WEB-SERVICES ARCHITECTURE FOR PERVASIVE COMPUTING ENVIRONMENT
N. A. Malik and A. Tomlinson
Information Security Group, Royal Holloway, Uniersity of !ondon, "#$am, Surrey, U%. &orrespondin# Aut$or' Na(ir.Malik)r$ul.ac.uk ABSTRACT *it$ t$e eer increasin# s$ift towards perasie computin# to proide +etter serices to t$e user +ased on t$e user,s conte-t and location of t$e user, t$ere is a need for t$e deelopment of secure arc$itecture for u+i.uitous computin#. T$e paper reiews few e-istin# security arc$itectures and t$en proposes we+/serices arc$itecture for perasie computin#. A num+er of solutions $ae +een proposed in t$e literature includin# open source protocols to implement t$e security in perasie enironment. Howeer, most of t$e proposed arc$itectures rely on t$e intermediate serers to securely transfer data and communication +etween end user. T$is mi#$t +e a suita+le in certain scenarios +ut t$e +road ran#e of users is not comforta+le to accept and deploy suc$ solutions. "nd/to/end secure communication +etween users is a key for t$e communication protocol to +e considered for deployment +y +road ran#e of users. T$e paper presents a we+ serices arc$itecture for perasie computin# enironment usin# open standards to implement a secure arc$itecture. Keywords' *e+ serices0 SAM!0 1erasie &omputin#0 *e+ Serices Security0 Aut$entication Assertions0 INTRODUCTION T$e a+ility of smart deices and smart applications to identify current operatin# conditions or conte-t and adapt t$eir +e$aior on t$e +asis of t$e conte-t is termed as conte-t awareness. *it$ t$e fast pace deelopment of new computin# paradi#ms, t$e ision of u+i.uitous 2 perasie computin# is +ecomin# a reality into our daily lies. T$e implementation of conte-t awareness in conte-t/aware computin# is a ast concept t$at encompasses all possi+le parameters identifyin# a particular situation. T$e applications and frameworks are +ein# defined to identify conte-t and releant parameters limited +y t$eir scope. As its an emer#in# tec$nolo#y, a num+er of c$allen#es in conte-t aware computin# paradi#m e-ist w$ic$ need to +e addressed to make perasie computin# a reality. 3ue to $etero#eneous nature of t$e perasie computin# and u+i.uity of communication deices, serice adaptation is re.uired durin# run time 4Malik et al., 56678. T$e entities inoled in a conte-t settin# include t$e persons, t$e o+9ects and t$e computin# resources present in t$e enironment 43ey et al., :;;;8. Humans +ein# a ery comple- arc$itecture are .uite successful at coneyin# t$eir t$ou#$ts to eac$ ot$er in an implicit natural way. T$is is +ecause $umans communicate t$rou#$ ric$ lan#ua#es as well as #estures and e-pressions. Modern u+i.uitous computer systems lack an automatic mec$anism of inferrin# information like $umans do. <y improin# t$e a+ility of computers to #at$er conte-t and infer it, t$e ric$ness of communication in $uman/computer interaction increases t$at results in a more powerful and more useful computational enironment. To reali(e t$e deelopment and deployment of perasie deices, t$e desi#n of secure perasie arc$itecture encompassin# security in all aspects is paramount. T$e final reali(ation of perasie enironment, in w$ic$ eac$ deice communicates wit$ ot$er deice seamlessly wit$out user interention, non/intrusie aut$entication and encryption mec$anism, needs a considera+le amount of time +ecause of arious standards and protocols +ein# implemented in wireless deices. T$e limitation of +andwidt$, memory and processin# powers of mo+ile deices pose anot$er c$allen#e for implementin# aut$entication and encryption mec$anism in eac$ mo+ile deice. T$is paper is in continuation to our work for deelopin# a secure perasie enironment in an enterprise network. A num+er of solutions $ae +een proposed in t$e literature includin# open