Location-aware communications in smart environments

We present a location-aware communication approach for smart home environments that is based on a symbolic location model that represents the containment relationships between physical objects, computing devices, and places. The approach enables people and devices to discover and connect with communication partners based on their co-locations. It also provides non-smart objects, including home appliances, everyday objects, and places, with virtual counterparts, which both represent them and work as proxies for their targets. We present the design for this approach and describe its implementation and applications.     

A location model for smart environments

This paper presents a location model for location-aware and user-aware services in smart environments. It can be dynamically organized like a tree based on geographical containment, such as that in a user–room–floor–building hierarchy and each node in the tree can be constructed as an executable software component. The model is unique in existing approaches because it enables location-aware services to be managed without any database servers, it can be managed by multiple computers, and it can provide a unified view of the locations of not only physical entities and spaces, including users and objects, but also computing devices and services. A prototype implementation of this approach was constructed on a Java-based mobile agent system. This paper presents the rationale, design, implementation, and applications of the prototype system.     

Access control management for ubiquitous computing

The purpose of ubiquitous computing is anywhere and anytime access to information within computing infrastructures that is blended into a background and no longer be reminded. This ubiquitous computing poses new security challenges while the information can be accessed at anywhere and anytime because it may be applied by criminal users. Additionally, the information may contain private information that cannot be shared by all user communities. Several approaches are developed to protect information for pervasive environments against malicious users. However, ad hoc mechanisms or protocols are typically added in the approaches by compromising disorganized policies or additional components to protect from unauthorized access.In this paper, we present a usage control model to protect services and devices in ubiquitous computing environments, which allows the access restrictions directly on services and object documents. The model not only supports complex constraints for pervasive computing, such as services, devices and data types but also provides a mechanism to build rich reuse relationships between models and objects. Finally, comparisons with related works are analysed.     

Dynamic Service Composition in Pervasive Computing

Service-oriented architectures (SOAs) promise to provide transparency to resource access by exposing the resources available as services. SOAs have been employed within pervasive computing systems to provide essential support to user tasks by creating services representing the available resources. The mechanism of combining two or more basic services into a possibly complex service is known as service composition. Existing solutions to service composition employ a template-matching approach, where the user needs are expressed as a request template, and through composition, a system would identify services to populate the entities within the request template. However, with the dynamism involved in pervasive environments, the user needs have to be met by exploiting available resources, even when an exact match does not exist. In this paper, we present a novel service composition mechanism for pervasive computing. We employ the service-oriented middleware platform called pervasive information communities organization (PICO) to model and represent resources as services. The proposed service composition mechanism models services as directed attributed graphs, maintains a repository of service graphs, and dynamically combines multiple basic services into complex services. Further, we present a hierarchical overlay structure created among the devices to exploit the resource unevenness, resulting in the capability of providing essential service-related support to resource-poor devices. Results of extensive simulation studies are presented to illustrate the suitability of the proposed mechanism in meeting the challenges of pervasive computing user mobility, heterogeneity, and the uncertain nature of involved resources.     

Trust-based authentication scheme with user rating for low-resource devices in smart environments

In smart environments, pervasive computing contributes in improving daily life activities for dependent people by providing personalized services. Nevertheless, those environments do not guarantee a satisfactory level for protecting the user privacy and ensuring the trust between communicating entities. In this study, we propose a trust evaluation model based on user past and present behavior. This model is associated with a lightweight authentication key agreement protocol (Elliptic Curve-based Simple Authentication Key Agreement). The aim is to enable the communicating entities to establish a level of trust and then succeed in a mutual authentication using a scheme suitable for low-resource devices in smart environments. An innovation in our trust model is that it uses an accurate approach to calculate trust in different situations and includes a human-based feature for trust feedback, which is user rating. Finally, we tested and implemented our scheme on Android mobile phones in a smart environment dedicated for handicapped people.     

基于感知控制的场景界面设计方法

在普适环境下,计算环境的复杂性使普通用户不易通过预定义的操作来控制系统的状态,致使用户界面设计不能正确反映系统 的特征。为此,提出一种基于感知控制的场景设计方法。该方法利用感知控制理论对使用场景进行分析,导出用户意图控制的对象及策 略,并在此基础上重新设计使用场景,从用户任务的角度出发,使所得到的界面满足用户感知控制的需要。通过案例分析证明该方法的有效性。     

A lightweight conditional privacy-preserving authentication and access control scheme for pervasive computing environments

In pervasive computing environments, the users can get access to the services from the service providers in a highly desirable way. But the security of the user's authentication is a challenging field. Pervasive computing environments must provide the service to only legitimate users. On the other hand, some users attempt to keep their anonymity without revealing their identities while using some privacy-related services such as location information, printing, buying shares, etc. In this paper, we propose a conditional privacy-preserving authentication and access control scheme for pervasive computing environments, called CPriauac. Compared with the previous schemes in the literature, registration servers and authentication servers in the proposed scheme need not maintain any sensitive verification tables. The management of public keys is easier. Furthermore, the anonymity of the user can be removed efficiently once the dispute happens. The proposed scheme provides user anonymity against outside and inside parties, mutual authentication, accountability and differentiated access control.     

