Skip to main content
SpringerLink
Log in

Context-Related Access Control for Mobile Caching

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2011)

  • 1076 Accesses

Abstract

Mobile caching is a popular technique that has been widely applied in mobile applications to reduce the bandwidth usage, battery consumption, and perceived lag. To protect the confidentiality of cached data, the data with sensitive information has to be encrypted as it is cached on mobile devices. Currently, several mobile platforms provide encryption utilities which allow mobile applications to encrypt their local caches. However, existing encryption utilities are too coarse-grained and not directly applicable to dynamically enforcing fine-grained context-related access control policies in context-aware mobile applications.

In this paper, we first show the necessity of new encryption schemes in context-aware mobile applications by examples, and then propose three encryption schemes for enforcing context-related access control policies on cached data. The proposed encryption schemes adopt different cryptographic techniques. By comparing the cache hit rate and communication gain, we analyze the impact of applying the proposed schemes to the efficiency of the existing mobile cache management algorithm in context-aware mobile applications. Further, we evaluate the performance of these schemes through extensive simulations, and suggest the suitable application scenarios for each scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Jiang, Z., Kleinrock, L.: Web prefetching in a mobile environment. IEEE Personal Communications 5, 25–34 (1998)

    Article  Google Scholar 

  2. Höpfner, H., Wendland, S., Mansour, E.: Data caching on mobile devices - the experimental mymidp caching framework. In: Proc. of the 4th International Conference on Software and Data Technologies (2009)

    Google Scholar 

  3. Apple, “Safari developer library: Storing data on the client”, http://developer.apple.com/library/safari/

  4. Allan, A., Warden, P.: Got an iphone or 3g ipad? apple is recording your moves (2011), http://radar.oreilly.com/2011/04/apple-location-tracking.html

  5. Schilit, B.N., Adams, N., Want, R.: Context-aware computing applications. In: Proc. of The Workshop on Mobile Computing Systems and Applications, pp. 85–90. IEEE Computer Society (1994)

    Google Scholar 

  6. Abowd, G.D., Dey, A.K., Brown, P.J., Davies, N., Smith, M., Steggles, P.: Towards a Better Understanding of Context and Context-Awareness. In: Gellersen, H.-W. (ed.) HUC 1999. LNCS, vol. 1707, pp. 304–307. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  7. Lijding, M., Meratnia, N., Benz, H.: Smart signs show you the way. IO Vivat 22(4), 35–38 (2007)

    Google Scholar 

  8. Kyriacou, E.C., Pattichis, C., Pattichis, M.: An overview of recent health care support systems for eemergency and mhealth applications. In: Proc. of 31st Annual International Conference of the IEEE EMBS (2009)

    Google Scholar 

  9. Hinze, A., Buchanan, G.: Context-awareness in mobile tourist information systems: Challenges for user interaction. In: Proc. Workshop on Context in Mobile HCI, in Conjunction with Mobile HCI (2005)

    Google Scholar 

  10. Johnson, T., Shasha, D.: 2q: a low overhead high performance buffer management replacement algorithm. In: Proc. of the 20th International Conference on Very Large Databases (1994)

    Google Scholar 

  11. Cao, G.: A scalable low-latency cache invalidation strategy for mobile environments. IEEE Trans. on Knowl. and Data Eng. (2003)

    Google Scholar 

  12. Ferraiolo, D.F., Barkley, J.F., Kuhn, D.R.: A role-based access control model and reference implementation within a corporate intranet. ACM Trans. Inf. Syst. Secur. 2, 34–64 (1999)

    Article  Google Scholar 

  13. Ardagna, C.A., Cremonini, M., Damiani, E., di Vimercati, S.D.C., Samarati, P.: Supporting location-based conditions in access control policies. In: Proc. of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2006, pp. 212–222 (2006)

    Google Scholar 

  14. Priyantha, N.B., Chakraborty, A., Balakrishnan, H.: The cricket location-support system. In: Proc. of the 6th Annual International Conference on Mobile Computing and Networking, MobiCom 2000, pp. 32–43 (2000)

    Google Scholar 

  15. Sastry, N., Shankar, U., Wagner, D.: Secure verification of location claims. In: Proc. of the ACM Workshop on Wireless Security (WiSe 2003), pp. 1–10 (2003)

    Google Scholar 

  16. N. DoCoMo, IBM, I. Corporation: Trusted mobile platform: Hardware architecture description (2004)

    Google Scholar 

  17. Muthukumaran, D., Sawani, A., Schiffman, J., Jung, B.M., Jaeger, T.: Measuring integrity on mobile phone systems. In: Proc. of the 13th ACM Symposium on Access Control Models and Technologies, SACMAT 2008, pp. 155–164 (2008)

    Google Scholar 

  18. Cox, L.P., Chen, P.M.: Pocket hypervisors: Opportunities and challenges. In: Proc. of the Eighth IEEE Workshop on Mobile Computing Systems and Applications, HOTMOBILE 2007, pp. 46–50 (2007)

