Privacy-preserving protocol for smart space services with negotiable comfort preferences

Abstract

In this paper an architecture and a protocol for secure and privacy-preserving service usage in smart spaces are presented. Comfort preferences that are defined and stored on end-users mobile devices are subject to negotiations. The approach relies on a single trusted party operating as a public service in the “security infrastructure as a service” model. It is designed to assure resilience against attacks on users privacy from the side of service providers (SPs), user’s attempts to use the services in an unauthorized manner, user’s attempts to violate payment policies, as well as payment authority’s attacks on privacy of users’ payment patterns. From the SP perspective, the proposed approach minimizes the risk of unauthorized service usage, or denial of service attacks. All players benefit from the fast and secure micropayments allowing for pay-per-use model implementation, which is natural in ubiquitous services usage scenarios.