Smartphone apps often run with full privileges to access the network and sensitive local resources, making it difficult for remote systems to have any trust in the provenance of network connections they receive. Even within the phone, different apps with different privileges can communicate with one another, allowing one app to trick another into improperly exercising its privileges (a Confused Deputy attack). In QUIRE, we engineered two new security mechanisms into Android to address these issues. First, we track the call chain of IPCs, allowing an app the choice of operating with the diminished privileges of its callers or to act explicitly on its own behalf. Second, a lightweight signature scheme allows any app to create a signed statement that can be verified anywhere inside the phone. Both of these mechanisms are reflected in network RPCs, allowing remote systems visibility into the state of the phone when an RPC is made. We demonstrate the usefulness of QUIRE with two example applications. We built an advertising service, running distinctly from the app which wants to display ads, which can validate clicks passed to it from its host. We also built a payment service, allowing an app to issue a request which the payment service validates with the user. An app cannot not forge a payment request by directly connecting to the remote server, nor can the local payment service tamper with the request. 1

Who we are (e.g. our thoughts, dreams, feelings, DNA sequence), what we own (such financial property), what we have experienced (audio/visual/olifactory transcripts), and how we can be reached (location, endpoint identifiers) are among

Number 817

Buildings account for a large portion of the world’s total delivered energy consumption. With smartphones becoming increasingly ubiquitous and sensor networks growing more mature, buildings can provide personalized and context-aware services to an occupant while minimizing energy consumption. This paper proposes the architecture of a Human-Building-Computer Interaction system that connects the building to its occupants by bridging the gap between the digital and physical worlds. We present our instantiation of an HBCI system, which is composed of an Android mobile application, a number of RESTful services in the cloud, and physical objects co-located with QR tags. We show that, with this system, a user can increase personal comfort within a building while reducing energy usage.