{"title":"移动安全主机身份委托","authors":"S. Herborn, A. Huber, R. Boreli, A. Seneviratne","doi":"10.1109/COMSWA.2007.382596","DOIUrl":null,"url":null,"abstract":"We develop a scheme for host identity delegation based on the Host Identity Protocol (HIP). We show how this scheme can be applied to enable the movement of communication sessions between devices e.g. in a Personal Area Network (PAN), or to securely and seamlessly insert any number of service proxies in between session endpoints e.g. to adapt data to suit different devices in a PAN. Identities are securely delegated by relaying HIP signalling messages to the device that owns the private key. This avoids security issues caused by dissemination of private keys. This also ensures that delegated endpoint identities are instantly and permanently revocable by the original device which remains in full control of the private key used to authorize use of the identity. We show that the delegation process introduces minimal additional signalling, and present results of evaluation of a prototype which show the scheme results in no detriment to the performance of HIP.","PeriodicalId":191295,"journal":{"name":"2007 2nd International Conference on Communication Systems Software and Middleware","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-07-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Secure Host Identity Delegation for Mobility\",\"authors\":\"S. Herborn, A. Huber, R. Boreli, A. Seneviratne\",\"doi\":\"10.1109/COMSWA.2007.382596\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We develop a scheme for host identity delegation based on the Host Identity Protocol (HIP). We show how this scheme can be applied to enable the movement of communication sessions between devices e.g. in a Personal Area Network (PAN), or to securely and seamlessly insert any number of service proxies in between session endpoints e.g. to adapt data to suit different devices in a PAN. Identities are securely delegated by relaying HIP signalling messages to the device that owns the private key. This avoids security issues caused by dissemination of private keys. This also ensures that delegated endpoint identities are instantly and permanently revocable by the original device which remains in full control of the private key used to authorize use of the identity. We show that the delegation process introduces minimal additional signalling, and present results of evaluation of a prototype which show the scheme results in no detriment to the performance of HIP.\",\"PeriodicalId\":191295,\"journal\":{\"name\":\"2007 2nd International Conference on Communication Systems Software and Middleware\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-07-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 2nd International Conference on Communication Systems Software and Middleware\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/COMSWA.2007.382596\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 2nd International Conference on Communication Systems Software and Middleware","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMSWA.2007.382596","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
We develop a scheme for host identity delegation based on the Host Identity Protocol (HIP). We show how this scheme can be applied to enable the movement of communication sessions between devices e.g. in a Personal Area Network (PAN), or to securely and seamlessly insert any number of service proxies in between session endpoints e.g. to adapt data to suit different devices in a PAN. Identities are securely delegated by relaying HIP signalling messages to the device that owns the private key. This avoids security issues caused by dissemination of private keys. This also ensures that delegated endpoint identities are instantly and permanently revocable by the original device which remains in full control of the private key used to authorize use of the identity. We show that the delegation process introduces minimal additional signalling, and present results of evaluation of a prototype which show the scheme results in no detriment to the performance of HIP.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
