Une architecture d'authentification dynamique et sécurisé, sensible au contexte et basé sur la confiance pour les environnements pervasifs, A dynamic trust-based context-aware secure authentication framework for pervasive computing environments

Thesee - Pierre Abi-Char

Découvre YouScribe en t'inscrivant gratuitement

Je m'inscris

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

195 pages

English

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

A propos
Informations
Extrait

Description

Sous la direction de Mounir Mokhtari
Thèse soutenue le 30 mars 2010: Institut national des télécommunications d'Evry
La prise en considération des exigences en matière de sécurité, de vie privée et de confiance au sein des environnements pervasifs (ubiquitaires) est indispensable à la fourniture des services personnalisés aux utilisateurs. L’objectif de cette thèse est de disposer d’une architecture souple et évolutive intégrant l’authentification des utilisateurs, la préservation de leur vie privée et la gestion de la confiance en vue d’optimiser la stratégie de contrôles d’accès aux services personnalisés. La première contribution porte sur la proposition d’un protocole d’authentification mutuelle construit à partir de schémas cryptographiques robustes d’établissement de clés basés sur les courbes elliptiques (MaptoPoint/Curve algorithm, Weil Pairing) et d’un modèle dynamique basé sur les attributs issus des données contextuelles. La seconde contribution porte sur la conception d’une nouvelle architecture bâti sur un modèle basé sur les attributs et organisée autour de 3 couches : la couche de contrôle de le vie privée qui assure la protection de la vie privée des utilisateurs en contrôlant leurs données personnelles, la couche d’accès associant les processus d’authentification et de contrôles d’accès en intégrant des mécanismes dédiés à la gestion des paramètres de confiance et la couche de service pour la gestion des accès aux services selon le profil de l’utilisateur et de son environnement. La troisième contribution porte sur le développement et la mise en œuvre d’un prototype au sein de la plateforme dédiée à la fourniture de services du laboratoire Handicom de Telecom SudParis.
-Informatique omniprésente
To provide personalized services to users in pervasive environments, we should consider both user's privacy, trust and security requirements. Traditional authentication and access control mechanisms are not able to adapt their security policies to a changing context while insuring privacy and trust issues. This thesis introduces a new global vision for the protection of pervasive environments, based on context-aware principle. The aim of this thesis is to get a flexible and scalable framework including user authentication, user privacy preserving and trust management in order to optimize the access control strategy to personalized services. The first contribution include the proposal of a mutual authentication protocol supported by both robust key establishment schemes based on elliptic curves (MaptoPoint/Curve algorithm, Weil Pairing) and a dynamic model based on attributes issued from contextual data. The second contribution include the design of a new architecture built on an attribute based model and organized over 3 layers: the privacy control layer which insure the protection of the user private life by controlling their personal data, the access layer which associate authentication and access control processes while providing mechanisms dedicated to trust parameters management , and finally the service layer for service access management according to the user profile and his environment. The third contribution the implementation and the deployment of a prototype within the service delivery platform in Handicom lab of Telecom & Management SudParis.
-Authentication
-Pervasive computing
-Cryptography
Source: http://www.theses.fr/2010TELE0006/document

Informations

Publié par	Thesee
Nombre de lectures	31
Langue	English
Poids de l'ouvrage	1 Mo

Extrait

Ecole Doctorale EDITE

Thèse présentée pour l’obtention du diplôme de
DOCTEUR DE L’INSTITUT NATIONAL DES TELECOMMUNICATIONS

Doctorat délivré conjointement par
L’Institut National des Télécommunications et l’Université Pierre et Marie Curie - Paris 6

Spécialité : Informatique

Par
Pierre E. ABI-CHAR

A DYNAMIC TRUST-BASED CONTEXT-AWARE
SECURE AUTHENTICATION FRAMEWORK FOR
PERVASIVE COMPUTING ENVIRONMENTS

Soutenue le 30 Mars 2010 devant le jury composé de :

Bernard COUSIN Rapporteur IRISA, Université de Rennes, Rennes (France)
Lionel BUNIE LIRIS, INSA Lyon, Lyon (France)
Amal El Fallah SEGHROUCHNI Examinateur LIP6, Université Pierre et Marie Curie, Paris (France)
Zheng YAN Nokia Research Center, Helsinki (Finlande)
Bachar EL HASSAN LaSTRe, Université Libanaise, Tripoli (Liban)
Abdallah M’HAMED Examinateur Handicom, Telecom & Management SudParis (France)
Mounir MOKHTARI Directeur de thèse Handicom, Telecom & Management SudParis (France)

