Security in Pervasive Computing

This volume contains the papers presented at the 2nd International Conference on Se- rityinPervasiveComputing(SPC2005)heldApril6 8,2005inBoppard,Germany.The objective of this second conference was to develop new security concepts for complex application scenarios based on systems like handhelds, phones, smartcards, RFID-chips andsmartlabelshandinhandwiththeemergingtechnologyofubiquitousandpervasive computing. In particular the conference focused on methods and technologies conce- ing the identi?cation of risks, the de?nition of security policies, and the development of security and privacy measures, especially cryptographic protocols that are related to speci?c aspects of ubiquitous and pervasive computing like mobility, location-based services,adhocnetworking,resourceallocation/restriction,invisibility,andsecureha- ware/software platforms. We received 48 submissions. Each submission was reviewed by three independent reviewers and an electronic Program Committee meeting was held via the Internet. We are very grateful to the Program Committee members for their ef?ciency in processing the work and also for the quality of their reviews and discussions. Finally the Program Committee decided to accept 14 long papers and 3 short papers. Apart from the Program Committee, we would like to thank also the other persons who contributed to the success of this conference: the additional referees for revi- ing the papers, the authors for submitting the papers, and the local organizers, and in particular Hans-Peter Wagner, for the local organization of the conference in Boppard. SPC 2005 was hosted by the Bundesakademie fur of fentlicheVerwaltung of the Federal Ministry of the Interior, and was sponsored by the DFKI and BSI.

Inhalt
Invited Talk (Abstract).- Pervasive Computing A Case for the Precautionary Principle?.- Session 1: Smart Devices and Applications.- TENeT: A Framework for Distributed Smartcards.- P2P Digital Value Fair Trading System Using Smart Cards.- Devices Are People Too Using Process Patterns to Elicit Security Requirements in Novel Domains: A Ubiquitous Healthcare Example.- Invited Talk (Abstract).- Securing Ad Hoc Networks.- Session 2: Short Paper Session.- Secure Identity Management for Pseudo-Anonymous Service Access.- Security Issues for Pervasive Personalized Communication Systems.- Safeguards in a World of Ambient Intelligence.- Session 3: Authentication (I).- Challenge-Response Based RFID Authentication Protocol for Distributed Database Environment.- Invited Talk (Abstract).- Security Concept of the EU-Passport.- Session 4: Authentication (II).- Efficient Cooperative Signatures: A Novel Authentication Scheme for Sensor Networks.- Ephemeral Pairing on Anonymous Networks.- Invited Talk (Abstract).- EPC Technology.- Session 5: Authentication (III).- Exploiting Empirical Engagement in Authentication Protocol Design.- Supporting Dynamically Changing Authorizations in Pervasive Communication Systems.- Look Who's Talking Authenticating Service Access Points.- Invited Talk (Abstract).- Security Issues of Mobile Devices.- Session 6: Privacy and Anonymity.- Privacy for Profitable Location Based Services.- On the Anonymity of Periodic Location Samples.- Session 7: Access Control and Information Flow.- A Theorem Proving Approach to Analysis of Secure Information Flow.- An Efficient Access Control Model for Mobile Ad-Hoc Communities.- TrustAC: Trust-Based Access Control for Pervasive Devices.