    Google Scholar 

  19. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proc. of the 2007 IEEE Symposium on Security and Privacy, SP 2007, pp. 321–334 (2007)

    Google Scholar 

  20. Chen, G., Kotz, D.: A survey of context-aware mobile computing research, Hanover, NH, USA, Tech. Rep. (2000)

    Google Scholar 

  21. Kim, M., Kotz, D., Kim, S.: Extracting a mobility model from real user traces. In: Proc. of the IEEE International Conference on Computer Communications (IEEE INFOCOM 2006) (2006)

    Google Scholar 

  22. Breslau, L., Cao, P., Fan, L., Phillips, G., Shenker, S.: Web caching and zipf-like distributions: Evidence and implications. In: Proc. of the Conference on Computer Communications (IEEE Infocom 1999) (1999)

    Google Scholar 

  23. Cate, V.: Alex-a global file system. In: Proc. of USENIX File System Workshop 1992, pp. 1–12 (1992)

    Google Scholar 

  24. Conti, M., Nguyen, V.T.N., Crispo, B.: CRePE: Context-Related Policy Enforcement for Android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 331–345. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  25. Hansen, F., Oleshchuk, V.: Srbac: A spatial role-based access control model for mobile systems. In: Proc. of 7th Nordic Workshop on Secure IT Systems (2003)

    Google Scholar 

  26. Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: Geo-rbac: A spatially aware rbac, vol. 10. ACM (2007)

    Google Scholar 

  27. Yu, S., Ren, K., Lou, W.: Fdac: Toward fine-grained distributed data access control in wireless sensor networks. In: Proc. of the IEEE International Conference on Computer Communications (IEEE INFOCOM 2009), pp. 963–971 (2009)

    Google Scholar 

  28. Bobba, R., Fatemieh, O., Khan, F., Gunter, C.A., Khurana, H.: Using attribute-based access control to enable attribute-based messaging. In: Proc. of the 22nd Annual Computer Security Applications Conference, pp. 403–413 (2006)

    Google Scholar 

  29. Bobba, R., Fatemieh, O., Khan, F., Khan, A., Gunter, C.A., Khurana, H., Prabhakaran, M.: Attribute-based messaging: Access control and confidentiality. ACM Transactions on Information and Systems Security, TISSEC (2010)

    Google Scholar 

  30. Weber, S.G.: Securing first response coordination with dynamic attribute-based encryption. In: Proc. of World Congress on Privacy, Security, Trust and the Management of e-Business 2009 (2009)

    Google Scholar 

  31. Xie, L., Zhang, X., Chaugule, A., Jaeger, T., Zhu, S.: Designing system-level defenses against cellphone malware. In: Proc. of the 28th IEEE International Symposium on Reliable Distributed Systems, pp. 83–90 (2009)

    Google Scholar 

  32. Zhang, X., Seifert, J.-P., Sandhu, R.: Security enforcement model for distributed usage control. In: Proc. of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, Sutc 2008 (2008)

    Google Scholar 

  33. Enck, W., Gilbert, P., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In: Proc. of the USENIX Symposium on Operating Systems Design and Implementation, OSDI (2010)

    Google Scholar 

  34. Ongtang, M., Butler, K., McDaniel, P.: Porscha: Policy oriented secure content handling in android. In: Proc. of the 26th Annual Computer Security Applications Conference, ACSAC (2010)

    Google Scholar 

  35. Bethencourt, J., Sahai, A., Waters, B.: The cpabe toolkit in advanced crypto software collection, http://acsc.cs.utexas.edu/cpabe/

Download references

Author information

Authors and Affiliations

  1. Pennsylvania State University, University Park, PA, 16802, USA

    Zhi Xu & Sencun Zhu

  2. IBM T.J. Watson Research, 19 Skyline Drive, Hawthorne, NY, 10532, USA

    Kun Bai, Leslie Liu & Randy Moulic

Authors
  1. Zhi Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kun Bai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sencun Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Leslie Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Randy Moulic
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. City University London, 10 Northampton Square, EC1V 0HB, London, UK

    Muttukrishnan Rajarajan

  2. Royal Holloway University of London, TW20 0EX, Egham Hill, UK

    Fred Piper

  3. College of William and Mary, P.O. Box 8795, 23187, Williamsburg, VA, USA

    Haining Wang

  4. Pennsylvania State University, 338J IST Buillding, 16802, University Park, PA, USA

    George Kesidis

Rights and permissions

Reprints and permissions

Copyright information

© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Xu, Z., Bai, K., Zhu, S., Liu, L., Moulic, R. (2012). Context-Related Access Control for Mobile Caching. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds) Security and Privacy in Communication Networks. SecureComm 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 96. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31909-9_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-31909-9_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-31908-2

  • Online ISBN: 978-3-642-31909-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation