WEB-SERVICES ARCHITECTURE FOR PERVASIVE COMPUTING ENVIRONMENT

N. A. Malik and A. Tomlinson

Information Security Group, Royal Holloway, Uniersity of !ondon, "#$am, Surrey, U%.
&orrespondin# Aut$or' Na(ir.Malik)r$ul.ac.uk
ABSTRACT
*it$ t$e eer increasin# s$ift towards perasie computin# to proide +etter serices to t$e user +ased on t$e user,s conte-t
and location of t$e user, t$ere is a need for t$e deelopment of secure arc$itecture for u+i.uitous computin#. T$e paper
reiews few e-istin# security arc$itectures and t$en proposes we+/serices arc$itecture for perasie computin#. A num+er
of solutions $ae +een proposed in t$e literature includin# open source protocols to implement t$e security in perasie
enironment. Howeer, most of t$e proposed arc$itectures rely on t$e intermediate serers to securely transfer data and
communication +etween end user. T$is mi#$t +e a suita+le in certain scenarios +ut t$e +road ran#e of users is not
comforta+le to accept and deploy suc$ solutions. "nd/to/end secure communication +etween users is a key for t$e
communication protocol to +e considered for deployment +y +road ran#e of users. T$e paper presents a we+ serices
arc$itecture for perasie computin# enironment usin# open standards to implement a secure arc$itecture.
Keywords' *e+ serices0 SAM!0 1erasie &omputin#0 *e+ Serices Security0 Aut$entication Assertions0
INTRODUCTION
T$e a+ility of smart deices and smart applications to
identify current operatin# conditions or conte-t and adapt
t$eir +e$aior on t$e +asis of t$e conte-t is termed as
conte-t awareness. *it$ t$e fast pace deelopment of new
computin# paradi#ms, t$e ision of u+i.uitous 2 perasie
computin# is +ecomin# a reality into our daily lies. T$e
implementation of conte-t awareness in conte-t/aware
computin# is a ast concept t$at encompasses all possi+le
parameters identifyin# a particular situation. T$e
applications and frameworks are +ein# defined to identify
conte-t and releant parameters limited +y t$eir scope. As
its an emer#in# tec$nolo#y, a num+er of c$allen#es in
conte-t aware computin# paradi#m e-ist w$ic$ need to +e
addressed to make perasie computin# a reality. 3ue to
$etero#eneous nature of t$e perasie computin# and
u+i.uity of communication deices, serice adaptation is
re.uired durin# run time 4Malik et al., 56678. T$e entities
inoled in a conte-t settin# include t$e persons, t$e o+9ects
and t$e computin# resources present in t$e enironment
43ey et al., :;;;8. Humans +ein# a ery comple-
arc$itecture are .uite successful at coneyin# t$eir t$ou#$ts
to eac$ ot$er in an implicit natural way. T$is is +ecause
$umans communicate t$rou#$ ric$ lan#ua#es as well as
#estures and e-pressions. Modern u+i.uitous computer
systems lack an automatic mec$anism of inferrin#
information like $umans do. <y improin# t$e a+ility of
computers to #at$er conte-t and infer it, t$e ric$ness of
communication in $uman/computer interaction increases
t$at results in a more powerful and more useful
computational enironment.
To reali(e t$e deelopment and deployment of
perasie deices, t$e desi#n of secure perasie
arc$itecture encompassin# security in all aspects is
paramount. T$e final reali(ation of perasie enironment,
in w$ic$ eac$ deice communicates wit$ ot$er deice
seamlessly wit$out user interention, non/intrusie
aut$entication and encryption mec$anism, needs a
considera+le amount of time +ecause of arious standards
and protocols +ein# implemented in wireless deices. T$e
limitation of +andwidt$, memory and processin# powers of
mo+ile deices pose anot$er c$allen#e for implementin#
aut$entication and encryption mec$anism in eac$ mo+ile
deice.
T$is paper is in continuation to our work for
deelopin# a secure perasie enironment in an enterprise
network. A num+er of solutions $ae +een proposed in t$e
literature includin# open source protocols to implement t$e
security in perasie enironment. Howeer, most of t$e
proposed arc$itectures rely on t$e intermediate serers to
securely transfer data and communication +etween end user.
T$is mi#$t +e a suita+le in certain scenarios +ut t$e +road
ran#e of users is not comforta+le to accept and deploy suc$
solutions. "nd/to/end secure communication +etween users
is a key for t$e communication protocol to +e considered for
deployment +y +road ran#e of users.
RELATED RESEARCH
A security +y contract arc$itecture 4S-&8 is proposed +y
43ra#oni et al., 56678, +ased on t$e mo+ile contract w$ic$ a
mo+ile download carries wit$ itself. It proposes layered
security arc$itecture for perasie serices and discusses t$e
t$reat and miti#ation serices for correspondin# t$reats and
interaction modalities for security serices layer. Anot$er
approac$ to address t$e pro+lem of security in personal
network is proposed in 4=e$an#ir et al., 566>8. T$e solution
is tailored +ased on t$e needs of constrained deices and
wireless communication. It focuses on t$e pair/wise keys for
secure cluster formation and #roup keys for intra cluster
communication. It uses t$e #roup aut$entication for
increased efficiency and security a#ents to aut$enticate t$e
deices in t$e system.
In case of conte-t sensitie enironment, t$e
concepts needs to +e more tailored to t$e deices w$ic$
communicate and update t$emseles. In perasie
enironment, t$e security framework needs to +e conte-t/
sensitie also 41i#eot et al., 56678. It proposes a modular
security enironment inte#rated wit$ 1erS" arc$itecture
w$ic$ ena+les a user to define priacy and security policy in
perasie enironment. T$e modular approac$ proides
security and priacy at different leels i.e. messa#e filter and
resource access filter.
T$e serices +ein# proided in t$e perasie
enironment needs t$e secure mec$anism for access control
also. Team/+ased access control 4TMA&8 proposes a R<A&
for colla+oratie enironments 4T$omas, :;;78. It addresses
t$e issue of access control to t$e collection of users in
specific roles to accomplis$ a specific task. In perasie
enironment, t$e colla+oration +etween t$e enterprise
collea#ues to ac$iee a sin#le #oal workin# as a team w$ile
maintainin# t$e secure enironment and priacy of personal
data is also ery important for effectie implementation of
t$e system. T$e use of security/releant conte-t to proide
access control is proposed in 4&oin#ton et al., 56658. It
proides arc$itecture for aut$entication serice, access
control and adapta+le security system +ased on current
conte-t in t$e enironment. An arc$itecture is proposed
+ased on current status in com+ination wit$ ideolo#ical and
security mec$anisms in 4!iu et al., 566>8. T$e in$erent
nature of t$e perasie deices to communicate seamlessly
wit$ eac$ ot$er re.uires e-tensie code e-ecution, w$ic$
also needs to +e considered and catered for. Hy+rid met$od
of code analysis and component composition tec$ni.ues is
descri+ed in 4!lewellyn/=ones et al., 566?8.
WEB SERVICES SECURITY
*e $ae c$osen e@tensi+le Markup !an#ua#e 4@M!8
4<ray et al., 566A8 as standard for e-c$an#in# information
+etween t$e deices in perasie enironment. @M!
proides a standard to descri+e, communicate and
implement t$e we+ serices arc$itecture. In contrast to ot$er
pro#rammin# lan#ua#es w$ic$ focus on processin# and
actions, @M! focuses on contents and o+9ects. @M! is
structured as self/descri+in# way to represent data t$at is
totally independent of application, protocol, oca+ulary,
operatin# system, or een pro#rammin# lan#ua#e. SBA1
4Gud#in et al., 56678 proides platform independent and
also data independent serice interfaces. SBA1 transports
@M! from one computer to anot$er ia a num+er of
standard transport protocols. SBA1 itself is defined usin#
@M!, and it proides an e-tensi+le mec$anism t$at allows
one application to send an @M! messa#e to anot$er. After
definin# t$e contents of a messa#e in @M!, SBA1 moes
t$e data from one place to anot$er oer t$e network. It
allows t$e sender and receier to support common data
transfer protocol. Uniersal 3escription, 3iscoery and
Inte#ration 4U33I8 proides a way to discoer t$e proider
and serices +ein# offered +y t$ose proiders 4&lement et
al., 566C8. *e+ Serices 3escription !an#ua#e 4*S3!8
proides interfaces to *e+ Serices. It is also an @M!
lan#ua#e t$at defines t$e set of operations t$at a serice
proides and t$e structure of t$eir related SBA1 messa#es.
@M! defines SBA1, U33I and *S3! 4&$ristensen et al.,
566:8. T$e relatie links +etween all t$ese related
tec$nolo#ies are s$own in Di#. :.

