“Fair” Authentication in Pervasive Computing

Abstract

Authentication is traditionally required to be strong enough to distinguish legitimate entities from unauthorised entities, and always involves some form of proof of identity, directly or indirectly. Conventional storable or delegable authentication scenarios in the pervasive computing environment are often frustrated by the qualitative changes of pervasive computing when humans are admitted into the loop. In this paper, we present an alternative approach based upon involving human self-determination in security protocols. This targets the authentication problem in pervasive computing, particularly when communication occurs in mobile ad-hoc fashion. We propose the argument of “thinkable” authentication, which involves using two-level protocols with the consideration of minimising trustworthiness in both human and computer device domains, but without unnecessary entity identity authentication. Thus, self-determining knowledge of the human interactions in pervasive computing can be exploited in order to make improvements on current security mechanisms.