Proxy-Based Security Protocols in Networked Mobile Devices SUMMARY Motivation - high conectivity between different devices required - Security protocol should work for both computationally strong and weak ('lightweight')devices. Proxies - Each device has a software proxy which may run on an embedded processor or on a trusted computer in the case of impoverished devices. - Proxies make access control decisions on behalf of devices they represent. Communication is event based and proxies are also responsible for convering messages into formats that are understood on either interface. Device to proxy protocol - For powerful devices, no need for such a protocol. Messages can be sent locally. - For 'lightweight' devices, HMAC-MD5 is used to provide authentication. RC5 is used in OFB (output feebdack) mode to provide encryption. This is a simple implementation as only the encryption algorithm is required and message can be decrypted using that. Proxy to proxy protocol - It used SPKI SDSI - Egalitarian design - every public key is a certificate issuing authority. - SPKI SDSI implemented using a client server architecture. Client requests for resource from server which required proofs of authenticity and authorization for protected resources. The request has to signed and should carry a chain of certificate signed by the same public key. Other Security considerations - Above protocols just implement access control. For providing data confidentiality and integrity, it can be layered over TLS SSL Evaluation - Memory Requirement for design to proxy protocol proved small. - Processing requirements - proved that 15 TPS is achievable Conclusion - Using different security protocols, it is easy to achieve a secure, scalable, easy to maintain system DISCUSSION Pros 1. A complete security system for an ubiquitous computing environment. 2. Simple paper complete with a ready implementation and evaluation. Cons 1. No original idea conveyed through the paper. 2. RC5 is a symmetric cipher, susceptible to security hacks. 3. Explanation of 15 TPS is dubious (Data size in the message is varied). 4. How is security key for HMAC-MD5 delivered RATING 1. Strong Accept - 0 2. Weak Accept - 10 3. Weak Reject - 2