F!" #" We$ Ser%&es Te&'(o)o!es
To proide security related mec$anism usin# @M!,
we $ae c$osen Security Assertion Markup !an#ua#e
4SAM!8 to communicate user aut$entication, aut$ori(ation
and attri+utes information. T$e underlyin# assumptions and
reasons to c$oose t$ese tec$nolo#ies are as follows'
T$ere e-ists a trusted T$ird 1arty in t$e
system, w$ic$ proides t$e correspondin# SAM!
assertions to eac$ indiidual user.
SAM! assertions are in t$e form of @M!
Sc$ema so it,s easy to implement in $etero#eneous
enironment een. SAM! assertions can also +e
useful for scala+ility of t$e system at later sta#e.
SAM! assertions proide t$e data a+out
aut$entication, aut$ori(ation and attri+utes.
*e+ Serices
*S3! SBA1 U33I
@M! Standards
Transport 1rotocols
Internet 1rotocols
T$e assertion represents t$at t$e entity
$oldin# t$e assertion is reco#ni(ed +y t$e TT1 for
correspondin# assertions e.#. t$e aut$entication
assertion represents t$at t$e entity $as +een
aut$enticated.
T$e receier of t$e SAM! assertions
c$ecks w$et$er t$e receier trusts t$e TT1 and
t$ere+y accepts t$e assertions as true or ot$erwise.
SAM! assertions can also work wit$ @M!
si#natures, @M! encryption, HTT1, @M11 and
SBA1 specifications.
T$e users are first re#istered wit$ t$e TT1
and TT1 assi#ns t$em t$e SAM! Assertions.
SAM! assertions can also +e used +y t$e
applications w$ic$ are not communicatin# usin#
*e+ Serices een.
PROPOSED ARCHITECTURE
T$e final implementation of perasie enironment inoles
t$e use of deices +y aera#e users and not only +y
researc$ers. T$e implementation of security sc$emes need
to +e transparent to t$e end user. A num+er of security
tec$nolo#ies are already aaila+le on almost all layers of
protocol stacks. T$e implementation and confi#uration of
t$ese sc$emes are already comple- and t$e inolement of
end user to confi#ure and implement t$ese sc$emes will
make t$e perasie enironment ulnera+le to a lot of
security loop $oles. A weak link in t$e enironment mi#$t
#ie a trust leel to malicious user w$o can furt$er use t$e
resources as aut$ori(ed user. T$erefore, security sc$emes
must +e user friendly for deployment of security and
+uildin# of trust.
F!" *" Se&+re Per%,s%e Ar&'-e&-+re
Re!s-r,-o( ,(d Asser-o(s Mod+)e. Bnce a new user
enters in t$e system, it needs to +e re#istered wit$ t$e
Trusted T$ird 1arty 4TT18 of t$e or#ani(ation. Alternately,
t$e user may present $is credentials from anot$er TT1 of $is
or#ani(ation to #et access tokens from t$e current TT1. In
perasie enironment, t$e user can +e part of multiple
domains and if t$e user is $ain# a trusted identity in one
domain t$en $is credentials may +e used in any ot$er
domain w$ic$ $e is isitin#. T$e concept of porta+le
identity can +e effectiely utili(ed in t$e perasie
enironment, w$ere a user esta+lis$es a trusted identity in
one domain +y re#isterin# $imself wit$ a TT1 and $is
credentials are aaila+le to +e utili(ed to #ie $im access
ri#$ts in ot$er domains. Bnce t$e user is re#istered wit$ t$e
TT1 +ased on its present conte-t or credentials from $is
parent or#ani(ation. T$e user is assi#ned SAM! assertions.
T$e SAM! assertions may contain Aut$entication,
Aut$ori(ation and Attri+utes of t$e user. T$e steps to
re#ister and #ie assertion are as follows'
A new user enters t$e system wit$ a new
deice.
New deice is re#istered wit$ t$e TT1 +y
re#isterin# user name, password and MA& address
of t$e deice.
Attri+utes of t$e user are recorded to
proide attri+ute assertion to t$e entities w$ic$
re.uire t$e confirmation of t$e aut$enticity of t$e
user.
&orrespondin# to aut$entication assertion
and attri+ute assertions, aut$ori(ation assertions are
#enerated +ased on "nterprise,s and user,s policy at
131 41olicy 3ecision 1oint8 and 1"1 4policy
"nforcement 1oint8.
