One User, Many Hats; and, Sometimes, No Hat: Towards a Secure Yet Usable PDA

Stajano, Frank

doi:10.1007/11861386_6

Frank Stajano²⁰

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3957))

Included in the following conference series:

International Workshop on Security Protocols

429 Accesses
7 Citations

Abstract

How can we design a PDA that is at the same time secure and usable? In current implementations the two properties are mutually exclusive. Because normal users find password entry inconvenient, the balance usually shifts away from security, leaving the PDA vulnerable if lost or stolen.

We begin by envisaging what an ideal PDA authentication mechanism might look like and by carefully examining alternatives to passwords such as tokens and biometrics.

We then expose another aspect of the security vs. usability problem. In many cases, when we turn on our PDA, we only access functionality (dictionary, calculator, web browser...) that requires no access to private data stored in the machine; why, then, should we pay the usability penalty of authentication in such cases? Moreover, we may want to grant another person temporary access to such “harmless” functionality, but without being forced to grant them unrestricted access to the whole machine.

To solve this problem we describe a system in which we may assign more than one “hat” to the owner of this single-user device, with each hat having specific privileges. The machine supports concurrent graphical logins for several hats and a convenient mechanism to switch between them. There is also provision for a userid associated with “no hat”, to which one can switch without the need for authentication, and which can access all the harmless functionality. This scheme turns out to be applicable and useful well beyond the limited realm of PDAs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Stajano, F.: Will Your Digital Butlers Betray You? In: Syverson, P., De Capitani di Vimercati, S. (eds.) Proceedings of the 2004 Workshop on Privacy in the Electronic Society, pp. 37–38. ACM, Washington (2004)
Google Scholar
Stajano, F., Anderson, R.: The Resurrecting Duckling: Security Issues in Ad-Hoc Wireless Networks. In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M. (eds.) Security Protocols 1999. LNCS, vol. 1796, pp. 172–182. Springer, Heidelberg (2000), http://www.cl.cam.ac.uk/~fms27/duckling/
Chapter Google Scholar
Sammes, T., Jenkinson, B.: Forensic Computing: A Practitioner’s Guide. Springer, Heidelberg (2000)
Book Google Scholar
Brands, S., Chaum, D.: Distance Bounding Protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)
Chapter Google Scholar
Scheeres, J.: Implantable Chip, On Sale Now (October 25, 2002), http://www.wired.com/news/privacy/0,1848,55999,00.html
Corner, M.D., Noble, B.D.: Zero-interaction authentication. In: Proceedings of the eighth Annual International Conference on Mobile Computing and Networking (MOBICOM 2002), pp. 1–11. ACM Press, New York (2002)
Chapter Google Scholar
Stajano, F.: Security for Ubiquitous Computing. John Wiley and Sons, Chichester (2002), http://www.cl.cam.ac.uk/~fms27/secubicomp/
Book Google Scholar
Matsumoto, T., Matsumoto, H., Yamada, K., Hoshino, S.: Impact of Artificial Gummy Fingers on Fingerprint Systems. In: Proceedings of SPIE. Optical Security and Counterfeit Deterrence Techniques IV, vol. 4677 (2002), http://cryptome.org/gummy.htm
Daugman, J.: How Iris Recognition Works. IEEE Transactions on Circuits and Systems for Video Technology 14(1) (January 2004), http://www.cl.cam.ac.uk/users/jgd1000/csvt.pdf
Daugman, J.: How the Afghan Girl was Identified by Her Iris Patterns (2002), http://www.cl.cam.ac.uk/users/jgd1000/afghan.html
Bond, M., Anderson, R.J.: API-Level Attacks on Embedded Systems. IEEE Computer 34(10), 67–75 (2001), http://www.cl.cam.ac.uk/users/mkb23/research/API-Attacks.pdf
Article Google Scholar
Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R.: Xen and the art of virtualization. In: Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP 2003), pp. 164–177. ACM, Bolton Landing (2003)
Google Scholar
Anderson, R., Kuhn, M.: Tamper Resistance—A Cautionary Note. In: Proc. 2^nd USENIX Workshop on Electronic Commerce (1996), ISBN 1-880446-83-9, http://www.cl.cam.ac.uk/~mgk25/tamper.pdf

Download references

Author information

Authors and Affiliations

University of Cambridge, UK
Frank Stajano

Authors

Frank Stajano
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Computer Science Department, University of Hertfordshire, UK
Bruce Christianson
Computer Systems Group, Vrije Universiteit, Amsterdam, The Netherlands
Bruno Crispo
Georgia Institute of Technology, Atlanta, GA, USA
James A. Malcolm
Microsoft Research, Cambridge, UK
Michael Roe

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Stajano, F. (2006). One User, Many Hats; and, Sometimes, No Hat: Towards a Secure Yet Usable PDA. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2004. Lecture Notes in Computer Science, vol 3957. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11861386_6

Download citation

DOI: https://doi.org/10.1007/11861386_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40925-0
Online ISBN: 978-3-540-40926-7
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics