Protocol for a Systematic Literature Review on Security-related Research in Ubiquitous Computing

Context: This protocol is as a supplementary document to our review paper that investigates security-related challenges and solutions that have occurred during the past decade (from January 2003 to December 2013). Objectives: The objective of this systematic review is to identify security-related challenges, security goals and defenses in ubiquitous computing by answering to three main research questions. First, demographic data and trends will be given by analyzing where, when and by whom the research has been carried out. Second, we will identify security goals that occur in ubiquitous computing, along with attacks, vulnerabilities and threats that have motivated the research. Finally, we will examine the differences in addressing security in ubiquitous computing with those in traditional distributed systems. Method: In order to provide an overview of security-related challenges, goals and solutions proposed in the literature, we will use a systematic literature review (SLR). This protocol describes the steps which are to be taken in order to identify papers relevant to the objective of our review. The first phase of the method includes planning, in which we define the scope of our review by identifying the main research questions, search procedure, as well as inclusion and exclusion criteria. Data extracted from the relevant papers are to be used in the second phase of the method, data synthesis, to answer our research questions. The review will end by reporting on the results. Results and conclusions: The expected results of the review should provide an overview of attacks, vulnerabilities and threats that occur in ubiquitous computing and that have motivated the research in the last decade. Moreover, the review will indicate which security goals are gaining on their significance in the era of ubiquitous computing and provide a categorization of the security-related countermeasures, mechanisms and techniques found in the literature. (authors' abstract)Series: Working Papers on Information Systems, Information Business and Operation

A Risk-aware Trust Based Secure Resource Discovery (RTSRD) Model for Pervasive Computing

To address the challenges posed by device capacity and capability, and also the nature of ad-hoc network of pervasive computing, a resource discovery model is needed that can resolve security and privacy issues with simple solutions. The use of complex algorithms and powerful fixed infrastructure is infeasible due to the volatile nature of pervasive environment and tiny pervasive devices. In this paper, we present a risk- aware trust based secure resource discovery model, RTSRD (risk-aware trust based secure resource discovery) for a truly pervasive environment. Our model is an adaptive hybrid one that allows both secure and non-secure discovery of services on adaptive trust. RTSRD also incorporates a risk model for sharing resources with unknown devices. Hence, the two contributions of this paper are: adaptive trust, and risk model for resource discovery in pervasive computing environments

Modeling Cost of Interruption (COI) to Manage Unwanted Interruptions for Mobile Devices

Unwanted and untimely interruptions have been a major cause in the loss of productivity in recent years. It has been found that they are mostly detrimental to the immediate task at hand. Multiple approaches have been proposed to address the problem of interruption by calculating cost of it. The Cost Of Interruption (COI) gives a measure of the probabilistic value of harmfulness of an inopportune interruption. Bayesian Inference stands as the premier model so far to calculate this COI. However, Bayesian-based models suffer from not being able to model context accurately in situations where a priori, conditional probabilities and uncertainties exist while utilizing context information. Hence, this thesis introduces the Dempster-Shafer Theory of Evidence to model COI. Along the way, it identifies specific contexts that are necessary to take into account. Simulation results and performance evaluation suggest that this is a very good approach to decision making. The thesis also discusses an illustrative example of a mobile interruption management application where the Dempster-Shafer theory is used to get a better measurement of whether or not to interrupt

A Risk-aware Trust Based Secure Resource Discovery (RTSRD) Model for Pervasive Computing

Abstrac