A&&ess Co(-ro) Mod+)e. T$e function of t$e Access
&ontrol Module 4A&M8 is to c$eck t$e aut$entication
assertions +efore #rantin# access to t$e user of t$e enterprise
or user data. T$e SAM! assertions are receied +y t$e A&M
and it acknowled#es t$e aut$entication credentials +ased on
w$et$er it trusts t$e TT1 or not and t$ere+y t$e assertions
are re#arded as true of false. Aut$entication assertions
identify t$e user as t$e one w$o $e claims to +e. T$ese
credentials alon# wit$ t$e attri+utes and aut$ori(ation
credentials are used to decide a+out t$e leel of aut$ori(ation
assi#ned to t$e re.uestin# user.
A+-'or/,-o( Mod+)e. After erifyin# t$e aut$entication
credentials, A&M erifies t$e aut$ori(ation data wit$
Aut$ori(ation Module to c$eck t$e leel of aut$ori(ation
+ased on aut$entication and attri+ute assertions proided +y
t$e re.uestin# user. Aut$ori(ation module #rants t$e
aut$ori(ation leels dependin# upon t$e attri+utes of t$e user
and its aut$entication leel. T$e aut$ori(ation assertions
ena+le t$e user to perform specific actions in t$e isitin#
domain.
Se&+r-y Po)&y I01)e0e(-er. Security 1olicy Implementer
4S1I8 acts as 1olicy "nforcement 1oint 41"18 and 1olicy
3ecision 1oint 41318. After erifyin# t$e aut$entication
credentials, A&M erifies t$e aut$ori(ation data wit$
Aut$ori(ation Module to c$eck t$e leel of aut$ori(ation
+ased on aut$entication and attri+ute assertions proided +y
t$e re.uestin# user. Aut$ori(ation module #rants t$e leel of
aut$ori(ation +ased on aut$entication and attri+ute
credentials.
If t$e SAM! assertions are erified, A&M will
approac$ t$e Security 1olicy Implementer. S1I +uilds
dynamic security policies takin# input from User 1ersonal
1riacy 1olicy and "nterprise 1olicy. "ac$ user can define
$is personal priacy policy as to w$at amount of data0 t$e
user can s$are wit$in enterprise or outside t$e enterprise.
"nterprise security policy takes t$e priority oer 1ersonal
1olicy of t$e indiidual user in matters relatin# to "nterprise
domain. T$e com+ination of User 1olicy and "nterprise
1olicy makes rules for S1I. Security 1olicy "nforcer allows
t$e access to aut$ori(ed data for w$ic$ t$e user $as +een
#ranted access +y seein# $is credentials and leel of Trust.
T$e followin# steps descri+e t$e oerall functionality of t$e
system'
A&M receies t$e new contact,s I3
includin# SAM! aut$entication assertions from t$e
new contact.
A&M erifies t$e SAM! assertions of t$e
new contact +y c$eckin# w$et$er it trusts t$e TT1.
o If t$e user trusts t$e TT1, it will take t$e
assertions as assurance of aut$entication of
t$e user.
o If t$e user doesn,t trust t$e assertion
proided +y t$e TT1, it can refuse t$e
connection wit$ t$e incomin# re.uest.
If t$e user trusts t$e TT1, it will c$eck t$e
attri+utes of t$e user +y passin# aut$entication
assertions to t$e TT1.
TT1 will return t$e #uaranteed correct
attri+utes of t$e new user correspondin# to t$e
aut$entication assertions.
A&M will pass on t$e aut$entication and
aut$ori(ation attri+utes to local aut$ori(ation
serice. 4An e-ternal SAM! aut$ori(ation serice
can also +e used similar to SAM! aut$entication
serice to c$eck w$et$er t$e user re.uestin#
particular serice is aut$ori(ed to perform specific
operation or is eli#i+le for particular serice8.
Bnce t$e user is aut$ori(ed +y t$e SAM!
aut$ori(ation serice for t$e use of a particular
serice, it will allow t$e re.uestin# user t$e
aut$ori(ed serices.
