pith. sign in

arxiv: 1907.05214 · v1 · pith:PRRRSWJJnew · submitted 2019-07-11 · 💻 cs.CR

Challenges and Directions for Authentication in Pervasive Computing

Artur Souza , Ant\^onio A. F. Loureiro , Leonardo B. Oliveira This is my paper

Pith reviewed 2026-05-24 23:17 UTC · model grok-4.3

classification 💻 cs.CR
keywords pervasive computingauthenticationsecurityapplication scenariosheterogeneityreviewdevice constraints
0
0 comments X

The pith

Pervasive computing applications have distinct characteristics that determine which authentication methods suit each scenario, ruling out any single universal solution.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper reviews multiple pervasive application scenarios and extracts their key characteristics such as device heterogeneity and resource limits. It surveys the strengths and weaknesses of several authentication methods drawn from the literature. It then matches methods to scenarios according to how well each method aligns with those characteristics. This produces concrete directions for authentication design in each reviewed setting. A reader would care because a pervasive future with many surrounding devices requires security that actually works in those varied contexts rather than in theory alone.

Core claim

The high heterogeneity of pervasive computing applications makes a single authentication solution unfeasible. The paper therefore identifies the key characteristics of each pervasive application scenario, reviews the strengths and weaknesses of prominent authentication methods from the literature, and identifies which authentication methods are well suited for each application scenario based on the identified characteristics.

What carries the argument

The three-step matching process that first extracts scenario characteristics, then evaluates method trade-offs, and finally assigns suitable methods to each scenario.

If this is right

  • Authentication design for each pervasive scenario can now start from the methods the paper flags as compatible rather than from scratch.
  • New pervasive applications can be classified by the same characteristics to inherit the suggested methods.
  • Research effort can focus on refining the matched methods for the constraints of their assigned scenarios.
  • Standards bodies can use the mappings to recommend different authentication profiles for different device classes.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same characteristic-based matching could be applied to newer scenarios such as edge computing clusters or augmented-reality overlays.
  • If the mappings hold, hybrid systems that switch authentication methods when a device moves between scenarios become worth prototyping.
  • The review implies that authentication research should prioritize methods that can be tuned to multiple characteristics rather than optimized for one.

Load-bearing premise

The key characteristics identified for each pervasive application scenario are sufficient to determine suitability of authentication methods and that the reviewed methods from the literature adequately represent the prominent options.

What would settle it

An experiment or deployment showing that a method rated unsuitable for a given scenario actually succeeds there while a matched method fails would falsify the matching.

Figures

Figures reproduced from arXiv: 1907.05214 by Ant\^onio A. F. Loureiro, Artur Souza, Leonardo B. Oliveira.

Figure 1
Figure 1. Figure 1: Example of pervasive computing in the context of vehicular networks. Notably, authentication is a critical security property for pervasive computing sys￾tems. Authentication ensures that devices can verify the header (source authentication) and content (data authentication) of messages received [52]. This forms the basis for se￾cure communication channels, since it allows devices to trust messages exchange… view at source ↗
read the original abstract

We quickly approach a "pervasive future" where pervasive computing is the norm. In this scenario, humans are surrounded by a multitude of heterogeneous devices that assist them in almost every aspect of their daily routines. The realization of this future demands strong authentication guarantees to ensure that these devices are not abused and that their users are not endangered. However, providing authentication for these systems is a challenging task due to the high heterogeneity of pervasive computing applications. This heterogeneity makes it unfeasible to propose a single authentication solution for all of the pervasive computing applications. In this paper, we review several pervasive application scenarios and promising authentication methods for each. To do this, we first identify the key characteristics of each pervasive application scenario. Then, we review the strengths and weaknesses of prominent authentication methods from the literature. Finally, we identify which authentication methods are well suited for each application scenario based on the identified characteristics. Our goal is to provide promising directions to be explored for authentication in each of these scenarios.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

0 major / 2 minor

Summary. The paper reviews pervasive application scenarios, identifies key characteristics of each, surveys the strengths and weaknesses of prominent authentication methods from the literature, and maps suitable methods to each scenario based on those characteristics, with the goal of providing directions for authentication research in heterogeneous pervasive systems.

