A new model for context-aware transactions in mobile services

With the ubiquity of handheld devices (such as smart phones and PDAs) and the availability of a wide range of mobile services (such as mobile banking, road traffic updates, and weather forecast), people can nowadays access information and conduct online transactions virtually anywhere and anytime. In such flexible, dynamic but less reliable environment, transaction management technology is believed to provide service reliability and data consistency. Indeed, in mobile and ubiquitous environments where devices as well as services can seamlessly join and leave the ubiquitous network; transaction management can be very helpful during the recovery of services from failure. Current transaction models and commit protocols do not take into account context information. However, in mobile environments, it is imperative to consider context information in the commit of a transaction—i.e., a transaction can be successfully completed if it meets the required context. In this paper, we propose a new model for context-aware transactions and their performance management in mobile environments. Unlike conventional transactions, context-aware transactions adapt to the required context. By context, we mean the service’s context as well as the users’ context that includes users’ needs and preferences. This paper designs and develops the proposed transaction model and evaluates its performance in terms of time and message complexities as well as transaction’s throughput.     

A robotic service framework supporting automated integration of ubiquitous sensors and devices

In recent years, due to the emergence of ubiquitous computing technology, a new class of networked robots called ubiquitous robots has been introduced. The Ubiquitous Robotic Companion (URC) is our conceptual vision of ubiquitous service robots that provides its user with the services the user needs, anytime and anywhere, in the ubiquitous computing environments. There are requirements to be met for the vision of URC. One of the essential requirements is that the robotic systems must support ubiquity of services. This means that a robot service must always be available even though there are changes in the service environment. More specifically, a robotic system needs to be interoperable with sensors and devices in its current service environments automatically, rather than statically pre-programmed for its environment. In this paper, the design and implementation of an infrastructure for URC called Ubiquitous Robotic Service Framework (URSF) is presented. URSF enables automated integration of networked robots in a ubiquitous computing environment by the use of Semantic Web Services Technologies.     

Enhancing Availability of Grid Computational Services to Ubiquitous Computing Applications

The Grid is an integrated infrastructure that can play the dual roles of a coordinated resource consumer as well as a donator in distributed computing environments. The enormous growth in the use of mobile and embedded devices in ubiquitous computing environment and their interaction with human beings produces a huge amount of data that need to be processed efficiently anytime anywhere. However, such devices often have limited resources in terms of CPU, storage, battery power, and communication bandwidth. Thus, there is a need to transfer ubiquitous computing application services to more powerful computational resources. In this paper, we investigate the use of the Grid as a candidate for provisioning computational services to applications in ubiquitous computing environments. In particular, we present a competitive model that describes the possible interaction between the competing resources in the Grid Infrastructure as service providers and ubiquitous applications as subscribers. The competition takes place in terms of quality of service (QoS) and cost offered by different Grid Service Providers (GSPs). We also investigate the job allocation of different GSPs by exploiting the noncooperativeness among the strategies. We present the equilibrium behavior of our model facing global competition under stochastic demand and estimate guaranteed QoS assurance level by efficiently satisfying the requirement of ubiquitous application. We have also performed extensive experiments over Distributed Parallel Computing Cluster (DPCC) and studied overall job execution performance of different GSPs under a wide range of QoS parameters using different strategies. Our model and performance evaluation results can serve as a valuable reference for designing appropriate strategies in a practical grid environment.     

A low distortion image enhancement scheme based on multi-resolutions analysis in next generation network

With the advent of Next Generation Network (NGN), services that are currently provided by multiple specific network-centric architectures. NGN provides AAA (Anytime, Anywhere and Always on) access to users from different service providers with consistent and ubiquitous provision of services as necessary. This special issue of NGN includes pervasive, grid, and peer-to-peer computing to provide computing and communication services at anytime and anywhere. In fact, the application of NGN includes digital image processing, multimedia systems/services, and so on. Here we focus on the digital image processing technology in NGN environments. Low-contrast structure and heavy noise in NGN environments can be found in many kinds of digital images, which makes the images vague and uncertainly, especially in x-ray images. As result, some useful tiny characteristic are weakened—which are difficult to distinguish even by naked eyes. Based on the combination of no-linear grad-contrast operator and multi-resolution wavelet analysis, a kind of image enhancement processing algorithm for useful tiny characters is presented. The algorithm can enhance the tiny characters while confine amplifying noise. The analysis of the results shows that local regions of the image are enhanced by using the concept of the grad contrast to make image clearer adaptively. Experiments were conducted on real pictures, and the results show that the algorithm is flexible and convenient.     

