Building a Trusted Location Service for Pervasive Computing Environments

Locationand context-awareness significantly enhance the functionality of pervasive computing services and applications, and enrich the way they interact with users and resources in the environment. Much of this functionality depends on validating context information and using it for granting access to data or resources. Since location and context services are usually composed of various distributed components spread throughout the pervasive environment, it is essential to develop a threat model that can be used as basis for developing a trustworthy platform for managing location and context information. In this paper we examine the various ways that trust can be incorporated and asserted in a location service for a pervasive environment. We specify the trust requirements for a non-forgeable location service for a pervasive computing space. Our approach is unique in that it is based on certification of behavior rather than a traditional reputation-based approach to trust. In our system, trust in a particular component is derived from its ability to attest that its actions meet the trust requirements.