USING A SPATIAL CONTEXT AUTHENTICATION PROXY FOR ESTABLISHING SECURE WIRELESS CONNECTIONS

Authors

  • RENE MAYRHOFER Computing Department, Lancaster University, South Drive Lancaster LA1 4WA, United Kingdom
  • ROSWITHA GOSTNER Computing Department, Lancaster University, South Drive Lancaster LA1 4WA, United Kingdom

Keywords:

spontaneous interaction, wireless and mobile security, authentication, location awareness

Abstract

Spontaneous interaction in wireless ad-hoc networks is often desirable not only between users or devices in direct contact, but also with devices that are accessible only via a wireless network. Secure communication with such devices is difficult because of the required authentication, which is often either password- or certificate-based. An intuitive alternative is context-based authentication, where device authenticity is verified by shared context, and often by direct physical evidence. Devices that are physically separated cannot experience the same context and thus cannot benefit directly from context authentication. We introduce a context authentication proxy that is pre-authenticated with one of the devices and can authenticate with the other by shared context. This concept is applicable to a wide range of application scenarios, context sensing technologies, and trust models. We show its practicality in an implementation for setting up IPSec connections based on spatial reference. Our specific scenario is ad-hoc access of mobile devices to secure 802.11 WLANs using a mobile device as authentication proxy. A user study shows that our method and implementation are intuitive to use and compare favourably to a standard, password-based approach.

 

Downloads

Download data is not yet available.

References

D. Balfanz, G. Durfee, R. E. Grinter, D. K. Smetters, and P Stewart. Network-in-a-box: How to

set up a secure wireless network in under a minute. In Proc. 13th USENIX Security Symp., pages

–222. USENIX, August 2004.

D. Balfanz, D. K. Smetters, P. Stewart, and H. C. Wong. Talking to strangers: Authentication

in ad-hoc wireless networks. In Proc. NDSS’02: 2002 Network and Distributed Systems Security

Symp. The Internet Society, February 2002.

A. Godber and P. Dasgupta. Secure wireless gateway. In Proc. WiSE’02: 3rd ACM workshop on

Wireless security, pages 41–46. ACM Press, 2002.

M. T. Goodrich, M. Sirivianos, J. Solis, G. Tsudik, and E. Uzun. Loud and clear: Human verifiable

authentication based on audio. In Proc. ICDCS 2006: 26th Conf. on Distributed Computing

Systems, page 10. IEEE CS Press, July 2006.

P. Gutmann. Plug-and-play PKI: A PKI your mother can use. In Proc. 12th USENIX Security

Symp., pages 45–58, August 2003. published at http://www.cs.auckland.ac.nz/~pgut001/pubs/

usenix03.pdf, shorter version appeared in IEEE Computer Magazine, August 2002.

M. Hazas, C. Kray, H. Gellersen, H. Agbota, G. Kortuem, and A. Krohn. A relative positioning

system for co-located mobile devices. In Proc. MobiSys 2005: 3rd Int. Conf. on Mobile Systems,

Applications, and Services, pages 177–190. ACM Press, June 2005.

Jens Jakobsen. Chillispot web page. http://www.chillispot.org, 2006.

T. Kindberg, K. Zhang, and N. Shankar. Context authentication using constrained channels.

In Proc. WMCSA: 4th IEEE Workshop on Mobile Computing Systems and Applications, pages

–21. IEEE CS Press, June 2002.

G. Kortuem, C. Kray, and H. Gellersen. Sensing and visualizing spatial relations of mobile devices.

In Proc. UIST 2005: 18th ACM Symp. on User Interface Software and Technology, pages 93–102.

ACM Press, October 2005.

R. Mayrhofer. Towards an open source toolkit for ubiquitous device authentication. In Workshops

Proc. PerCom 2007: 5th IEEE International Conference on Pervasive Computing and Communications,

pages 247–252. IEEE CS Press, March 2007. Track PerSec 2007: 4th IEEE International

Workshop on Pervasive Computing and Communication Security.

R. Mayrhofer and Esys GmbH. Gibraltar firewall web page. http://www.gibraltar.at, 2006.

R. Mayrhofer and H. Gellersen. On the security of ultrasound as out-of-band channel. In Proc.

IPDPS 2007: 21st IEEE International Parallel and Distributed Processing Symposium, page 321.

IEEE CS Press, March 2007. Track SSN 2007: 3rd International Workshop on Security in Systems

and Networks.

R. Mayrhofer, H. Gellersen, and M. Hazas. Security by spatial reference: Using relative positioning

to authenticate devices for spontaneous interaction. In Proc. Ubicomp 2007: 9th International

Conference on Ubiquitous Computing, LNCS. Springer-Verlag, September 2007. to appear.

R. Mayrhofer, F. Ortner, A. Ferscha, and M. Hechinger. Securing passive objects in mobile ad-hoc

peer-to-peer networks. In R. Focardi and G. Zavattaro, editors, Electronic Notes in Theoretical

Computer Science, volume 85.3. Elsevier Science, June 2003.

J. M. McCune, A. Perrig, and M. K. Reiter. Seeing-is-believing: Using camera phones for humanverifiable

authentication. In Proc. IEEE Symp. on Security and Privacy, pages 110–124. IEEE CS

Press, May 2005.

OpenWrt. OpenWrt web page. http://openwrt.org, 2006.

R. Steffen and R. Knorr. A trust based delegation system for managing access control. In Advances

in Pervasive Computing: Adjunct Proc. Pervasive 2005, volume 191, pages 1–5. Austrian Computer

Society (OCG), April 2005.

C. Swindells, K. M. Inkpen, J. C. Dill, and M. Tory. That one there! pointing to establish device

identity. In Proc. UIST ’02: 15th ACM Symp. on User interface software and technology, pages

–160. ACM Press, 2002.

Xelerance Corporation. Openswan web page. http://www.openswan.org, 2006.

Downloads

Published

2007-05-17

How to Cite

MAYRHOFER, R. ., & GOSTNER, R. . (2007). USING A SPATIAL CONTEXT AUTHENTICATION PROXY FOR ESTABLISHING SECURE WIRELESS CONNECTIONS. Journal of Mobile Multimedia, 3(3), 198–217. Retrieved from https://journals.riverpublishers.com/index.php/JMM/article/view/4895

Issue

2007: Vol 3 Iss 3

Section

Articles