Personal and Ubiquitous Computing

, Volume 16, Issue 1, pp 77–89 | Cite as

Usability classification for spontaneous device association

  • Ming Ki ChongEmail author
  • Hans Gellersen
Original Article


As wireless devices increasingly becoming ubiquitous, spontaneous interaction opportunities are accordingly becoming common. Although spontaneous interaction research has been ongoing for many years, a key question of spontaneous interaction still remains open: how can users associate devices in a natural, intuitive and secure manner. Over the past decade, researchers have demonstrated a plethora of device association techniques. Nonetheless, users were often neglected during design or they were only involved in a later stage, like testing. We argue that since device association is performed by end-users, usability factors need to be considered in the early stage of design. In this article, we present a categorisation of factors that influence the usability of device association. This paper aims at providing a framework that informs researchers and system designers of the considerations needed when designing or adopting an association technique.


  1. 1.
    Balfanz D, Durfee G, Grinter RE, Smetters DK, Stewart P (2004) Network-in-a-box: how to set up a secure wireless network in under a minute. In: SSYM’04: Proceedings of the 13th conference on USENIX security symposium, USENIX Association, pp 207–222Google Scholar
  2. 2.
    Balfanz D, Smetters D, Stewart P, Wong HC (2002) Talking to strangers: authentication in ad-hoc wireless networks. In: NDSS’02: Proceedings of the 2002 network and distributed systems security symposiumGoogle Scholar
  3. 3.
    Beigl M (1999) Point & Click-interaction in smart environments. In: HUC ’99: Proceedings of the 1st international symposium on handheld and ubiquitous computing. Springer, pp 311–313Google Scholar
  4. 4.
    Bichler D, Stromberg G, Huemer M, Löw M (2007) Key generation based on acceleration data of shaking processes. In: UbiComp 2007: ubiquitous computing. Springer, pp 304–317Google Scholar
  5. 5.
    Bluetooth Special Interest Group (2006) Simple pairing whitepaper (revision v10r00)Google Scholar
  6. 6.
    Buhan I, Boom B, Doumen J, Hartel PH, Veldhuis RNJ (2009) Secure pairing with biometrics. Int J Secur Netw 4(1/2): 27–42CrossRefGoogle Scholar
  7. 7.
    Castelluccia C, Mutaf P (2005) Shake them up!: a movement-based pairing protocol for cpu-constrained devices. In: MobiSys ’05: Proceedings of the 3rd international conference on mobile systems, applications, and services, ACM, pp 51–64Google Scholar
  8. 8.
    Chong MK, Gellersen H (2010) Classification of spontaneous device association from a usability perspective. In: IWSSI/SPMU 2010, pp 1–7Google Scholar
  9. 9.
    Chong MK, Marsden G, Gellersen H (2010) GesturePIN: using discrete gestures for associating mobile devices. In: MobileHCI 2010Google Scholar
  10. 10.
    Fitts PM (1954) The information capacity of the human motor system in controlling the amplitude of movement. J Exp Psychol 47(6):381–391CrossRefGoogle Scholar
  11. 11.
    Gehrmann C, Mitchell CJ, Nyberg K (2004) Manual authentication for wireless devices. RSA CryptoBytes 7(1):29–37Google Scholar
  12. 12.
    Goodrich MT, Sirivianos M, Solis J, Soriente C, Tsudik G, Uzun E (2009) Using audio in secure device pairing. Int J Secur Netw 4(1/2):57–68CrossRefGoogle Scholar
  13. 13.
    Goodrich MT, Sirivianos M, Solis J, Tsudik G, Uzun E (2006) Loud and Clear: Human-verifiable authentication based on audio. In: ICDCS ’06: Proceedings of the 26th IEEE international conference on distributed computing systems, IEEE Computer Society, p 10.Google Scholar
  14. 14.
    Hinckley K (2003) Synchronous gestures for multiple persons and computers. In: UIST ’03: Proceedings of the 16th annual ACM symposium on user interface software and technology. ACM, pp 149–158Google Scholar
  15. 15.
    Holmquist LE, Mattern F, Schiele B, Alahuhta P, Beigl M, Gellersen H-W (2001) Smart-its friends: a technique for users to easily establish connections between smart artefacts. In: UbiComp ’01: Proceedings of the 3rd international conference on ubiquitous computing. Springer, pp 116–122Google Scholar
  16. 16.
    Ion I, Langheinrich M, Kumaraguru P, Capkun S (2010) Influence of user perception, security needs, and social factors on device pairing method choices. In: SOUPS ’10Google Scholar
  17. 17.
    Iwasaki Y, Kawaguchi N, Inagaki Y (2003) Touch-and-connect: a connection request framework for ad-hoc networks and the pervasive computing environment. In: PERCOM ’03: Proceedings of the first IEEE international conference on pervasive computing and communications, IEEE Computer Society, pp 20–29Google Scholar
  18. 18.
    Kainda R, Flechais I, Roscoe AW (2010) Secure mobile ad-hoc interactions: reasoning about out-of-band (oob) channels. In: IWSSI/SPMU 2010, pp 10–15Google Scholar
  19. 19.
    Kainda R, Flechais I, Roscoe AW (2010) Two heads are better than one: security and usability of device associations in group scenarios. In: Proceedings of SOUPS 2010. ACM PressGoogle Scholar
  20. 20.
    Kindberg T, Zhang K (2003) Secure spontaneous device association. In: UbiComp 2003: ubiquitous computing. Springer, pp 124–131Google Scholar