source protocols to implement t$e security in perasie enironment. Howeer, most of t$e proposed arc$itectures rely on t$e intermediate serers to securely transfer data and communication +etween end user. T$is mi#$t +e a suita+le in certain scenarios +ut t$e +road ran#e of users is not comforta+le to accept and deploy suc$ solutions. "nd/to/end secure communication +etween users is a key for t$e communication protocol to +e considered for deployment +y +road ran#e of users. RELATED RESEARCH A security +y contract arc$itecture 4S-&8 is proposed +y 43ra#oni et al., 56678, +ased on t$e mo+ile contract w$ic$ a mo+ile download carries wit$ itself. It proposes layered security arc$itecture for perasie serices and discusses t$e t$reat and miti#ation serices for correspondin# t$reats and interaction modalities for security serices layer. Anot$er approac$ to address t$e pro+lem of security in personal network is proposed in 4=e$an#ir et al., 566>8. T$e solution is tailored +ased on t$e needs of constrained deices and wireless communication. It focuses on t$e pair/wise keys for secure cluster formation and #roup keys for intra cluster communication. It uses t$e #roup aut$entication for increased efficiency and security a#ents to aut$enticate t$e deices in t$e system. In case of conte-t sensitie enironment, t$e concepts needs to +e more tailored to t$e deices w$ic$ communicate and update t$emseles. In perasie enironment, t$e security framework needs to +e conte-t/ sensitie also 41i#eot et al., 56678. It proposes a modular security enironment inte#rated wit$ 1erS" arc$itecture w$ic$ ena+les a user to define priacy and security policy in perasie enironment. T$e modular approac$ proides security and priacy at different leels i.e. messa#e filter and resource access filter. T$e serices +ein# proided in t$e perasie enironment needs t$e secure mec$anism for access control also. Team/+ased access control 4TMA&8 proposes a R<A& for colla+oratie enironments 4T$omas, :;;78. It addresses t$e issue of access control to t$e collection of users in specific roles to accomplis$ a specific task. In perasie enironment, t$e colla+oration +etween t$e enterprise collea#ues to ac$iee a sin#le #oal workin# as a team w$ile maintainin# t$e secure enironment and priacy of personal data is also ery important for effectie implementation of t$e system. T$e use of security/releant conte-t to proide access control is proposed in 4&oin#ton et al., 56658. It proides arc$itecture for aut$entication serice, access control and adapta+le security system +ased on current conte-t in t$e enironment. An arc$itecture is proposed +ased on current status in com+ination wit$ ideolo#ical and security mec$anisms in 4!iu et al., 566>8. T$e in$erent nature of t$e perasie deices to communicate seamlessly wit$ eac$ ot$er re.uires e-tensie code e-ecution, w$ic$ also needs to +e considered and catered for. Hy+rid met$od of code analysis and component composition tec$ni.ues is descri+ed in 4!lewellyn/=ones et al., 566?8. WEB SERVICES SECURITY *e $ae c$osen e@tensi+le Markup !an#ua#e 4@M!8 4<ray et al., 566A8 as standard for e-c$an#in# information +etween t$e deices in perasie enironment. @M! proides a standard to descri+e, communicate and implement t$e we+ serices arc$itecture. In contrast to ot$er pro#rammin# lan#ua#es w$ic$ focus on processin# and actions, @M! focuses on contents and o+9ects. @M! is structured as self/descri+in# way to represent data t$at is totally independent of application, protocol, oca+ulary, operatin# system, or een pro#rammin# lan#ua#e. SBA1 4Gud#in et al., 56678 proides platform independent and also data independent serice interfaces. SBA1 transports @M! from one computer to anot$er ia a num+er of standard transport protocols. SBA1 itself is defined usin# @M!, and it proides an