Securing Distributed Context Exchange Networks in Mobile Environments

Abstract: The use of the internet has exploded with many more context aware applications for different services, simplifying the use and access for human requirements. The present situation shows an increasing number of devices from computers to sensors and actuators that are connected to the internet. MediaSense[1] is a growing framework that provides a platform for applications to connect these devices (smart-phones, sensors, actuators etc.) and provide services using the internet. Applications based on the MediaSense[1] framework access globally available sensors to provide contextual information with regards to a situation and provide better services. However, information flowing between the devices or sensors are open to the internet without any security. Thus, the focus of this thesis is on the development of a security mechanism for the MediaSense framework which is a fully distributed network. The task involves analyzing the security measures with and without centralized authority as well as the advantages and disadvantages of both scenarios regarding the MediaSense framework and proposing appropriate solutions to achieve the maximum possible security on the framework. The first challenge of this thesis is to identify different properties required for a security mechanism which is capable of secure key distribution and secure peer to peer communication among MediaSense instances without having any centralized authority. Therefore, this thesis proposes a resilient solution, namely, a security architecture for MediaSense which is capable of performing in a distributed environment with the ability of key distribution and management and thus securing the communication using different encryption techniques. The next challenge to the security architecture is to store the keys securely and prevent any unauthorized access from a third party. The thesis proposes the use of built in Java Application Programming Interface(API), “KeyStore” to store valuable keys locally. Thus, by addressing these challenges and other related issues, this thesis forms a security architecture or mechanism that is adaptive to a distributed system and utilizes encryption algorithms, key distribution and secure storage of the keys. To support these proposals, this thesis has developed a proof of concept application and prototypes to verify the approach. In addition, the thesis has implemented security features from the security architecture as an extension to the MediaSense framework. Hence, in conclusion, this thesis proposal regarding a security architecture for MediaSense has the ability to provide the necessary security together with the required key distribution mechanism to the framework without any centralized authority.