Abstract
This paper explores computer security in pervasive computing with focus on user authentication. We present the concept of Proximity-Based User Authentication, as a usability-wise ideal for UbiComp systems. We present a context-aware user authentication protocol, which (1) uses a JavaCard for identification and cryptographic calculations, (2) uses a context-awareness system for verifying the user’s location, and (3) implements a security fall-back strategy. We analyze the security of this protocol and discuss the tradeoff between usability and security. We also present our current implementation of the protocol and discuss future work.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abowd, G.D., Brumitt, B., Shafer, S. (eds.): Proceedings of Ubicomp 2001: Ubiquitous Computing. LNCS, vol. 2201, p. 184. Springer, Heidelberg (2001)
Anderson, R., Kuhn, M.: Tamper resistance – a cautionary note. In: The Second USENIX Workshop on Electronic Commerce Proceedings (1996)
Baentsch, M., Buhler, P., Eirich, T., Höring, F., Oestreicher, M.: Javacard – from hype to reality. IEEE Concurrency, 36–43 (October-December 1999)
Bardram, J.E.: The Trouble with Login – On usability and Computer Security in Pervasive Computing. Technical Report CfPC 2003–PB–50, Center for Pervasive Computing, Aarhus, Denmark (2003), Available from http://www.pervasive.dk/publications
Bennett, F., Richardson, T., Harter, A.: Teleporting – Making Applications Mobile. In: Proceedings of the IEEE Workshop on Mobile Computer Systems and Applications, Los Alamitos, CA, USA, pp. 82–84. IEEE CS Press, Los Alamitos (1994)
Borriello, G., Holmquist, L.E. (eds.): Proceedings of Ubicomp 2002: Ubiquitous Computing. LNCS, vol. 2498. Springer, Heidelberg (2002)
Brumitt, B., Meyers, B., Krumm, J., Kern, A., Shafer, S.: EasyLiving: Technologies for Intelligent Environments. In: Thomas, P., Gellersen, H.-W. (eds.) HUC 2000. LNCS, vol. 1927, pp. 12–29. Springer, Heidelberg (2000)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Transactions on Computer Systems (TOCS) 8(1), 18–36 (1990)
Bussard, L., Roudier, Y.: Embedding distance-bounding protocols within intuitive interactions (2003)
Center for Pervasive Healthcare, http://www.cfph.dk
Christensen, H.B., Bardram, J.: Supporting human activities – exploring activity-centered computing. In: Borriello and Holmquist [6], pp. 107–116
Corner, M.D., Noble, B.D.: Zero-interaction authentication. In: Proceedings of the eighth annual international conference on Mobile computing and networking, pp. 1–11. ACM Press, New York (2002)
Datatronic Long Range RFID Portal Antennas (297C-AT3M/S), http://www.datatronicrfid.com
Denning, D.E., MacDoran, P.D.: Location-Based Authentication: Grounding Cyberspace for Better Security. Computer Fraud and Security (February 1996), Available from http://cosc.georgetown.edu/denning/infosec/Grounding.txt
Ensure Technologies, http://www.ensuretech.com
Harter, A., Hopper, P., Steggles, A., Webster, P.: The Anatomy of a Context- Aware Application. In: Proceedings of the 5th Annunal ACM/IEEE Conference on Mobile Computing and Networking (MobiCom 1999), Seattle, WA, USA, pp. 59–68. ACM Press, New York (1999)
IBM JCOP Smart Card Technology, http://www.zurich.ibm.com/csc/infosec/smartcard.html
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Nagel, K., Kidd, C.D., O’Connell, T., Dey, A., Abowd, G.D.: The Family Intercom: Developing a Context-Aware Audio Communication System. In: Abowd et al. [1], pp. 176–183
Philips Semiconductors MIFARE Demonstration System (MF EV500), http://www.semiconductors.philips.com/markets/identification/products/mifare/
Russell, D.M., Drews, C., Sue, A.: Social Aspects of Using Large Public Interactive Displays for Collaboration. In: Borriello and Holmquist [6], pp. 229–236
Russell, D.M., Gossweiler, R.: On the Design of Personal & Communal Large Information Scale Appliances. In: Abowd et al. [1], pp. 354–361
Schneider, B.: Secrets and Lies: Digital Security in a Networked World, 1st edn. John Wiley & Sons, Chichester (2000)
Smith, M.T.: Smart Cards: Integrating for Portable Complexity. IEEE Computer, 110–115 (August 1998)
Tanenbaum, A.S.: Modern Operating Systems, 2nd edn. Prentice Hall, Englewood Cliffs (2001)
Trevor, J., Hilbert, D.M., Schilit, B.N.: Issues in Personalizing Shared Ubiquitous Devices. In: Borriello and Holmquist [6], pp. 56–72
Want, R., Hopper, A., Falco, V., Gibbons, J.: The active badge location system. ACM Transactions on Information Systems (TOIS) 10(1), 91–102 (1992)
Werb, J., Lanzl, C.: Designing a positioning system for finding things and people. IEEE Spectrum 35(9), 71–78 (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bardram, J.E., Kjær, R.E., Pedersen, M.Ø. (2003). Context-Aware User Authentication – Supporting Proximity-Based Login in Pervasive Computing. In: Dey, A.K., Schmidt, A., McCarthy, J.F. (eds) UbiComp 2003: Ubiquitous Computing. UbiComp 2003. Lecture Notes in Computer Science, vol 2864. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39653-6_8
Download citation
DOI: https://doi.org/10.1007/978-3-540-39653-6_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20301-8
Online ISBN: 978-3-540-39653-6
eBook Packages: Springer Book Archive