e-tensi+le mec$anism t$at allows one application to send an @M! messa#e to anot$er. After definin# t$e contents of a messa#e in @M!, SBA1 moes t$e data from one place to anot$er oer t$e network. It allows t$e sender and receier to support common data transfer protocol. Uniersal 3escription, 3iscoery and Inte#ration 4U33I8 proides a way to discoer t$e proider and serices +ein# offered +y t$ose proiders 4&lement et al., 566C8. *e+ Serices 3escription !an#ua#e 4*S3!8 proides interfaces to *e+ Serices. It is also an @M! lan#ua#e t$at defines t$e set of operations t$at a serice proides and t$e structure of t$eir related SBA1 messa#es. @M! defines SBA1, U33I and *S3! 4&$ristensen et al., 566:8. T$e relatie links +etween all t$ese related tec$nolo#ies are s$own in Di#. :.
F!" #" We$ Ser%&es Te&'(o)o!es To proide security related mec$anism usin# @M!, we $ae c$osen Security Assertion Markup !an#ua#e 4SAM!8 to communicate user aut$entication, aut$ori(ation and attri+utes information. T$e underlyin# assumptions and reasons to c$oose t$ese tec$nolo#ies are as follows' T$ere e-ists a trusted T$ird 1arty in t$e system, w$ic$ proides t$e correspondin# SAM! assertions to eac$ indiidual user. SAM! assertions are in t$e form of @M! Sc$ema so it,s easy to implement in $etero#eneous enironment een. SAM! assertions can also +e useful for scala+ility of t$e system at later sta#e. SAM! assertions proide t$e data a+out aut$entication, aut$ori(ation and attri+utes. *e+ Serices *S3! SBA1 U33I @M! Standards Transport 1rotocols Internet 1rotocols T$e assertion represents t$at t$e entity $oldin# t$e assertion is reco#ni(ed +y t$e TT1 for correspondin# assertions e.#. t$e aut$entication assertion represents t$at t$e entity $as +een aut$enticated. T$e receier of t$e SAM! assertions c$ecks w$et$er t$e receier trusts t$e TT1 and t$ere+y accepts t$e assertions as true or ot$erwise. SAM! assertions can also work wit$ @M! si#natures, @M! encryption, HTT1, @M11 and SBA1 specifications. T$e users are first re#istered wit$ t$e TT1 and TT1 assi#ns t$em t$e SAM! Assertions. SAM! assertions can also +e used +y t$e applications w$ic$ are not communicatin# usin# *e+ Serices een. PROPOSED ARCHITECTURE T$e final implementation of perasie enironment inoles t$e use of deices +y aera#e users and not only +y researc$ers. T$e implementation of security sc$emes need to +e transparent to t$e end user. A num+er of security tec$nolo#ies are already aaila+le on almost all layers of protocol stacks. T$e implementation and confi#uration of t$ese sc$emes are already comple- and t$e inolement of end user to confi#ure and implement t$ese sc$emes will make t$e perasie enironment ulnera+le to a lot of security loop $oles. A weak link in t$e enironment mi#$t #ie a trust leel to malicious user w$o can furt$er use t$e resources as aut$ori(ed user. T$erefore, security sc$emes must +e user friendly for deployment of security and +uildin# of trust. F!" *" Se&+re Per%,s%e Ar&'-e&-+re Re!s-r,-o( ,(d Asser-o(s Mod+)e. Bnce a new user enters in t$e system, it needs to +e re#istered wit$ t$e Trusted T$ird 1arty 4TT18 of t$e or#ani(ation. Alternately, t$e user may present $is credentials from anot$er TT1 of $is or#ani(ation to #et access tokens from t$e current TT1. In perasie enironment, t$e user can +e part of multiple domains and if t$e user is $ain# a trusted identity in one domain t$en $is credentials may +e used in any ot$er domain w$ic$ $e is isitin#. T$e concept of porta+le identity can +e effectiely utili(ed in t$e perasie enironment, w$ere a user esta+lis$es a trusted identity in one domain +y re#isterin# $imself wit$ a TT1 and $is credentials are aaila+le to +e utili(ed to #ie $im access ri#$ts in ot$er domains. Bnce t$e user is re#istered wit$ t$e TT1 +ased on its present conte-t or credentials from $is