Trust-based Distributed Authentication Middleware in Ubiquitous Mobile Environments

Abstract

To guard against malicious attack from mobile middleware, application should incorporate suitable control mechanisms, such as access control, authentication policy etc. Distributed trust management is a flexible way to manage nodes' security control in distributed environments. In this paper, we present the design of a new security mobile middleware which provides support for role-based trust and accountability in distributed mobile environment. The proposed model, founded on delegation certificates, allows the management of trust relations using a role-based trust model RTO. After having introduced the role and policy delegation mechanism, we present the authentication protocol between requester and compliance checker, which essentially unifies remote administration with credential distribution that provides the ability to construct richer security policies and easy to manage distributed middleware mobile communication, authentication and request.