Title: Authentication, authorisation and auditing for ubiquitous computing: a survey and vision

Authors: Alireza Pirayesh Sabzevar, Joao Pedro Sousa

Addresses: Computer Science Department, School of Information Technology and Engineering, George Mason University, 4400 University Drive, Fairfax, Virginia, 22030, USA. ' Computer Science Department, School of Information Technology and Engineering, George Mason University, 4400 University Drive, Fairfax, Virginia, 22030, USA

Abstract: This paper surveys the state of the art in authentication, authorisation, and auditing for ubiquitous computing. The survey covers a range of recent work, of which 12 representative contributions are compared side by side along 20 criteria. The paper also describes a vision of invisible security that integrates unobtrusive multi-factor authentication with probabilistic models that take into account social relationships and natural behaviours, such as borrowing credentials as a form of access delegation. This vision recasts current probabilistic models for authentication and argues that the traditional separation of concerns between authentication and authorisation needs to be revisited.

Keywords: access control; authentication; ubiquitous computing; context awareness; authorisation; invisible security; probabilistic modelling; social relationships; natural behaviours; access delegation; auditing.

DOI: 10.1504/IJSSC.2011.039107

International Journal of Space-Based and Situated Computing, 2011 Vol.1 No.1, pp.59 - 67

Published online: 26 Mar 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article