Ubiquitous Networks with a Secure Provision of Services, Access, and Content Delivery
Funded by the EU FP6 (FP6-2003-IST-1-506926)
UBISEC aims at an advanced infrastructure for large-scale mobility and security based on SmartCard technologies for context-aware and personalised authorisation and authentication services in heterogeneous networks. This requires advanced personalisation and localisation technologies with high security in order to keep privacy and to protect computing devices, their software components, and personal user data including user profiles. The project does not deal with the development of a complete framework, but focuses primarily on the following areas: Security, Customisation, Core technology and Service Discovery.
NICS' role in UBISEC mainly focused on Security-related topics. NICS has been responsible on the extensibility of current PKI concepts in ubiquitous networks. This means not only to adapt protocols and processes to the new scenarios, but to adapt digital signatures and authentication procedures to the collection of new devices that will form part of ubiquitous networks. Similarly, and because authorisation services are specially relevant in these new scenarios, NICS contributed by improving actual Privilege Management Technology, up to a level in which the technology is widely available to citizens and companies. In this area NICS helped to deploy the Privilege Verifier (PV). NICS focused on how profiles must be syntactically built and semantically interpreted. At the same time, NICS worked on the design of an infrastructure for the automatic customisation of devices and services through context-aware profile processing, which is of capital importance for mobile applications.
NICS also designed, implemented and tested a Mobile DRM framework with non-repudiation services in ubiquitous scenarios .
Security is a core issue in all designs.
- "On Secure Profiling",
In 1st International Workshop on Secure Ubiquitous Networks (SUN’05), IEEE Press, pp. 214-218, August, 2005.
Ubiquitous environments have several drawbacks to be solved. Most of them are focused on security, and relevant ones are authorization and authentication. Amongst the essential elements to adequately provide solutions, we can find profiles. A profile can be defined as a repository to store structured data from users, networks, devices, applications, etc. As profiles are needed in ubiquitous environments, and these need of secure management as well, in this paper, we provide some initial guidance on the security storage of profiles and on security levels needed for each type of profile. Additionally, we review different alternatives to bear profiles, concluding that smartcards are the most suitable devices.
- "Extending an OMA-based DRM Framework with Non-Repudiation Services",
In 5th Symposium on Signal Processing and Information Technology (ISSPIT’05), IEEE, pp. 472-477, 2005.
Digital Rights Management (DRM) is an umbrella term for any of several arrangements which allows a vendor of content in electronic form to control the material and restrict its usage in various ways that can be specified by the vendor. These arrangements are provided through security techniques, mainly encryption, and the distribution, in a detached manner, of content and rights. This allows free access to the content by the consumers, but only those carrying the proper Right Object (RO) will be able to process such content. As a security service considered in different layers of the security framework defined by ITU X.805, almost all applications need to consider non-repudiation in the very beginning of their design. Unfortunately this has not been done so far in DRM specifications due to practical issues and the type of content distributed. We analyze this service for the a DRM framework and provide a solution which allows the right objects acquisition to be undeniable.