Facilitating resource sharing and selection in ubiquitous multi-user environments

Mobile technologies have increased the interest of industry and academia in providing users with information and services anytime and anywhere. Some services are customized according to the users’ characteristics, attempting to create ubiquitous environments that enable such users to share and discover resources. However, research that addresses the creation of these environments is scant. In this article, we go further than single-user pervasive systems, by developing a support that manages shared resources in ubiquitous multi-user environments. Our contribution is a semantic matchmaking service capable of finding the most suitable resources that satisfy the users’ requirements. This service processes the users’ requests, their context, and the community participating in the resource sharing process, by respecting restrictions, the natural interaction among participants, and the changes that this interaction produces. We model the environment, shared resources, and users as dynamic entities that generate new information, which might affect the availability states of such resources. These states have been defined through the Contextual-Graphs formalism to incorporate new knowledge that can refine, extend, or customize such states, according to the users’ habits. Our matchmaking service has been deployed across the Computer Science Department of CINVESTAV-IPN research center, where it has been validated by means of several test cases.     

Recent advances in multimedia networking

In recent years, the ubiquity of multimedia services along with the proliferation of mobile devices and the demand for new audio and video applications are changing the life style of users. User demands for multimedia access anywhere, anytime from any device are creating new challenges for research communities from both academia and industry. It is expected that video-based services alone will account for 50 percent of all consumer network traffic in 2012 and we will continue to witness the explosive growth in users sharing multimedia content over the Internet. In this context, new network, application, and user-based approaches must be created to deal with such complex multimedia systems. This paper presents some of the recent advances in multimedia networking focusing primarily on areas that have been receiving attention recently and are expected to continue to generate further interests in coming years. These areas include Quality of Experience (QoE) and various related standardization issues, Content Distribution Networks (CDNs), multimedia communications, mobile Multimedia. This paper also briefly highlights some of the major challenges that still need to be addressed to enable the support and delivery of multimedia services anywhere, anytime over highly heterogeneous infrastructures and user terminal devices.     

A soft computing based location-aware access control for smart buildings

The evolution of wireless communications and pervasive computing is transforming current physical spaces into real smart environments. These emerging scenarios are expected to be composed by a potentially huge amount of heterogeneous smart objects which can be remotely accessed by users via their mobile devices anytime, anywhere. In this paper, we propose a distributed location-aware access control mechanism and its application in the smart building context. Our approach is based on an access control engine embedded into smart objects, which are responsible to make authorization decisions by considering both user location data and access credentials. User location data are estimated using a novel indoor localization system based on magnetic field data sent by user through her personal phone. This localization system implements a combination of soft computing techniques over the data collected by smartphones. Therefore, our location-aware access control mechanism does not require any intermediate entity, providing the benefits of a decentralized approach for smart environments. From the results obtained, we can consider our proposal as a promising approach to tackle the challenging security requirements of typical pervasive environments.     

SUTIL – Network selection based on utility function and integer linear programming

This work presents SUTIL, a mechanism for network selection in the context of next generation networks (NGN). SUTIL selection mechanism prioritizes networks with higher relevance to the application and lower energy consumption and it enables full and seamless connectivity to mobile user devices and applications. Consequently, SUTIL contributes to realize the vision of ubiquitous computing, in which services, devices, and sensor-enriched environments interact anytime, anywhere to accomplish human designed tasks. The provided solution is based on utility function and integer linear programming and it aims at: (i) maximizing the user satisfaction while meeting application QoS and (ii) minimizing the energy consumption of devices when connecting to a target network. The solution is global since it considers for a given base station all devices that are simultaneously candidate for handoff. Simulation results showed the benefits of SUTIL usage in NGN environments.     

