Ownership Authentication Transfer Protocol for Ubiquitous Computing Devices

Abstract: In ubiquitous computing devices, users tend to store some valuable information in their device. Even though the device can be borrowed by the other user temporarily, it is not safe for any user to borrow or lend the device as it may result the private data of the user to be public. To safeguard the user data and also to preserve user privacy we propose the technique of ownership authentication transfer. The user who is willing to sell the device has to transfer the ownership of the device under sale. Once the device is sold and the ownership has been transferred, the old owner will not be able to use that device at any cost. Either of the users will not be able to use the device if the process of ownership has not been carried out properly. This also takes care of the scenario when the device has been stolen or lost, avoiding the impersonation attack. The proposed protocol has been modeled and verified using Automated Validation of Internet Security Protocols and Applications (AVISPA) and is found to be safe.