Thèse n° 2010TELE0006

tel-00542331, version 1 - 2 Dec 2010P
ARIS
OR
D
STUDIES
YN
THE
AMIC
2010
TR
ON
UST
ET
-B
AR
ASED
THE
CONTEXT
E.
-A
TION-TELECOM
W
THE
ARE
A
SECURE
UNIVERSITE
A
CURIE
UTHENTICA
IN
TION
FULFILLMENT
FRAMEW
UIREMENTS
ORK
OF
FOR
PHILOSOPHY
PER
May
V
TELECOMMUNICA
ASIVE
SUDP
COMPUTING
AND
ENVIR
COMMITTEE
ONMENTS
GRADU
A
TE
DISSER
OF
T
PIERRE
A
MARIE
TION
-
SUBMITTED
ARIS6
T
P
O
TIAL
THE
OF
DEP
REQ
AR
FOR
TMENT
DEGREE
OF
DOCT
RESEA
OF
UX
Pierre
ET
ABI-CHAR
SER
DE
VICE
A
tel-00542331, version 1 - 2 Dec 2010ed
Reserv
All
ii
E.
Cop
2010
yright
Rights
by
ABI-CHAR
Pierre
c
°
tel-00542331, version 1 - 2 Dec 2010Graduate
is
I
certify
of
that
of
I
this
ha
a
v
ed
e
for
read
y
this
ha
dissertation
in
and
scope
that,
de
in
(Bachar
my
v
opinion,
iii
it
de
is
of
fully
(Abdallah
adequate
that
in
e
scope
and
and
opinion,
quality
adequate
as
quality
a
for
dissertation
of
for
y
the
Appro
de
the
gree
Committee
of
a
Doctor
dissertation
of
the
Philosoph
gree
y
Doctor
.
Philosoph
(Mounir
.
MOKHT
M'HAMED)
ARI)
certify
Principal
I
Adviser
v
I
read
certify
dissertation
that
that,
I
my
ha
it
v
fully
e
in
read
and
this
as
dissertation
dissertation
and
the
that,
gree
in
Doctor
my
Philosoph
opinion,
.
it
EL-HASSAN)
is
v
fully
for
adequate
Uni
in
ersity
scope
on
and
Studies.
quality
as
I
tel-00542331, version 1 - 2 Dec 2010v
i
tel-00542331, version 1 - 2 Dec 2010e
v
v
CKNO
b
WLEDGEMENTS
people
The
ould
completion
I
of
Their
this
It
dissertation
both
represents
been
more
my
than
their
just
thesis
a
thesis
demonstration
helpful
of
abroad
compe-
memorable
tence
has
as
also
a
the
researcher
a
.
thanks
Rather
xpress
,
me
the
y
process
the
in
time
v
re
olv
their
ed
ations
in
A
its
hosting
formulation
elecom
and
v
writing
also
has
Studying
pro-
e
vided
en
me
the
with
path
an
I
opportunity
all
for
with
both
to
personal
o
gro
w
wth
them
and
and
de
v
v
and
elopment.
discussions.
F
ould
or
of
me,
for
the
of
k
schedule
e
w
y
also
to
and
success
and
represents
e
the
this
desire
thanks
to
eryone
accomplish
during
something,
at
and
P
the
as
belief
nice
that
xperience.
it
all
can
met
be
at
done.
a
The
caused
latter
e
ho
ment
we
of
v
that
er
crossed
,
v
could
y
not
v
ha
Thank
v
ha
e
time
been
I
possible
lik
without
xpress
the
my
support
and
of
.
those
to
who
gratitude
ha
their
v
and
e
bearing
been
them
close
for
to
help
me.
man
F
inspiring
or
Also,
that
w
reason,
thanks
there
rest
are
my
a
committee
number
taking
of
out
persons
their
to
usy
whom
to
I
vie
w
this
ould
and
lik
for
e
support
to
comments.
e
suggestions
xpress
observ
my
were
gratitude.
xtremely
First
throughout
I
thesis.
w
special
ould
to
lik
v
e
for
to
me
thank
my
my
stay
supervisor
T
Abdallah
Sud-
M'HAMED
aris.
for
w
his
a
help,
ery
guidance,
and
advise
e
as
I
well
thank
as
the
his
I
enthusiasm
there.
and
here
man
INT
y
been
v
great
aluable
xperience,
contrib
by
utions
the
to
xcellent
this
viron-
w
and
ork.
because
W
all
ithout
friends
his
ha
input,
e
I
my
w
o
ould
er
not
man
ha
years
v
ha
e
e
been
here.
able
you
to
for
complete
ving
this
great
thesis.
here
I
you.
am
w
also
also
grateful
e
to
e
Mounir
my
MOKHT
to
ARI
tw
and
brothers
Bachar
to
El-HASSAN
sister
for
I
gi
ant
ving
e
me
my
the
to
opportunity
for
to
lo
pursuing
e
my
support,
Ph.D.
for
I
with
need
during
to
thanks
A
tel-00542331, version 1 - 2 Dec 2010sure
ou
in
periods
thing
when
I
w
what
ork
completion
took
yes
a
o
v
constant
ery
me
big
trusting
part
ou
of
not
my
une
time.
re-v
W
w
ithout
y
your
thank
support,
a
encour
thanks
-
means
agement,
v
guidance,
and
I
of
ne
forw
v
Unfortunately
er
to
w
v
ould
death
ha
helped
v
wn
e
where
made
us
it
I
through
vi
the
ant
whole
for
Ph.D.
and
process.
ering
Thank
abilities.
you
sho
all.
it
Last,
care,
b
I
ut
Thanks
not
accepting
least,
me.
I
a
w
ethos.
ould
also
lik
to
e
this
to
He
present
with
all
the
my
Ho
respect
,
to
and
one
my
v
life
ery
re-estimate
special
my
person;
I
my
is
Mother
there
,
w
N
.
ADIA
ou
ABI-CHAR.
So
Man
ABI-
y
CHAR.
thanks
w
Mom;
to
for
him
all
his
your
care
understanding,
unw
your
v
patience
belief
and
my
most
Dad,
of
for
all,
wing
for
what
your
really
lo
to
v
and
e.
can
Y
achie
ou
e.
ha
for
v
me,
e
me,
gi
supporting
v
Y
en
were
me
man
the
impeccable
strength
Y
to
were
pursue
looking
my
ard
dreams,
the
the
of
courage
dissertation.
to
,
stand
is
up
here
for
us
my
see
beliefs,
whole
and
nished.
the
we
condence
er
that
his