Requesting Pervasive Services by Touching RFID Tags

As the vision of pervasive computing gradually becomes a reality, we are seeing an increasing number of services in our everyday environments. We don't just access them at desktop computers but everywhere our activities lead us-using mobile terminals and built-in technology. Although a positive phenomenon, this transition also introduces considerable challenges to discovering and selecting services. The authors propose a general framework for requesting pervasive services by touching RFID tags. Visual symbols communicate to users the objects that they can touch and that activate services. When a user touches such a symbol with a mobile phone, the data stored in the tag and other contextual information related to the situation trigger the requested service. The authors designed a set of visual symbols and implemented the required functionality as component-based middleware. They studied this novel system's usability and user experience. This article is part of a special issue on RFID Technology.     

Your Way Your Missions: A Location-Aware Pervasive Game Exploiting the Routes of Players

With the development of pervasive computing, location-aware pervasive games have proliferated quickly. To counter the inefficiency of information adaptation based on a location and a radius, this article presents the design and implementation of Your Way Your Missions (YWYM), which is a location-aware pervasive game exploiting the routes of players. YWYM provides a Google Maps–based tool for players to predefine routes, and utilizes self-reporting method to obtain the planned routes of players. By such a design, missions are returned to players in terms of the location properties of missions and the planned routes of players. A field study was conducted to investigate the usage of YWYM, and the results indicate that route predefining and self-reporting methods are an effective approach to obtain the planned routes of players, and information adaptation based on the planned routes of players could help them find missions at any place and any time.     

Securely outsourcing the ciphertext-policy attribute-based encryption

Attribute-based Encryption (ABE) is a new and promising public key encryption that allows fine-grained authorization on data based on user attributes. Such property is favorable for multiple applications that require encrypted storage or access control on data, in particular: eHealth applications. However, ABE schemes are known not to be efficient in the encryption phase because ciphertext size and the time required to encrypt grow with the complexity of the access policy. Such drawback is critical in the context of pervasive computing, for instance, in the Internet of Things, where data producers are usually resource-constrained devices, e.g. smart phones or sensing platforms. In this work, we propose OEABE standing for Outsourcing mechanism for the Encryption of Ciphertext-Policy ABE (CP-ABE). We show how a user can offload expensive operations of CP-ABE encryption to a semi-trusted party in a secure manner. Our proposed mechanism requires only one exponentiation on resource-constrained devices. We provide also an informal security analysis of possible attacks from a semi-honest adversary against the proposed solution. To demonstrate the performance gains of our mechanism, we first conducted a performance estimation on an emulated Wismote sensor platform. Then, we implemented our proposal and did comparison to an existing implementation of CP-ABE on a laptop.     

A specification model for context-based collaborative applications

This paper presents a model for building context-based systems in pervasive computing environments from high level specifications. A pervasive computing environment is viewed as a collaboration space consisting of mobile users, system services, and sensors and resources embedded in the physical environment. The approach presented here is developed for building collaborative activities in which users and environment services cooperate towards some shared objectives and tasks. The specification model allows expression of policies related to context-based discovery and secure access of resources, and role-based interactions among users and environmental services. Using several examples we illustrate the capabilities of our specification model for expressing various kinds of context-based requirements for resource access and user interactions.     

Location awareness through trajectory prediction

Location-aware computing is a type of ubiquitous computing that uses user’s location information as an essential parameter for providing services and application-related optimization. Location management plays an important role in location-aware computing because the provision of services requires convenient access to dynamic location and location-dependent information. Many existing location management strategies are passive since they rely on system capability to periodically record current location information. In contrast, active strategies predict user movement through trajectories and locations. Trajectory prediction provides richer location and context information and facilitates the means for adapting to future locations. In this paper, we present two models for trajectory prediction, namely probability-based model and learning-based model. We analyze these two models and conduct experiments to test their performances in location-aware systems.     

Privacy-Conscious Location-Based Queries in Mobile Environments

In location-based services, users with location-aware mobile devices are able to make queries about their surroundings anywhere and at any time. While this ubiquitous computing paradigm brings great convenience for information access, it also raises concerns over potential intrusion into user location privacy. To protect location privacy, one typical approach is to cloak user locations into spatial regions based on user-specified privacy requirements, and to transform location-based queries into region-based queries. In this paper, we identify and address three new issues concerning this location cloaking approach. First, we study the representation of cloaking regions and show that a circular region generally leads to a small result size for region-based queries. Second, we develop a mobility-aware location cloaking technique to resist trace analysis attacks. Two cloaking algorithms, namely MaxAccu_Cloak and MinComm_Cloak, are designed based on different performance objectives. Finally, we develop an efficient polynomial algorithm for evaluating circular-region-based kNN queries. Two query processing modes, namely bulk and progressive, are presented to return query results either all at once or in an incremental manner. Experimental results show that our proposed mobility-aware cloaking algorithms significantly improve the quality of location cloaking in terms of an entropy measure without compromising much on query latency or communication cost. Moreover, the progressive query processing mode achieves a shorter response time than the bulk mode by parallelizing the query evaluation and result transmission.     

