Context-Aware User Authentication - Supporting Proximity-Based Login in Pervasive Computing

This paper explores computer security in pervasive computing with focus on user authentication. We present the concept of Proximity-Based User Authentication, as a usability-wise ideal for UbiComp systems. We present a context-aware user authentication protocol, which (1) uses a JavaCard for identification and cryptographic calculations, (2) uses a context-awareness system for verifying the user’s location, and (3) implements a security fall-back strategy. We analyze the security of this protocol and discuss the tradeoff between usability and security. We also present our current implementation of the protocol and discuss future work.

[1]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[2]  Barry Brumitt,et al.  EasyLiving: Technologies for Intelligent Environments , 2000, HUC.

[3]  Daniel M. Russell,et al.  On the Design of Personal & Communal Large Information Scale Appliances , 2001, UbiComp.

[4]  梅村 恭司 Andrew S.Tanenbaum 著, "Operating systems, Design and implementation", PRENTICE-HALL, INC., Englewood Cliffs, B5変形判, 719p., \4,120 , 1988 .

[5]  Bruce Schneier,et al.  Secrets and Lies: Digital Security in a Networked World , 2000 .

[6]  Andy Hopper,et al.  The active badge location system , 1992, TOIS.

[7]  George Buchanan,et al.  An Evaluation of WebTwig - A Site Outliner for Handheld Web Access , 1999, HUC.

[8]  A. Harter,et al.  Teleporting-making applications mobile , 1994, Workshop on Mobile Computing Systems and Applications.

[9]  Andy Hopper,et al.  The Anatomy of a Context-Aware Application , 1999, Wirel. Networks.

[10]  Jakob E. Bardram,et al.  Supporting Human Activities - Exploring Activity-Centered Computing , 2002, UbiComp.

[11]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[12]  Brian D. Noble,et al.  Zero-interaction authentication , 2002, MobiCom '02.

[13]  Norbert A. Streitz Ubiquitous Computing and The Disappearing Computer - Research Agendas, Issues, and Strategies , 2001, UbiComp.

[14]  J. Werb,et al.  Designing a positioning system for finding things and people indoors , 1998 .

[15]  Jonathan Trevor,et al.  Issues in Personalizing Shared Ubiquitous Devices , 2002, UbiComp.

[16]  Dorothy E. Denning,et al.  Location-based authentication: Grounding cyberspace for better security , 1996 .

[17]  Gregory D. Abowd,et al.  The Family Intercom: Developing a Context-Aware Audio Communication System , 2001, UbiComp.

[18]  Laurent Bussard,et al.  Embedding Distance-Bounding Protocols within Intuitive Interactions , 2003, SPC.

[19]  Michael Baentsch,et al.  JavaCard-from hype to reality , 1999, IEEE Concurr..

[20]  Andy Hopper,et al.  A new location technique for the active office , 1997, IEEE Wirel. Commun..

[21]  D. Pinto Secrets and Lies: Digital Security in a Networked World , 2003 .

[22]  Daniel M. Russell,et al.  Social Aspects of Using Large Public Interactive Displays for Collaboration , 2002, UbiComp.

[23]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[24]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[25]  M.T. Smith Smart Cards: Integrating for Portable Complexity , 1998, Computer.