Security, Trust and Privacy in Pervasive Computing

New models of distributed communication and computation are being introduced, leading to distributed systems that are *open* in that they do not pre-identify a set of known participants, and *dynamic* in that the participants change regularly, and not just due to occasional failures. Pervasive Computing systems are an obvious instance of such environments, as are Web Services. It is interesting to note that this evolution is occurring at several levels -- communication, infrastructure and application. These systems must exchange information about services offered and sought and their associated security and privacy policies, negotiate for information sharing, establish trust, and monitor for and report on suspicious or anomalous behavior. A new grand challenge thus emerges --securing these open dynamic environments. Without appropriate security, privacy and trust mechanisms, these exciting new ideas will be hobbled and the applications they enable will not be deployed or be found socially acceptable. Addressing this grand challenge will require contributions not just from diverse areas within computer science, but also from other disciplines such as policy, law, and various social sciences. In this talk, we will explore the issues involved, and describe work being done by UMBC's Ebiquity group to address some of them. -