Significance. If the scenario coverage and method assessments prove comprehensive, the structured mapping could serve as a useful reference for selecting authentication approaches suited to the diversity of pervasive computing applications rather than seeking a single universal solution.

minor comments (2)
  1. [Abstract] Abstract: the phrase 'several pervasive application scenarios' is vague; specifying the exact scenarios reviewed (and their selection criteria) would clarify the scope of the survey.
  2. The manuscript structure (scenarios → characteristics → method review → suitability) is logical, but the transition between sections could be strengthened with explicit cross-references to ensure readers can trace how each characteristic influences the suitability judgments.

Simulated Author's Rebuttal

0 responses · 0 unresolved

We thank the referee for their positive summary of the manuscript, recognition of its potential utility as a reference for authentication method selection in heterogeneous pervasive systems, and recommendation of minor revision. No major comments were provided in the report.

Circularity Check

0 steps flagged

No significant circularity; qualitative survey with explicit mapping

full rationale

The paper performs a standard literature survey: it enumerates pervasive scenarios, lists their characteristics, reviews authentication methods from the literature, and states suitability mappings. All steps are carried out explicitly inside the manuscript with no equations, fitted parameters, predictions, or theorems. No load-bearing self-citation chain exists; the central claim is simply the authors' own qualitative synthesis, which does not reduce to its inputs by construction.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

This is a survey paper with no new mathematical claims, parameters, or entities introduced.

pith-pipeline@v0.9.0 · 5702 in / 861 out tokens · 17991 ms · 2026-05-24T23:17:44.503846+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

57 extracted references · 57 canonical work pages

  1. [1]

    Ad Hoc Networks 3(3), 325 – 349 (2005)

    Akkaya, K., Younis, M.: A Survey on Routing Protocols for Wireless Sensor Networks. Ad Hoc Networks 3(3), 325 – 349 (2005)

    work page 2005

  2. [2]

    Akyildiz, I.F., Vuran, M.C.: Wireless sensor networks, vol. 4. John Wiley & Sons (2010)

    work page 2010

  3. [3]

    In: Asiacrypt (2003)

    Al-Riyami, S.S., Paterson, K.G.: Certificateless Public Key Cryptography. In: Asiacrypt (2003)

    work page 2003

  4. [4]

    IEEE Communications Magazine54(2), 98–104 (2016)

    Amadeo, M., Campolo, C., Molinaro, A.: Information-Centric Networking for Connected Vehicles: a Survey and Future Perspectives. IEEE Communications Magazine54(2), 98–104 (2016)

    work page 2016

  5. [5]

    In: USENIX Security Symposium

    Antonakakis, M., April, T., Bailey, M., Bernhard, M., Bursztein, E., Cochran, J., Durumeric, Z., Halderman, J.A., Invernizzi, L., Kallitsis, M., et al.: Understanding the Mirai Botnet. In: USENIX Security Symposium. pp. 1092–1110 (2017)

    work page 2017

  6. [6]

    In: Proceedings of the 2005 IEEE International Symposium on, Mediterranean Conference on Control and Automation Intelligent Control, 2005

    Arampatzis, T., Lygeros, J., Manesis, S.: A Survey of Applications of Wireless Sensors and Wireless Sensor Networks. In: Proceedings of the 2005 IEEE International Symposium on, Mediterranean Conference on Control and Automation Intelligent Control, 2005. (2005)

    work page 2005

  7. [7]

    Computer networks 54(15), 2787–2805 (2010)

    Atzori, L., Iera, A., Morabito, G.: The Internet of Things: A survey. Computer networks 54(15), 2787–2805 (2010)

    work page 2010

  8. [8]

    In: Local Computer Networks (LCN), 2010 IEEE 35th Conference on

    Bauza, R., Gozalvez, J., Sanchez-Soriano, J.: Road traffic congestion detection through co- operative vehicle-to-vehicle communications. In: Local Computer Networks (LCN), 2010 IEEE 35th Conference on. pp. 606–612. IEEE (2010)

    work page 2010

  9. [9]

    Springer (2009)

    Bernstein, D.J.: Introduction to Post-quantum Cryptography. Springer (2009)

    work page 2009

  10. [10]

    In: Interna- tional Cryptology Conference on Advances in Cryptology (CRYPTO) (2001)

    Boneh, D., Franklin, M.K.: Identity-Based Encryption from the Weil Pairing. In: Interna- tional Cryptology Conference on Advances in Cryptology (CRYPTO) (2001)

    work page 2001

  11. [11]

    Advances in Cryptology—ASIACRYPT 2001 pp

    Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. Advances in Cryptology—ASIACRYPT 2001 pp. 514–532 (2001)

    work page 2001

  12. [12]

