Advertisement

Secure Mobile Computing Via Public Terminals

  • Richard Sharp
  • James Scott
  • Alastair R. Beresford
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3968)

Abstract

The rich interaction capabilities of public terminals can make them more convenient to use than small personal devices, such as smart phones. However, the use of public terminals to handle personal data may compromise privacy. We present a system that enables users to access their applications and data securely using a combination of public terminals and a more trusted, personal device. Our system (i) provides users with capabilities to censor the public terminal display, so that it does not show private data; (ii) filters input events coming from the public terminal, so that maliciously injected keyboard/pointer events do not compromise privacy; and (iii) enables users to view personal information and perform data-entry via their personal device. A key feature of our system is that it works with unmodified applications. A prototype implementation of the system has been publicly released for Linux and Windows. The results arising from a pilot usability study based on this implementation are presented.

Keywords

Smart Phone Mouse Button Public Display Threat Model Personal Device 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Anderson, R., Stajano, F., Lee, J.-H.: Security policies. In: Advances in Computers, vol. 55, Academic Press, London (2001)Google Scholar
  2. 2.
    Anti-Phishing Working Group (APWG). Phishing activity trends report (June 2005), http://antiphishing.org/
  3. 3.
    Balfanz, D., Felton, E.: Hand-held computers can be better smart cards. In: Proceedings of USENIX Security (1999)Google Scholar
  4. 4.
    Berger, S., Kjeldsen, R., Narayanaswami, C., Pinhanez, C., Podlaseck, M., Raghunath, M.: Using symbiotic displays to view sensitive information in public. In: Proceedings of PERCOM, IEEE, Los Alamitos (2005)Google Scholar
  5. 5.
    Boyle, M., Edwards, C., Greenberg, S.: The effects of filtered video on awareness and privacy. In: Proceedings of ACM CSCW (2000)Google Scholar
  6. 6.
    Han, R., Perret, V., Naghshineh, M.: WebSplitter: a unified XML framework for multi-device collaborative web browsing. In: Proceedings of CSCW 2000, ACM Press, New York (2000)Google Scholar
  7. 7.
    Jung, K., Kim, K.I., Jain, A.K.: Text information extraction in images and video: a survey. Pattern Recognition 37, 977–997 (2004)CrossRefGoogle Scholar
  8. 8.
    Amecisco KeyLogger product range, http://www.keylogger.com/
  9. 9.
    Kozuch, M., Satyanarayanan, M.: Internet suspend/resume. In: Proceedings of the WMCSA 2002 (June 2002)Google Scholar
  10. 10.
    Lewis, C., Rieman, J.: Task-centered user interface design—a practical introduction, University of Colorado, Boulder (1993), This shareware book is available at ftp.cs.colorado.edu
  11. 11.
    Myers, B.A.: Using handhelds and PCs together. Communications of the ACM 44(11), 34–41 (2001)CrossRefGoogle Scholar
  12. 12.
    Narayanaswami, C., Raghunath, M.T., Kamijoh, N., Inoue, T.: What would you do with 100 MIPS on your wrist? Technical Report RC 22057 (98634), IBM Research (January 2001)Google Scholar
  13. 13.
    O’Hara, K., Perry, M., Churchill, E.: Public and Situated Displays: Social and Interactional Aspects of Shared Display Technologies. Kluwer Academic Publishers, Norwell (2004)Google Scholar
  14. 14.
    Oprea, A., Balfanz, D., Durfee, G., Smetters, D.: Securing a remote terminal application with a mobile trusted device. In: Proceedings of ACSA (2004), available from http://www.acsa-admin.org/
  15. 15.
    Pering, T., Kozuch, M.: Situated mobility: Using situated displays to support mobile activities. In: Public and Situated Displays: Social and Interactional Aspects of Shared Display Technologies, Kluwer, Dordrecht (2003)Google Scholar
  16. 16.
    Pierce, J.S., Mahaney, H.: Opportunistic annexing for handheld devices: Opportunities and challenges. In: Proceedings of HCIC 2004 (2004)Google Scholar
  17. 17.
    Raghunath, M., Narayanaswami, C., Pinhanez, C.: Fostering a symbiotic handheld environment. Computer 36(9), 56–65 (2003)CrossRefGoogle Scholar
  18. 18.
    Richardson, T., Stafford-Fraser, Q., Wood, K.R., Hopper, A.: Virtual network computing. IEEE Internet Computing 2(1), 33–38 (1998)CrossRefGoogle Scholar
  19. 19.
    Ross, S.J., Hill, J.L., Chen, M.Y., Joseph, A.D., Culler, D.E., Brewer, E.A.: A composable framework for secure multi-modal access to Internet services from post-PC devices. Mob. Netw. Appl. 7(5) (2002)Google Scholar
  20. 20.
    Salchow, K.: Sorting through the hype of ubiquitous secure remote access and SSL VPNs. SecurityDocs white paper, http://www.securitydocs.com/library/3103
  21. 21.
    Scheifler, R.W., Gettys, J.: The X window system. ACM Trans. Graph. 5(2), 79–109 (1986)CrossRefMATHGoogle Scholar
  22. 22.
    Sharp, R., Scott, J., Beresford, A.: Resources and code accompanying this paper, http://www.cambridge.intel-research.net/securemobilecomputing/
  23. 23.
    Spring, T.: Google Desktop Search: Security Threat? Today@PCWorld, http://blogs.pcworld.com/staffblog/archives/000264.html
  24. 24.
    Richardson, T.: RealVNC Ltd. The RFB Protocol (2005), http://www.realvnc.com/docs/rfbproto.pdf
  25. 25.
    Tan, D.S., Czerwinski, M.: Information Voyeurism: Social impact of physically large displays on information privacy. In: Extended Abstracts of CHI 2003, ACM Press, New York (2003)Google Scholar
  26. 26.
    Want, R., Pering, T., Danneels, G., Kumar, M., Sundar, M., Light, J.: The personal server: Changing the way we think about ubiquitous computing. In: Borriello, G., Holmquist, L.E. (eds.) UbiComp 2002. LNCS, vol. 2498, pp. 194–209. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  27. 27.
    Ylonen, T.: SSH transport layer protocol. RFC 3667Google Scholar
  28. 28.
    Zhao, Q.A., Stasko, J.T.: The awareness-privacy tradeoff in video supported informal awareness: A study of image-filtering based techniques. Technical Report 98-16, Georgia Institute of Technology (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Richard Sharp
    • 1
  • James Scott
    • 1
  • Alastair R. Beresford
    • 2
  1. 1.Intel ResearchCambridgeUK
  2. 2.Computer LaboratoryUniversity of CambridgeCambridgeUK

Personalised recommendations