CONCLUSION
1erasie computin# researc$ field is still in its infancy and
a lot of researc$ efforts needs to +e done to see t$e actual
implementation of real perasie enironment. A lot of
focus is +ein# #ien on t$e serice discoery, conte-t
ac.uisition, conte-t cate#ori(ation and conte-t modelin# in
conte-t aware computin#. *e+ serices are used for
inte#ratin# information sources from +ot$ inside and outside
an enterprise. *e+ serices are simpler, standards/+ased,
and more loosely coupled tec$nolo#y for connectin# data,
systems, and or#ani(ations. Alt$ou#$ security sc$emes are
deried to +e implemented in t$e perasie enironment +ut
t$ey are +ein# implemented into already e-istin# perasie
computin# arc$itectures. No #enerali(ed arc$itecture e-ists
in perasie enironment t$erefore sc$emes are
implemented differently in eac$ case. T$e paper presents a
we+ serices arc$itecture for implementin# security in
perasie enironment usin# standard +ased tec$nolo#ies
w$ic$ are widely used and implemented.
REFERENCES
<ray, T., =. 1aoli, &. M. Sper+er#/McEueen, ".
Maler, D. Fer#eau 4566A8. "-tensi+le Markup
!an#ua#e 4@M!8 ersion :.6, Dift$ "dition, *G&
Recommendation.
&$ristensen, "., D. &ur+era, G. Meredit$ and S.
*eerawarana 4566:8. *e+ Serices 3escription
!an#ua#e 4*S3!8 ersion :.:, :C Marc$ 566:.
&lement, !. A. Hatley, &. Rie#en and T. Ro#ers
4566C8. Uniersal 3escription, 3iscoery and
Inte#ration 4U33I8 Standard. De+ruary 566C.
&oin#ton, M. =., 1. Do#la, H$an, H. and M.
A$amad 456658. A &onte-t/Aware Security
Arc$itecture for "mer#in# Applications. In'
1roceedin#s of :A
t$
Annual &omputer Security
Applications &onference, !as Ie#as, Neada,
USA. 5?;.
3ey, A. %. and G. 3. A+owd 4:;;;8. T$e &onte-t
Toolkit' Aidin# t$e 3eelopment of &onte-t/
ena+led Applications. In proccedin#s of
&onference on Human Dactors in &omputin#
Systems, 1itts+ur#$, USA. ?G:/??:.
3ra#oni, N., D. Massacci, &. Sc$aefer, T. *alter
and ". Ietillard 456678. A Security +y &ontract
Arc$itecture for 1erasie Serices. In proceedin#s
of T$ird International *orks$op on Security,
1riacy and Trust in 1erasie and U+i.uitous
&omputin#, Istan+ul, Turkey. ?;/C?.
Gud#in, M., M. Hadley, N. Mendelso$n, =.
Moreau, H. D. Nielson, A. %armarkar, F. !afon
456678. SBA1 ersion :.5, *G&
Recommendation.
=e$an#ir, A. and S. M. Heemstra 4566>8. A
Security Arc$itecture for 1ersonal Networks. In
T$ird Annual International &onference on Mo+ile
and U+i.uitous Systems / *orks$ops, San =ose,
&alifornia, USA. :/A.
!iu, F., D. !i 4566>8. 1&A' A Reference
Arc$itecture for 1erasie &omputin#. In'
1roceedin#s of :
st
International Symposium on
1erasie &omputin# and Applications, Urum.i,
&$ina. ;;/:6G.
!lewellyn/=ones, 3., M. Mera+ti, E. S$i and <.
Askwit$ 4566?8. A security framework for
e-ecuta+les in a u+i.uitous computin#
enironment. I""" Glo+al Telecommunications
&onference, 3allas, Te-as, USA . ?' 5:CA/5:>G.
Malik, N. A., U. Ma$mud, and M. F. =aed
456678. Duture &$allen#es in &onte-t Aware
&omputin#. In 1roceedin#s of ***2Internet
5667, Iilla Real, 1ortu#al. 5' G6>/G:6.
1i#eot, &., F. Gripay, M. Scuturici and . 1ierson
456678. &onte-t/Sensitie Security Dramework for
1erasie "nironments. In proceedin#s of Dourt$
"uropean &onference on Uniersal Multiserice
Networks, Toulouse, Drance. G;:/?66,
T$omas, R.%. :;;7. Team/+ased access control
4TMA&8' a primitie for applyin# role/+ased
access controls in colla+oratie enironments. In'
1roceedin#s of t$e 5
nd
A&M works$op on Role/
+ased access control, Dairfa-, Iir#inia, USA. :G/
:;.