    In: Conference on the Theory and Applications of Crypto- graphic Techniques (2007)

    Boyen, X.: Mesh Signatures. In: Conference on the Theory and Applications of Crypto- graphic Techniques (2007)

    work page 2007

  13. [13]

    In: International Conference on Financial Cryptography

    Brown, D.R., Gallant, R., Vanstone, S.A.: Provably Secure Implicit Certificate Schemes. In: International Conference on Financial Cryptography. pp. 156–165. Springer (2001)

    work page 2001

  14. [14]

    Post- Quantum Cryptography pp

    Buchmann, J., Dahmen, E., Szydlo, M.: Hash-based digital signature schemes. Post- Quantum Cryptography pp. 35–93 (2009)

    work page 2009

  15. [15]

    In: Cyber Security and Privacy Forum (2015)

    Butin, D., Gazdag, S.L., Buchmann, J.: Real-World Post-Quantum Digital Signatures. In: Cyber Security and Privacy Forum (2015)

    work page 2015

  16. [16]

    In: Distributed Computing Systems Workshops, 2008

    Cardenas, A.A., Amin, S., Sastry, S.: Secure control: Towards survivable cyber-physical sys- tems. In: Distributed Computing Systems Workshops, 2008. ICDCS’08. 28th International Conference on. pp. 495–500. IEEE (2008)

    work page 2008

  17. [17]

    Springer Science & Business Media (2011)

    Chatterjee, S., Sarkar, P.: Identity-Based Encryption. Springer Science & Business Media (2011)

    work page 2011

  18. [18]

    In: Advances in Cryptol- ogy—EUROCRYPT’91 (1991)

    Chaum, D., Van Heyst, E.: Group Signatures. In: Advances in Cryptol- ogy—EUROCRYPT’91 (1991)

    work page 1991

  19. [19]

    In: Intelligent Information Hiding and Multi- media Signal Processing (IIH-MSP), 2010 Sixth International Conference on

    Derawi, M.O., Nickel, C., Bours, P., Busch, C.: Unobtrusive User-Authentication on Mobile Phones Using Biometric Gait Recognition. In: Intelligent Information Hiding and Multi- media Signal Processing (IIH-MSP), 2010 Sixth International Conference on. pp. 306–311. IEEE (2010)

    work page 2010

  20. [20]

    Di Pietro, R., Mancini, L.V .: Security and Privacy Issues of Handheld and Wearable Wireless Devices. Commun. ACM 46(9), 74–79 (2003)

    work page 2003

  21. [21]

    Ad Hoc Networks37, 122 – 132 (2016) 14 Artur Souza et al

    F ¨orster, D., Kargl, F., L¨ohr, H.: PUCA: A Pseudonym Scheme with Strong Privacy Guaran- tees for Vehicular Ad-Hoc Networks. Ad Hoc Networks37, 122 – 132 (2016) 14 Artur Souza et al

    work page 2016

  22. [22]

    In: International Conference on Green, Perva- sive, and Cloud Computing (GPC)

    Galdi, C., Nappi, M., Dugelay, J.L.: Secure User Authentication on Smartphones via Sensor and Face Recognition on Short Video Clips. In: International Conference on Green, Perva- sive, and Cloud Computing (GPC). pp. 15–22. Springer (2017)

    work page 2017

  23. [23]

    In: ICASSP (2013)

    Garg, R., Hajj-Ahmad, A., Wu, M.: Geo-Location Estimation from Electrical Network Fre- quency Signals. In: ICASSP (2013)

    work page 2013

  24. [24]

    In: Conference on Computer and Communications Secu- rity (CCS) (2006)

    Goyal, V ., Pandey, O., Sahai, A., Waters, B.: Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data. In: Conference on Computer and Communications Secu- rity (CCS) (2006)

    work page 2006

  25. [25]

    In: Interna- tional Conference on Cryptology in Africa (2013)

    H ¨ulsing, A.: W-OTS+–Shorter Signatures for Hash-based Signature Schemes. In: Interna- tional Conference on Cryptology in Africa (2013)

    work page 2013

  26. [26]

    In: IEEE Consumer Communications and Networking Conference (2008)

    Jakubiak, J., Koucheryavy, Y .: State of the Art and Research Challenges for V ANETs. In: IEEE Consumer Communications and Networking Conference (2008)

    work page 2008

  27. [27]

    Wireless Networks 20(8), 2481–2501 (2014)

