@InProceedings{BCMMx02, author = { M. Burside and D. Clarke and T. Mills and A. Maywah and S. Devadas and R[onald L.] Rivest }, title = { Proxy-based Security Protocols in Networked Mobile Devices }, pages = { 265--272 }, OPTurl = { http://doi.acm.org/10.1145/508791.508845 }, doi = { 10.1145/508791.508845 }, acmid = { 508845 }, acm = { 38444 }, booktitle = { Proceedings 2002 ACM Symposium on Applied Computing }, date = { 2002 }, publisher = { ACM }, editor = { Hisham Haddad and George Papadopoulos }, isbn = { 1-58113-445-2 }, OPTyear = { 2002 }, OPTmonth = { March 10-14, }, eventdate = { 2002-03-10/2002-03-14 }, eventtitle = { SAC 2002 }, venue = { Madrid, Spain }, urla = { SAC'02 }, keywords = { authorization, certificate, certificate chain, certificate chain discovery, mobile device, pervasive, protocol, proxy, security, ubiquitous, wireless }, abstract = { We describe a resource discovery and communication system designed for security and privacy. All objects in the system, e.g., appliances, wearable gadgets, software agents, and users have associated trusted software proxies that either run on the appliance hardware or on a trusted computer. We describe how security and privacy are enforced using two separate protocols: a protocol for secure device-to-proxy communication, and a protocol for secure proxy-to-proxy communication. Using two separate protocols allows us to run a computationally-inexpensive protocol on impoverished devices, and a sophisticated protocol for resource authentication and communication on more powerful devices. We detail the device-to-proxy protocol for lightweight wireless devices and the proxy-to-proxy protocol which is based on SPKI/SDSI (Simple Public Key Infrastructure / Simple Distributed Security Infrastructure). A prototype system has been constructed, which allows for secure, yet efficient, access to networked, mobile devices. We present a quantitative evaluation of this system using various metrics. }, }