Trust-based security in pervasive computing environments

Traditionally, stand-alone computers and small networks rely on user authentication and access control to provide security. These physical methods use system-based controls to verify the identity of a person or process, explicitly enabling or restricting the ability to use, change, or view a computer resource. However, these strategies are inadequate for the increased flexibility that distributed networks such as the Internet and pervasive computing environments require because such systems lack central control and their users are not all predetermined. Mobile users expect to access locally hosted resources and services anytime and anywhere, leading to serious security risks and access control problems. We propose a solution based on trust management that involves developing a security policy, assigning credentials to entities, verifying that the credentials fulfill the policy, delegating trust to third parties, and reasoning about users' access rights. This architecture is generally applicable to distributed systems but geared toward pervasive computing environments     

Enabling user-oriented management for ubiquitous computing: The meta-design approach

This paper presents iPlumber, a user-oriented management system for ubiquitous computing environments. Different from previous low-benefit “zero-configuration” systems or high cognitive-cost “end user programming” tools, our work attempts to attain a better balance between user benefits and cost by exploring the meta-design approach. A set of typical management activities in ubicomp environments are supported, from basic-level software sharing, foraging, and low-cost software configuration to advanced-level cooperative software co-design and error handling. These activities are elaborated through a smart home control scenario. The usability of our system is validated through an initial user study with a total of 33 subjects to test the management activities from an open exhibition environment and a controlled university environment.     

面向普适计算的自适应模糊访问控制方法

普适环境中的上下文信息是普适访问控制的关键因素,对主体的授权和对主体使用权限过程的控制具有决定性影响。系统安全强度和安全策略应随上下文的变化而动态改变。传统访问控制模型均未考虑上下文对安全强度和安全策略的动态影响,不适合普适计算环境。提出了普适环境下安全强度和安全策略随上下文动态变化的思想,基于区间值模糊集合理论建立了上下文信息相关的产生式规则,设计了一种简单高效的区间值模糊访问控制方法,以提高普适计算系统中安全强度和安全策略的自适应性,更符合普适环境。     

Architectural patterns for applications with external user interface elements

Coupling mobile devices and other remote interaction technology with software systems surrounding the user enables for building interactive environments under explicit user control. The realization of explicit interaction in ubiquitous or pervasive computing environments introduces a physical distribution of input devices, and technology embedded into the environment of the user. To fulfill the requirements of emerging trends in mobile interaction, common approaches for system design need adaptations and extensions. This paper presents the adaptation and extension of the Model-View-Controller approach to design applications of remote, complementary, duplicated and detached user interface elements.     

MINING USER GOALS FOR INDOOR LOCATION‐BASED SERVICES WITH LOW ENERGY AND HIGH QoS

Location‐based services (LBSs) play a very important role in pervasive computing environment, and QoS (quality of service) is one of the key evaluations for LBS. To maintain high QoS, the traditional approaches rely on accurate and continuous localization. However, the energy consumption of the mobile device under this situation is often too high for practical applications. Thus, it seems that the energy consumption and QoS become two conflicting factors in LBS systems. In this article, a new adaptive goal‐aware computing framework (Adaware) is proposed to solve this contradiction. We show that the QoS of LBS can be evaluated by recognizing user goals. We design new algorithms to mine user goals from discontinuous location data to reduce the energy consumption while keeping a high QoS at the same time. More specifically, Adaware employs an accelerometer to implement motion‐based localization, which greatly reduces the unnecessary energy consumption on Wi‐Fi scanning compared to the original continuous localization methods. Then based on the estimated discontiguous critical point traces which have been postprocessed by our proposed Localization Confident Coefficient filter method, a novel N‐gram goal inference algorithm is used to predict the accurate goal. The experimental results in real‐world wireless network environments validate the effectiveness of our framework. We can get 80% QoS under 70% location estimation accuracy within 10 meters and 30% energy saving compared to continuous Wi‐Fi scanning.     

基于普适计算环境的三维空间RSSI位置感知研究

文中对室内定位应用中可能的几种技术进行了分析与对比,指出了各自的缺陷与不足。通过分析指出无线传感器网络自身的特点较其他几种技术更好地适应了普适计算环境对于位置感知服务的需求。采用无线传感器节点,把基于RSSI技术的测距方法作为研究位置感知的主要途径,提出了可行的三维空间位置感知模型及其相应的误差修正方案,并进行了充分的实验验证,证明该模型可以定位出目标较为准确的位置,其中所提出的误差修正方案很好地校正了目标点的实际位置。