Robust authentication and key agreement scheme preserving the privacy of secret key

In ubiquitous computing environments, people may obtain their services from application servers by using mobile devices at any time and anywhere. For convenience, most of those devices are small and of limited power and computation capacity. In this paper, we propose a robust user authentication and key agreement scheme suitable for ubiquitous computing environments. The main merits include: (1) a security-sensitive verification table is not required in the server; (2) the password can be chosen and changed freely by the clients and cannot be derived by the privileged administrator of the server; (3) all well-known security threats are solved in our proposed scheme; (4) the scheme does not have a serious time-synchronization problem; (5) the client and the server can establish a common session key; (6) the scheme is practical and efficient; (7) the scheme can preserve the privacy of the client’s secret key even if the secret information stored in a smart card is compromised.     

Agent societies and social networks for ubiquitous computing

In ubiquitous computing environments, providing appropriate services and information to users at the right place in the right way is challenging for many reasons: different user interests, heterogeneous devices and services, dynamic networks, information overload, or differing privacy levels, for example. Agent technology is a paradigm expected to play an increasing role in complex computing environments, and due to the increasing popularity of social networking services, we expect to see the convergence of agent and social web technologies. The goal of this theme issue is to bring together state-of-the-art research contributions that examine the convergence of agent technologies and social networks for ubiquitous computing.     

普适计算的信任认证

在普适计算环境中，用户能够在任何时间、任何地点访问资源，获得服务。但是这种无处不在性和移动性的环境带来了新的安全问题。资源的拥有者和请求者一般互相不知道。认证是安全的基石，没有认证，系统的保密性、完整性和可用性都将受到影响。可是传统认证是基于身份的认证，不适合普适环境中对陌生实体的认证。本文在分析普适计算的认证要求后，指出了在普适计算环境中应该先在陌生的实体间建立信任关系，然后可以用几乎所有的标准密钥交换协议进行安全认证。提出了用资源限制信任协商技术在陌生人之间建立信任关系。由于它避免了大量的公钥密码操作所带来的计算负担，因此比较适合计算能力有限的设备之间建立信任关系。     

An adaptive access method for broadcast data under an error-pronemobile environment

A ubiquitous information environment can be achieved by the mobile computing technologies. In this environment, users carrying their portable computers can retrieve local or remote information anywhere and at anytime. Data broadcast, with its advantages, has become a powerful means to disseminate data in wireless communications. Indexing methods for the broadcast data have been proposed to speedup access time and reduce power consumption. However, the influence of access failures has not been discussed. For the error-prone mobile environment, the occurrence of access failures is often due to disconnections, handoffs, and communication noises. Based on the distributed indexing scheme, we propose an adaptive access method which tolerates the access failures. The basic idea is to use index replication to recover from the access failures. One mechanism, named search range, is provided to dynamically record the range where the desired data item may exist. According to the search range, an unfinished search can be efficiently resumed by finding an available index replicate. A performance analysis is given to show the benefits of the method. Also, the concept of version bits is applied to deal with the updates of the broadcast data     

Experimenting with IDA* search algorithm in heterogeneous pervasive environments

Today, mobile and smart phones are often viewed as enablers of pervasive computing systems because they provide anytime and anywhere access to information services and computational resources. However, mobile devices are inherently constrained in their computational power and battery capacity making them mere “dumb terminals” connected to a resource-rich pervasive environment. If they are ever to play a more prominent role as true elements of a pervasive environment, mobile devices must be able to embed more application logic and delegate processing requests to pervasive infrastructure. In this paper we discuss distribution and offloading of computationally intensive tasks in pervasive environments populated by mobile devices. This approach is illustrated by experimenting with a distributed version of iterative deepening A* search algorithm. In our approach, the solution space of a problem being solved is partitioned and distributed among heterogeneous mobile devices, which yields a significant increase in the time of finding an optimal solution. Distributed IDA* search algorithm does not require any coordination or communication between mobile devices, but added inter-processor communication through shared memory further increases the efficiency of the algorithm. This paper presents the results of our experiments with the algorithm and discusses a number of issues related to its implementation.     

普适计算：人本计算

普适计算强调以人为本的计算思想，它主张计算应迎合人的习性，自主地与使用者产生互动，使用户能集中精力于所要完成的任务。在普适计算环境下，计算将融入到人们的日常生活之中，使人们能够随时随地无妨碍地获得计算和信息服务。综述了普适计算的发展历史、现状和研究热点，分析和讨论了普适计算的概念和特性，最后对目前一些具有代表性的普适计算研究项目进行了简要的介绍和分析。