Security and privacy in ubiquitous computing


The research area of mobile computing has become more important following the widespread drive towards mobile ad hoc networks, wireless sensor networks, and vehicular ad hoc network tracking technologies and their applications. The availability of high-bandwidth 3/4G infrastructures and the pervasive deployment of low-cost WiFi WiMAX infrastructures to create hotspots around the world serve to accelerate the development of mobile computing toward ubiquitous computing. Security and privacy in converged computing systems are considered an important part of these systems and pose challenging open problems. This special issue has focused on the research challenges and issues in security and privacy in ubiquitous computing. Of the submitted manuscripts, only eight manuscripts of high quality were finally selected for this special issue. Each manuscript was selected through blind reviews by at least three reviewers consisting of guest editors and external reviewers. We present a brief overview of each manuscript in the following paragraphs.

Interconnection and roaming are two key services in typical multi-domain mobile network environments. However, these types of environments can be composed of entities with different inter-domain security policies with location and mobility constraints. In the paper entitled “XFPM-RBAC: XML Based Specification Language for Security Policies in Multi-Domain Mobile Networks”, a formal XML-based Formal Policy language for Mobility with Role-Based Access Control is proposed. In this setting, security policies together with location and mobility constraints are based on Ambient Calculus and Ambient Logic. A security policy management application has also been developed for the specification and administration of security policies. A case study is also included to illustrate the feasibility of the developed tools.

In the paper entitled “TrustVis: Visualizing Trust towards Attack Identification in Distributed Computing Environments”, the authors present a tool used to identify attack nodes in distributed computing environments. The authors first analyze the behaviors of existing types of attacks and then present their visualized trust relations. Their tool consists of three components, and their visualized figures can be to determine relation trust relations between trusted nodes and suspicious nodes. The authors give case studies of how their tool works and demonstrate effectiveness and efficiency of their tool in determining attack nodes and types of attacks.

Online social networks (OSNs) have revolutionized frequent interactions between their users. Most of these networks require full or partial disclosure of users' data, and enhanced privacy is a key required feature for such content-centric systems. In the paper entitled “DEFF: a New Architecture for Private Online Social Networks”, the authors propose a mediated architecture for OSNs that protects users' information from both the OSN provider and unauthorized OSN users. This mediated architecture takes advantage of a semi-trusted proxy server, who is also responsible for most computationally intensive operations. User information can be shared with other users in a dynamic, efficient, and flexible set-up over which the user can exercise fine-grained control.

Scalable authenticated group key transfer protocols are an important aspect of any secure group communication setting. In the paper entitled “Improved group key transfer protocols from Harn et al.'s protocol”, the authors present a secret sharing threshold scheme for which the size of the broadcasted message from the Key Generation Center (KGC) is fixed, and each group member only needs to compute an interpolating polynomial of fixed degree to recover the group key. Focusing on key freshness, authentication, and confidentiality, the paper gives proofs of security against both insider and outsider attackers and in its improved version, that is, the second protocol, against untrustworthy KGC.

The new generation of mobile networks, particularly 4G-LTE, uses an all-internet protocol base to provide a very high data bit rate. However, this also makes these types of networks vulnerable to IP-based attacks. In the paper entitled “A Secure, Efficient and Cost-effective Distributed Architecture for Spam Mitigation on LTE 4G Mobile Networks”, the authors study one such attack: SMTP SPAM flooding denial-of-service attacks. The paper suggests a pattern detection approach to detect and mitigate effects of such attacks on LTE networks. The proposed architecture is proven to be secure, efficient, and cost-effective both using a formal analysis approach and also by results obtained using simulations of both centralized and distributed architectures.

Today, radio-frequency identification (RFID) systems are widely used in a variety of security-sensitive applications such as access control, the payment industry, and many others. An important class of attacks on these types of systems is that of relay attacks, as they can bypass many existing security and cryptographic solutions. Distance bounding protocols have been suggested as a possible solution to this problem that takes advantage of the physical operational requirements of such systems. However, vulnerabilities of low-cost implementations of such protocols have been observed in the literature by various authors. A recently proposed protocol named “Hitomi” had tried to address these vulnerabilities by using non-linear composition of secrets and inclusion of more nonce. This issue includes two papers with proposed solutions to relay attacks.

In the first paper entitled “Non-linearity Cannot Help RFID Resist to Full Disclosure Attacks and Terrorist Fraud Attack”, the authors closely examine Hitomi and other proposed solutions in the literature and their shortcomings and show that using a conventional linear composition of secrets provides a more secure solution than those using non-linear composition.

In the second paper, entitled “Chaotic Masking for Securing RFID Systems against Relay Attacks”, the authors propose a simple but secure masking scheme that counters the relay attack in RFID systems that uses physical characteristics of the communicated signals. This scheme is the first solution based on the chaos suppression theory. The chaotic characteristic of a dynamic Lorenz controller is exploited to distinguish a legitimate RFID reader from a proxy reader in the relay attack. Simulation results of the paper show applicability of the proposed approach in existing RFID systems.

Secure and efficient handover and authentication represent two important operational challenges for any mobile network. Many current solutions to these two services treat them separately, hence ignoring the direct performance impact of one on the other. In the paper entitled “Efficient Identity-based Hierarchical Access Authentication Protocol for Mobile Network”, the authors introduce a secure and efficient hierarchical identity-based access authentication protocol to address these issues concurrently. The protocol does not require management of certificates because of its ID-base set-up, and allows for precomputing of time-consuming signing and verification parameters to lower handover delays. Theoretical analysis and simulation results show significant improvement over existing work in the literature.

The guest editors would like to thank all the authors who have submitted their work to this special issue, and all the anonymous reviewers who assisted with the review process. We are also deeply grateful to Prof. Hsiao-Hwa Chen, the editor-in-chief of this journal, for giving us the opportunity to organize this special issue and for his support and that of the publishing staff at Wiley for their help throughout this process.


  • Image of creator

    Ali Miri has been a full professor and associate chair at the School of Computer Science, Ryerson University, Toronto, since 2009. He has also been with the School of Electrical Engineering and Computer Science and the Department of Mathematics and Statistics of the University of Ottawa since 2001 as a Professor, and beginning in 2010 as an Adjunct Professor. His research interests include computer networks, digital communication, and security and privacy technologies and their applications. He is the author and co-author of more than 140 peer-reviewed papers in international conferences and journals, four books, and two patents. Dr. Miri has also served on more than 50 organizing and technical program committees of international conferences and workshops, and has chaired a number of events including SAC 2007 and 2011, IEEE WiMob 2010, PST 2010, CWIT 2009, and WSAN 2008. He has served on the editorial board the International Journal on Advances in Internet Technology, as a guest editor for the Journal of Ad Hoc and Sensor Wireless Networks, and the Journal of Telecommunications Systems, and is currently serving on the editorial board of the Canadian Journal of Electrical and Computer Engineering (CJECE). He is a member of Professional Engineers Ontario and a senior member of IEEE.

  • Image of creator

    Abderrahim Benslimane is full professor of computer science and engineering at the University of Avignon (France) since September 2001. He is attributed the French award of Scientific Excellency (2011–2014). He has been as associate professor at the University of Technology of Belfort-Montbliard since September 1994. He obtained the title to supervise researches (HDR 2000) from the University of Cergy-Pontoise, France. He received the PhD degree (1993), DEA (MS 1989) from the Franche-Comte University of Besanon, and BS (1987) from the University of Nancy, all in computer science. His research and teaching interests are in wireless ad-hoc and sensor networks. Particularly, he works on multicast routing, inter-vehicular communications, quality of service, energy conservation, localization, intrusion detection, and MAC layer performance evaluation. He has several refereed international publications (book, journals, and conferences) in all those domains. He has served as technical program chair and co-chair, member of a number of international conferences. He has been a reviewer of a great number of journals, of national research projects sponsored by the ANR French agency of researches, and an ARES expert of French Laboratories. He is involved in many national and international projects. He is member of several editorial boards of international journals. He chairs many IEEE international conferences. He participates to the steering and the program committee of many IEEE international conferences. He is elected member of the CA of the IEEE French section, vice-president of the France IEEE student activities, and he was publications vice-chair of the IEEE ComSoc Communications and Information Security technical committee (2009–2011).

  • Image of creator

    Nen-Fu (Fred) Huang received the PhD degree in computer science from National Tsing Hua University (NTHU), Taiwan, in 1986. From 1997–2000, he was the chairman of the Department of Computer Science, NTHU, and since 2008, he is a distinguished professor of NTHU. His current research interests include Cloud/p2p-based interactive video streaming technologies, network security, high-speed switch/router, mobile and wireless networks, and IPv6 enable sensor networks. From 1997–2003, he was the editor of the Journal of Information Science and Engineering. He also served as the guest editor of IEEE JAC special issue on “Wireless overlay networks based on Mobile IPv6” in 2004. Since 2008, he serves as editor of the Journal of Security and Communication Networks. He received the Outstanding Teaching Award from the NTHU in 1993, 1998, and 2008, the Outstanding University/Industrial Cooperating Award from Ministry of Education, Taiwan, in 1998, and Outstanding IT people Award from ITmonth, China, in 2002. He received the Technology Transfer Award from National Science Council (NSC) of Taiwan in 2004. He received the Technology Creative Award from Computer and Communication Research Center (CCRC), NTHU, in 2005, and the Outstanding University/Idustrial Collaboration Award from the NTHU in 2010. He also served as a program chair for the 14th International Conference on Information Networks (ICOIN-14) in 2000 and Taiwan Academical Network Conference, TANET2002. He is the founder of Broadweb Corp. (, and from 2002 to 2006, he served as the CEO and Chairman of Broadweb. He is also the founder of NetXtream Corp. ( Dr. Huang has published more than 200 journal and conference papers, including more than 50 papers in IEEE INFOCOM/ICC/GLOBECOM conferences. He is a senior member of the IEEE.