Device-Enabled Authorization in the Grey System

Device-Enabled Authorization in the Grey System (2005)

Cached

Download Links

[reports-archive.adm.cs.cmu.edu]

by Lujo Bauer , Scott Garriss , Jonathan M. Mccune , Michael K. Reiter , Jason Rouse , Peter Rutenbar

Venue:	In Proceedings of the 8th Information Security Conference (ISC’05
Citations:	55 - 14 self

BibTeX

@INPROCEEDINGS{Bauer05device-enabledauthorization,
    author = {Lujo Bauer and Scott Garriss and Jonathan M. Mccune and Michael K. Reiter and Jason Rouse and Peter Rutenbar},
    title = {Device-Enabled Authorization in the Grey System},
    booktitle = {In Proceedings of the 8th Information Security Conference (ISC’05},
    year = {2005},
    pages = {431--445},
    publisher = {Springer Verlag LNCS}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

We describe the design and implementation of Grey, a set of software extensions that convert an off-the-shelf smartphone-class device into a tool by which its owner exercises and delegates her authority to both physical and virtual resources. We describe the software architecture and user interfaces of Grey, and then detail two initial case studies in which we have converted infrastructure to accommodate requests from Grey-enabled devices. The first is two floors (nearly 30,000 square feet) of office space, in which we are equipping over 65 doors for access control using Grey for a population of roughly 150 persons. The second is modifications to Windows XP that permit login via Grey-enabled phones. We provide preliminary evaluations of these efforts and directions for research to further the vision of a unified authorization framework for both physical and virtual resources.

Citations

728	A formulation of the simple theory of types - Church - 1940
634	A framework for defining logics - Harper, Honsell, et al. - 1999
403	Authentication in distributed systems: Theory and practice - Lampson, Abadi, et al. - 1992
315	A calculus for access control in distributed systems - Abadi, Burrows, et al. - 1993
285	SDSI - A Simple Distributed Security Infrastructure - Rivest, Lampson - 1996
163	Authentication in the Taos operating system - Wobber, Abadi, et al. - 1994
161	Proof-carrying authentication - Appel, Felten - 1999
103	An algorithm for testing conversion in type theory - Coquand - 1990
103	Seeing-is-believing: Using camera phones for human-verifiable authentication - McCune, Perrig, et al. - 2005
99	Electromagnetic analysis (ema): Measures and counter-measures for smart cards - Quisquater, Samyde - 2001
96	On SDSI's linked local name spaces - Abadi - 1998
96	Securing context-aware applications using environment roles - Covington, Long, et al.
82	Hash visualization: a new technique to improve real-world security - Perrig, Song - 1999
81	Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification", RFC 5751 - Ramsdell, Turner - 2010
79	Compliance checking in the policymaker trust management system - Blaze, Feigenbaum, et al. - 1998
72	T.: SPKI certificate theory - Ellison, Frantz, et al. - 1999
68	Using Camera-Equipped Mobile Phones for Interacting with Real-World Objects - ROHS, GFELLER - 2004
61	A general and flexible access-control system for the web - Bauer, Schneider, et al. - 2002
61	Distributed proving in access-control systems - Bauer, Garriss, et al. - 2005
47	TRIP: a low-cost vision-based location system for ubiquitous computing - Ipiña, Mendonça, et al. - 2002
39	Cerberus: a context-aware security scheme for smart spaces - Al-Muhtadi - 2003
39	Hand-held computers can be better smart cards - Balfanz, Felten - 1999
37	Networked Cryptographic Devices Resilient to Capture - MacKenzie, Reiter - 2001
35	A security infrastructure for distributed Java applications - Balfanz, Dean, et al. - 2000
35	der Meyden. A logic for SDSI’s linked local name spaces - Halpern, van
31	Protecting access to people location information - Hengartner, Steenkiste - 2003
29	Using visual tags to bypass bluetooth device discovery - Scott, Sharp, et al. - 2005
27	A trustworthy proof checker - Appel, Michael, et al. - 2002
27	A Context-Aware Security Architecture for Emerging Applications - Covington, Fogla, et al. - 2002
23	Public key support for collaborative groups - Dohrmann, Ellison - 2002
16	Digital signature algorithm - Kravitz - 1991
15	Personal servers as digital keys - Beaufour, Bonnet - 2004
15	Delegation of cryptographic servers for capture-resilient devices - MacKenzie, Reiter - 2003
13	Using Camera-Phones to Enhance Human Computer Interaction - Madhavapeddy, Scott, et al.
11	ContextBased Secure Resource Access in Pervasive Computing Environments - Tripathi, Ahmed, et al. - 2004
8	Authentication method with impersonal token cards - Molva, Tsudik - 1993
8	Accessing ubiquitous services using smart phones - Ravi, Stern, et al. - 2005
5	Simple public key certificate. Internet Engineering Task Force Draft IETF - Ellison, Frantz, et al. - 1997
5	Visual Key Fingerprint Code, Available at http://www.cs.berkeley.edu/iang/visprint.c - Goldberg - 1996
4	Towards context-aware security: An authorization architecture for intranet environments - Wullems, Looi, et al. - 2004
3	Pervasive authentication domains for automatic pervasive device authorization - Sailer, Giles - 2004
2	Worldwide mobile phone 2004–2008 forecast update and 1H04 vendor shares. http://www.idc.com/getdoc.jsp?containerId=32336 - Slawsby, Leibovitch - 2004
1	Secure smart homes using Jini and UIUS SESAME - Al-Muhtadi, Anand, et al. - 2000
1	Internet X.509 public key infrastucture certificate and CRL profile. RFC 3280 - Housley, Polk, et al. - 2002