parent or#ani(ation. T$e user is assi#ned SAM! assertions. T$e SAM! assertions may contain Aut$entication, Aut$ori(ation and Attri+utes of t$e user. T$e steps to re#ister and #ie assertion are as follows' A new user enters t$e system wit$ a new deice. New deice is re#istered wit$ t$e TT1 +y re#isterin# user name, password and MA& address of t$e deice. Attri+utes of t$e user are recorded to proide attri+ute assertion to t$e entities w$ic$ re.uire t$e confirmation of t$e aut$enticity of t$e user. &orrespondin# to aut$entication assertion and attri+ute assertions, aut$ori(ation assertions are #enerated +ased on "nterprise,s and user,s policy at 131 41olicy 3ecision 1oint8 and 1"1 4policy "nforcement 1oint8. A&&ess Co(-ro) Mod+)e. T$e function of t$e Access &ontrol Module 4A&M8 is to c$eck t$e aut$entication assertions +efore #rantin# access to t$e user of t$e enterprise or user data. T$e SAM! assertions are receied +y t$e A&M and it acknowled#es t$e aut$entication credentials +ased on w$et$er it trusts t$e TT1 or not and t$ere+y t$e assertions are re#arded as true of false. Aut$entication assertions identify t$e user as t$e one w$o $e claims to +e. T$ese credentials alon# wit$ t$e attri+utes and aut$ori(ation credentials are used to decide a+out t$e leel of aut$ori(ation assi#ned to t$e re.uestin# user. A+-'or/,-o( Mod+)e. After erifyin# t$e aut$entication credentials, A&M erifies t$e aut$ori(ation data wit$ Aut$ori(ation Module to c$eck t$e leel of aut$ori(ation +ased on aut$entication and attri+ute assertions proided +y t$e re.uestin# user. Aut$ori(ation module #rants t$e aut$ori(ation leels dependin# upon t$e attri+utes of t$e user and its aut$entication leel. T$e aut$ori(ation assertions ena+le t$e user to perform specific actions in t$e isitin# domain. Se&+r-y Po)&y I01)e0e(-er. Security 1olicy Implementer 4S1I8 acts as 1olicy "nforcement 1oint 41"18 and 1olicy 3ecision 1oint 41318. After erifyin# t$e aut$entication credentials, A&M erifies t$e aut$ori(ation data wit$ Aut$ori(ation Module to c$eck t$e leel of aut$ori(ation +ased on aut$entication and attri+ute assertions proided +y t$e re.uestin# user. Aut$ori(ation module #rants t$e leel of aut$ori(ation +ased on aut$entication and attri+ute credentials. If t$e SAM! assertions are erified, A&M will approac$ t$e Security 1olicy Implementer. S1I +uilds dynamic security policies takin# input from User 1ersonal 1riacy 1olicy and "nterprise 1olicy. "ac$ user can define $is personal priacy policy as to w$at amount of data0 t$e user can s$are wit$in enterprise or outside t$e enterprise. "nterprise security policy takes t$e priority oer 1ersonal 1olicy of t$e indiidual user in matters relatin# to "nterprise domain. T$e com+ination of User 1olicy and "nterprise 1olicy makes rules for S1I. Security 1olicy "nforcer allows t$e access to aut$ori(ed data for w$ic$ t$e user $as +een #ranted access +y seein# $is credentials and leel of Trust. T$e followin# steps descri+e t$e oerall functionality of t$e system' A&M receies t$e new contact,s I3 includin# SAM! aut$entication assertions from t$e new contact. A&M erifies t$e SAM! assertions of t$e new contact +y c$eckin# w$et$er it trusts t$e TT1. o If t$e user trusts t$e TT1, it will take t$e assertions as assurance of aut$entication of t$e user. o If t$e user doesn,t trust t$e assertion proided +y t$e TT1, it can refuse t$e connection wit$ t$e incomin# re.uest. If t$e user trusts t$e TT1, it will c$eck t$e attri+utes of t$e user +y passin# aut$entication assertions to t$e TT1. TT1 will return t$e #uaranteed correct attri+utes of t$e new user correspondin# to t$e aut$entication assertions. A&M will pass on t$e aut$entication and aut$ori(ation attri+utes to local aut$ori(ation serice. 