  21. 21.
    Kindberg T, Zhang K (2003) Validating and securing spontaneous associations between wireless devices. In: ISC 2003: information security. Springer, pp 44–53Google Scholar
  22. 22.
    Laur S, Nyberg K (2006) Efficient mutual data authentication using manually authenticated strings. In: Cryptology and network security, Springer, pp 90–107Google Scholar
  23. 23.
    Mayrhofer R, Gellersen H (2009) Shake well before use: intuitive and secure pairing of mobile devices. IEEE Trans Mobile Comput 8(6):792–806CrossRefGoogle Scholar
  24. 24.
    Mayrhofer R, Gellersen H, Hazas M (2007) Security by spatial reference: using relative positioning to authenticate devices for spontaneous interaction. In: UbiComp 2007: ubiquitous computing, Springer, pp 199–216Google Scholar
  25. 25.
    Mayrhofer R, Welch M (2007) A human-verifiable authentication protocol using visible laser light. In: ARES ’07: Proceedings of the second international conference on availability, reliability and security, IEEE Computer Society, pp 1143–1148Google Scholar
  26. 26.
    McCune JM, Perrig A, Reiter MK (2005) Seeing-Is-believing: using camera phones for human-verifiable authentication. In: SP ’05: Proceedings of the 2005 IEEE Symposium on Security and Privacy, IEEE Computer Society, pp 110–124Google Scholar
  27. 27.
    Nicholson AJ, Smith IE, Hughes J, Noble BD (2006) LoKey: Leveraging the sms network in decentralized, end-to-end trust establishment. In: Pervasive computing. Springer, pp 202–219Google Scholar
  28. 28.
    Park DG, Kim JK, Sung JB, Hwang JH, Hyung CH, Kang SW (2006) TAP: Touch-And-Play. In: CHI ’06: Proceedings of the SIGCHI conference on Human Factors in computing systems. ACM, pp 677–680Google Scholar
  29. 29.
    Patel SN, Pierce JS, Abowd GD (2004) A gesture-based authentication scheme for untrusted public terminals. In: UIST ’04: Proceedings of the 17th annual ACM symposium on user interface software and technology. ACM, pp 157–160Google Scholar
  30. 30.
    Rekimoto J (2004) SyncTap: synchronous user operation for spontaneous network connection. Pers Ubiquit Comput 8(2):126–134CrossRefGoogle Scholar
  31. 31.
    Rekimoto J, Ayatsuka Y, Kohno M, Oba H (2003) Proximal interactions: a direct manipulation technique for wireless networking. In: INTERACT ’03, IOS Press, pp 511–518Google Scholar
  32. 32.
    Saxena N, Ekberg J-E, Kostiainen K, Asokan N (2006) Secure device pairing based on a visual channel (short paper). In: SP ’06: Proceedings of the 2006 IEEE symposium on security and privacy, IEEE Computer Society, pp 306–313Google Scholar
  33. 33.
    Saxena N, Uddin MB, Voris J (2008) Universal device pairing using an auxiliary device. In: SOUPS ’08: Proceedings of the 4th symposium on usable privacy and security, ACM, pp 56–67Google Scholar
  34. 34.
    Schmidt D, Chehimi F, Rukzio E, Gellersen H (2010) Phonetouch: a technique for direct phone interaction on surfaces. In: UIST ’10: Proceedings of the 23nd annual ACM symposium on user interface software and technology. ACM, pp 13–16Google Scholar
  35. 35.
    Seewoonauth K, Rukzio E, Hardy R, Holleis P (2009) Touch & connect and touch & select: interacting with a computer by touching it with a mobile phone. In: MobileHCI ’09: Proceedings of the 11th international conference on human-computer interaction with mobile devices and services. ACM, pp 36:1–36:9Google Scholar
  36. 36.
    Soriente C, Tsudik G, Uzun E (2008) HAPADEP: Human-assisted pure audio device pairing. In: ISC ’08: Proceedings of the 11th international conference on information security. Springer, pp 385–400Google Scholar
  37. 37.
    Soriente C, Tsudik G, Uzun E (2009) Secure pairing of interface constrained devices. Int J Secur Netw 4(1/2):17–26CrossRefGoogle Scholar
  38. 38.
    Stajano F, Anderson R (1999) The resurrecting duckling: security issues for ad-hoc wireless networks. In: Proceedings of the 7th international workshop on security protocols. Springer, pp 172–194Google Scholar
  39. 39.
    Suomalainen J, Valkonen J, Asokan N (2009) Standards for security associations in personal networks: a comparative analysis. Int J Secur Netw 4(1/2):87–100CrossRefGoogle Scholar
  40. 40.
    Swindells C, Inkpen KM, Dill JC, Tory M (2002) That one there! pointing to establish device identity. In: UIST ’02: Proceedings of the 15th annual ACM symposium on user interface software and technology. ACM, pp 151–160Google Scholar
  41. 41.
    Terrenghi L, Quigley A, Dix A (2009) A taxonomy for and analysis of multi-person-display ecosystems. Pers Ubiquit Comput 13(8):583–598CrossRefGoogle Scholar
  42. 42.
    Varshavsky A, Scannell A, LaMarca A, de Lara E (2007) Amigo: proximity-based authentication of mobile devices. In: UbiComp 2007: ubiquitous computing. Springer, pp 253–270Google Scholar
  43. 43.
    Vaudenay S (2005) Secure communications over insecure channels based on short authenticated strings. In: CRYPTO 2005. Springer, Heidelberg, pp 309–326Google Scholar

Copyright information

© Springer 2011

Authors and Affiliations

  1. 1.School of Computing and CommunicationsLancaster UniversityLancasterUK

Personalised recommendations