    Jing, Q., Vasilakos, A.V ., Wan, J., Lu, J., Qiu, D.: Security of the Internet of Things: Per- spectives and Challenges. Wireless Networks 20(8), 2481–2501 (2014)

    work page 2014

  28. [28]

    International Journal of Information Security 1(1), 36–63 (2001)

    Johnson, D., Menezes, A., Vanstone, S.: The Elliptic Curve Digital Signature Algorithm (ECDSA). International Journal of Information Security 1(1), 36–63 (2001)

    work page 2001

  29. [29]

    IEEE communications surveys & tutorials 13(4), 584–616 (2011)

    Karagiannis, G., Altintas, O., Ekici, E., Heijenk, G., Jarupan, B., Lin, K., Weil, T.: Vehicular Networking: A Survey and Tutorial on Requirements, Architectures, Challenges, Standards and Solutions. IEEE communications surveys & tutorials 13(4), 584–616 (2011)

    work page 2011

  30. [30]

    In: Vehicular Networking Conference (VNC) (2015)

    Kargl, F., Waldschmidt, C., Moser, S., Slomka, F., et al.: Wireless Channel-Based Message Authentication. In: Vehicular Networking Conference (VNC) (2015)

    work page 2015

  31. [31]

    In: International Conference on Embedded Networked Sensor Systems (SenSys) (2004)

    Karlof, C., Sastry, N., Wagner, D.: TinySec: A Link Layer Security Architecture for Wireless Sensor Networks. In: International Conference on Embedded Networked Sensor Systems (SenSys) (2004)

    work page 2004

  32. [32]

    International Journal of Network Management (2017)

    Kaur, R., Kaur, N., Sood, S.K.: Security in IoT Network Based on Stochastic Game Net Model. International Journal of Network Management (2017)

    work page 2017

  33. [33]

    In: Object oriented real-time dis- tributed computing (isorc), 2008 11th ieee international symposium on

    Lee, E.A.: Cyber Physical Systems: Design Challenges. In: Object oriented real-time dis- tributed computing (isorc), 2008 11th ieee international symposium on. pp. 363–369 (2008)

    work page 2008

  34. [34]

    In: Workshop on Security of Ad Hoc and Sensor Networks (SASN) (2006)

    Luk, M., Perrig, A., Whillock, B.: Seven Cardinal Properties of Sensor Network Broadcast Authentication. In: Workshop on Security of Ad Hoc and Sensor Networks (SASN) (2006)

    work page 2006

  35. [35]

    In: CT-RSA (2011)

    Maji, H.K., Prabhakaran, M., Rosulek, M.: Attribute-Based Signatures. In: CT-RSA (2011)

    work page 2011

  36. [36]

    CRC press (1996)

    Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC press (1996)

    work page 1996

  37. [37]

    In: SenSys (2016)

    Neto, A.L.M., Souza, A.L., Cunha, I., Nogueira, M., Nunes, I.O., Cotta, L., Gentille, N., Loureiro, A.A., Aranha, D.F., Patil, H.K., Oliveira, L.B.: AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle. In: SenSys (2016)

    work page 2016

  38. [38]

    The Computer Journal 55(4), 384–396 (2011)

    Oliveira, L.B., Kansal, A., Gouv ˆea, C.P., Aranha, D.F., L´opez, J., Priyantha, B., Goraczko, M., Zhao, F.: Secure-TWS: Authenticating Node to Multi-User Communication in Shared Sensor Networks. The Computer Journal 55(4), 384–396 (2011)

    work page 2011

  39. [39]

    In: International Conference on Green, Pervasive, and Cloud Computing (GPC)

    Ouechtati, H., Azzouna, N.B.: Trust-ABAC Towards an Access Control System for the In- ternet of Things. In: International Conference on Green, Pervasive, and Cloud Computing (GPC). pp. 75–89. Springer (2017)

    work page 2017

  40. [40]

    Wireless networks 8(5), 521–534 (2002)

    Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V ., Culler, D.E.: SPINS: Security Protocols for Sensor Networks. Wireless networks 8(5), 521–534 (2002)

    work page 2002

  41. [41]

    In: Vehicular Tech- nology Conference, 2008

    Qian, Y ., Moayeri, N.: Design of secure and application-oriented vanets. In: Vehicular Tech- nology Conference, 2008. VTC Spring 2008. IEEE. pp. 2794–2799. IEEE (2008)

    work page 2008

  42. [42]

    In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (2011)