4An e-ternal SAM! aut$ori(ation serice can also +e used similar to SAM! aut$entication serice to c$eck w$et$er t$e user re.uestin# particular serice is aut$ori(ed to perform specific operation or is eli#i+le for particular serice8. Bnce t$e user is aut$ori(ed +y t$e SAM! aut$ori(ation serice for t$e use of a particular serice, it will allow t$e re.uestin# user t$e aut$ori(ed serices. CONCLUSION 1erasie computin# researc$ field is still in its infancy and a lot of researc$ efforts needs to +e done to see t$e actual implementation of real perasie enironment. A lot of focus is +ein# #ien on t$e serice discoery, conte-t ac.uisition, conte-t cate#ori(ation and conte-t modelin# in conte-t aware computin#. *e+ serices are used for inte#ratin# information sources from +ot$ inside and outside an enterprise. *e+ serices are simpler, standards/+ased, and more loosely coupled tec$nolo#y for connectin# data, systems, and or#ani(ations. Alt$ou#$ security sc$emes are deried to +e implemented in t$e perasie enironment +ut t$ey are +ein# implemented into already e-istin# perasie computin# arc$itectures. No #enerali(ed arc$itecture e-ists in perasie enironment t$erefore sc$emes are implemented differently in eac$ case. T$e paper presents a we+ serices arc$itecture for implementin# security in perasie enironment usin# standard +ased tec$nolo#ies w$ic$ are widely used and implemented. REFERENCES <ray, T., =. 1aoli, &. M. Sper+er#/McEueen, ". Maler, D. Fer#eau 4566A8. "-tensi+le Markup !an#ua#e 4@M!8 ersion :.6, Dift$ "dition, *G& Recommendation. &$ristensen, "., D. &ur+era, G. Meredit$ and S. *eerawarana 4566:8. *e+ Serices 3escription !an#ua#e 4*S3!8 ersion :.:, :C Marc$ 566:. &lement, !. A. Hatley, &. Rie#en and T. Ro#ers 4566C8. Uniersal 3escription, 3iscoery and Inte#ration 4U33I8 Standard. De+ruary 566C. &oin#ton, M. =., 1. Do#la, H$an, H. and M. A$amad 456658. A &onte-t/Aware Security Arc$itecture for "mer#in# Applications. In' 1roceedin#s of :A t$ Annual &omputer Security Applications &onference, !as Ie#as, Neada, USA. 5?;. 3ey, A. %. and G. 3. A+owd 4:;;;8. T$e &onte-t Toolkit' Aidin# t$e 3eelopment of &onte-t/ ena+led Applications. In proccedin#s of &onference on Human Dactors in &omputin# Systems, 1itts+ur#$, USA. ?G:/??:. 3ra#oni, N., D. Massacci, &. Sc$aefer, T. *alter and ". Ietillard 456678. A Security +y &ontract Arc$itecture for 1erasie Serices. In proceedin#s of T$ird International *orks$op on Security, 1riacy and Trust in 1erasie and U+i.uitous &omputin#, Istan+ul, Turkey. ?;/C?. Gud#in, M., M. Hadley, N. Mendelso$n, =. Moreau, H. D. Nielson, A. %armarkar, F. !afon 456678. SBA1 ersion :.5, *G& Recommendation. =e$an#ir, A. and S. M. Heemstra 4566>8. A Security Arc$itecture for 1ersonal Networks. In T$ird Annual International &onference on Mo+ile and U+i.uitous Systems / *orks$ops, San =ose, &alifornia, USA. :/A. !iu, F., D. !i 4566>8. 1&A' A Reference Arc$itecture for 1erasie &omputin#. In' 1roceedin#s of : st International Symposium on 1erasie &omputin# and Applications, Urum.i, &$ina. ;;/:6G. !lewellyn/=ones, 3., M. Mera+ti, E. S$i and <. Askwit$ 4566?8. A security framework for e-ecuta+les in a u+i.uitous computin# enironment. I""" Glo+al Telecommunications &onference, 3allas, Te-as, USA . ?' 5:CA/5:>G. Malik, N. A., U. Ma$mud, and M. F. =aed 456678. Duture &$allen#es in &onte-t Aware &omputin#. In 1roceedin#s of ***2Internet 5667, Iilla Real, 1ortu#al. 5' G6>/G:6. 1i#eot, &., F. Gripay, M. Scuturici and . 1ierson 456678. &onte-t/Sensitie Security Dramework for 1erasie "nironments. In proceedin#s of Dourt$ "uropean &onference on Uniersal Multiserice Networks, Toulouse, Drance. G;:/?66, T$omas, R.%. :;;7. Team/+ased access control 4TMA&8' a primitie for applyin# role/+ased access controls in colla+oratie enironments. In' 1roceedin#s of t$e 5 nd A&M works$op on Role/ +ased access control, Dairfa-, Iir#inia, USA. :G/ :;.