Enabling secure discovery with attribute based encryption

This paper concentrates on providing a scalable solution for securing the service
discovery mechanisms deployed in dynamic and self-organizing systems like
those found in ubiquitous computing or semantic web based scenarios. Service
discovery is rendered necessary when clients need to locate services they can describe
but that they do not necessarily know, thereby rendering PKI based solutions,
which require a preliminary key distribution, awkward and contrived. In
contrast, the new concept of Attribute Based Encryption, derived from Identity
Based Encryption schemes, makes it possible to secure communications with unknown
services based solely on their description, and in a peer-to-peer fashion,
that is, without the introduction of any additional trusted third party like a registry.
This technique is at the core of the mechanism we propose for securing the peerto-
peer discovery of services. This paper first reviews which security properties
are expected from this architecture. It then goes on to detail how to integrate this
mechanism within the WS-Discovery Web Service protocol. Preliminary experimental
results based on an implementation of this extended protocol are finally presented.