    Raij, A., Ghosh, A., Kumar, S., Srivastava, M.: Privacy Risks Emerging from the Adoption of Innocuous Wearable Sensors in the Mobile Environment. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (2011)

    work page 2011

  43. [43]

    Journal of Computer Security 15(1), 39–68 (2007) Challenges and Directions for Authentication in Pervasive Computing 15

    Raya, M., Hubaux, J.P.: Securing vehicular ad hoc networks. Journal of Computer Security 15(1), 39–68 (2007) Challenges and Directions for Authentication in Pervasive Computing 15

    work page 2007

  44. [44]

    Advances in Cryptol- ogy—ASIACRYPT 2001 (2001)

    Rivest, R., Shamir, A., Tauman, Y .: How to Leak a Secret. Advances in Cryptol- ogy—ASIACRYPT 2001 (2001)

    work page 2001

  45. [45]

    SECSI-Secure Component and System Identification, Berlin, Germany (2008)

    Rohde, S., Eisenbarth, T., Dahmen, E., Buchmann, J., Paar, C.: Efficient hash-based signa- tures on embedded devices. SECSI-Secure Component and System Identification, Berlin, Germany (2008)

    work page 2008

  46. [46]

    In: CCS (2013)

    Rostami, M., Juels, A., Koushanfar, F.: Heart-to-Heart (H2H): Authentication for Implanted Medical Devices. In: CCS (2013)

    work page 2013

  47. [47]

    Proceedings of the IEEE 105(2), 219–240 (2017)

    Satchidanandan, B., Kumar, P.: Dynamic watermarking: Active defense of networked cyber– physical systems. Proceedings of the IEEE 105(2), 219–240 (2017)

    work page 2017

  48. [48]

    IEEE Personal Communications 8(4), 10–17 (2001)

    Satyanarayanan, M., et al.: Pervasive computing: Vision and challenges. IEEE Personal Communications 8(4), 10–17 (2001)

    work page 2001

  49. [49]

    Computer 46(1), 36–45 (2013)

    Schirner, G., Erdogmus, D., Chowdhury, K., Padir, T.: The Future of Human-in-the-Loop Cyber-Physical Systems. Computer 46(1), 36–45 (2013)

    work page 2013

  50. [50]

    In: International Cryptol- ogy Conference on Advances in Cryptology (CRYPTO) (1984)

    Shamir, A.: Identity-based Cryptosystems and Signature Schemes. In: International Cryptol- ogy Conference on Advances in Cryptology (CRYPTO) (1984)

    work page 1984

  51. [51]

    International Journal of Network Management pp

    Souza, A., Cunha, ´I., B Oliveira, L.: NomadiKey: User Authentication for Smart Devices based on Nomadic Keys. International Journal of Network Management pp. e1998–n/a (2017)

    work page 2017

  52. [52]

    CRC/C&H (2002)

    Stinson, D.: Cryptography: Theory and Practice. CRC/C&H (2002)

    work page 2002

  53. [53]

    Consumer Electronics Magazine3(3), 53–56 (2014)

    Wei, J.: How Wearables Intersect with the Cloud and the Internet of Things: Considerations for the Developers of Wearables. Consumer Electronics Magazine3(3), 53–56 (2014)

    work page 2014

  54. [54]

    Computer Networks 55(14), 3103–3119 (2011)

    Weiß, C.: V2X Communication in Europe–From Research Projects Towards Standardiza- tion and Field Testing of Vehicle Communication Technology. Computer Networks 55(14), 3103–3119 (2011)

    work page 2011

  55. [55]

    In: Conference on Embedded Networked Sensor Systems (SenSys) (2017)

    Wu, M., Quint ˜ao Pereira, F., Liu, J., Ramos, H., Alvim, M., Oliveira, L.: New Directions: Proof-Carrying Sensing — Towards Real-World Authentication in Cyber-Physical Systems. In: Conference on Embedded Networked Sensor Systems (SenSys) (2017)

    work page 2017

  56. [56]

    In: Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies (2002)

    Ye, W., Heidemann, J., Estrin, D.: An Energy-Efficient MAC Protocol for Wireless Sensor Networks. In: Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies (2002)

    work page 2002

  57. [57]

    In: Interna- tional Conference on Web Services (ICWS) (2005)

    Yuan, E., Tong, J.: Attributed Based Access Control (ABAC) for Web Services. In: Interna- tional Conference on Web Services (ICWS) (2005)

    work page 2005