Results 1 - 10
of
17
Point&Connect: Intention-based Device Pairing for Mobile Phone Users
"... Point&Connect (P&C) offers an intuitive and resilient device pairing solution on standard mobile phones. Its operation follows the simple sequence of point-and-connect: when a user plans to pair her mobile phone with another device nearby, she makes a simple hand gesture that points her phon ..."
Abstract
-
Cited by 17 (0 self)
- Add to MetaCart
(Show Context)
Point&Connect (P&C) offers an intuitive and resilient device pairing solution on standard mobile phones. Its operation follows the simple sequence of point-and-connect: when a user plans to pair her mobile phone with another device nearby, she makes a simple hand gesture that points her phone towards the intended target. The system will capture the user’s gesture, understand the target selection intention, and complete the device pairing. P&C is intentionbased, intuitive, and reduces user efforts in device pairing. The main technical challenge is to come up with a simple system technique to effectively capture and understand the intention of the user, and pick the right device among many others nearby. It should further work on any mobile phones or small devices without relying on infrastructure or special hardware. P&C meets this challenge with a novel collaborative scheme to measure maximum distance change based on acoustic signals. Using only a speaker and a microphone, P&C can be implemented solely in user-level software and work on COTS phones. P&C adds additional mechanisms to improve resiliency against imperfect user actions, acoustic disturbance, and even certain malicious attacks. We have implemented P&C in Windows Mobile phones and conducted extensive experimental evaluation, and showed that it is a cool and effective way to perform device pairing.
Authentication Technologies for the Blind or Visually Impaired
"... Current research on “Usable Security ” is still in its infancy and usable security solutions are often designed without paying attention to human disabilities. This paper aims to help fill this void in the realm of blind computer users. More specifically, we discuss research challenges we are faced ..."
Abstract
-
Cited by 6 (0 self)
- Add to MetaCart
(Show Context)
Current research on “Usable Security ” is still in its infancy and usable security solutions are often designed without paying attention to human disabilities. This paper aims to help fill this void in the realm of blind computer users. More specifically, we discuss research challenges we are faced with and the directions we can take towards developing authentication technologies suitable for the blind or visually impaired. Our focus is on two technologies: user authentication, i.e., how a blind user can securely authenticate to a device (remote or otherwise) and device authentication, i.e., how a blind user can securely establish private and authenticated communication between two wireless devices. We hope that our work would inspire other researchers to design security solutions keeping in mind not only human abilities but also their disabilities. 1
Micro-Interactions with NFC-Enabled Mobile Phones
"... Abstract. This paper coins the term micro-interactions to refer to the class of small exchanges between devices that occur almost instantaneously. For example, a mobile payment using near-field communication (NFC) is a micro-interaction. The arrival of NFC on smart phones makes possible a wide array ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
(Show Context)
Abstract. This paper coins the term micro-interactions to refer to the class of small exchanges between devices that occur almost instantaneously. For example, a mobile payment using near-field communication (NFC) is a micro-interaction. The arrival of NFC on smart phones makes possible a wide array of applications using micro-interactions, from sharing photos between a phone and a TV to checking a car into a valet parking service by touching two phones. This paper addresses the challenge of how to create intuitive, frictionless micro-interactions that require no pre-configuration for a large class of applications. We deliver a consistent tap-and-share interface for many forms of micro-interactions through several concepts. We propose interaction manifests as universal descriptors of multi-party, cross-platform applications. Zero-click overheads are made possible by automatically using the foreground application as the context for the micro-interactions. We extend the concept of connection handovers to allow NFC-enabled applications to run unmodified on devices lacking NFC. We also show how these abstractions make it easy to create a variety of applications. All the application and library code is available as open source. We demonstrate that by focusing on micro-interactions, our mobile phones can provide a single focal point that enables sharing of our digital identity, assets, applications, and personality with friends (with their mobile phones) as well as the larger-screen PCs and TVs all around us. 1
Classification of spontaneous device association from a usability perspective
- In In Second International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use (IWSSI/SPMU
, 2010
"... All in-text references underlined in blue are linked to publications on ResearchGate, letting you access and read them immediately. ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
(Show Context)
All in-text references underlined in blue are linked to publications on ResearchGate, letting you access and read them immediately.
Multichannel Protocols for User-Friendly and Scalable Initialization of Sensor Networks
- In 5th Int. ICST Conference on Security and Privacy in Comm. Networks (Securecomm
"... Abstract. We consider the classical problem of establishing initial security associations in wireless sensor networks. More specifically, we focus on pre-deployment phase in which sensor nodes have not yet been loaded with shared secrets or other forms of authentic information. In this paper, we pro ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract. We consider the classical problem of establishing initial security associations in wireless sensor networks. More specifically, we focus on pre-deployment phase in which sensor nodes have not yet been loaded with shared secrets or other forms of authentic information. In this paper, we propose two novel multichannel protocols for initialization of large scale wireless sensor networks. The first protocol uses only secret key cryptography and is suitable for CPU-constrained sensor nodes. The second protocol is based on public key cryptography. Both protocols involve communication over a bidirectional radio channel and an unidirectional out-of-band visible light channel. A notable feature of the proposed “public key”-based key deployment protocol is that it is designed to be secure in a very strong attacker model, where an attacker can eavesdrop, jam and modify transmitted messages by adding his own message to both a radio and a visible light channel; the attacker however cannot disable the visible light communication channel. We show that many existing protocols that rely on the visible light channel are insecure in this strong adversary model. We implemented the proposed protocols on the Meshnetics wireless sensor platform. The proposed protocols are cheap to implement, secure in the very strong attacker model, easy to use and scalable. We also designed and tested a simple random number generator suitable for sensor platforms. 1
Threshold Things That Think: Usable Authorisation for Resharing [Poster Abstract SOUPS 2009]
"... People start carrying around more and more mobile devices that can contain sensitive data. To protect these devices, Desmedt et al. [1] proposed a threshold security architecture for Things That Think. These things are personal ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
People start carrying around more and more mobile devices that can contain sensitive data. To protect these devices, Desmedt et al. [1] proposed a threshold security architecture for Things That Think. These things are personal
Secure and Usable Out-Of-Band Channels for Ad hoc Mobile Device Interactions
"... Abstract. Protocols for bootstrapping security in ad hoc mobile device interactions rely on users ’ ability to perform specific tasks such as transferring or comparing fingerprints of information between devices. The size of fingerprints depends on the level of technical security 1 required by a giv ..."
Abstract
-
Cited by 2 (2 self)
- Add to MetaCart
(Show Context)
Abstract. Protocols for bootstrapping security in ad hoc mobile device interactions rely on users ’ ability to perform specific tasks such as transferring or comparing fingerprints of information between devices. The size of fingerprints depends on the level of technical security 1 required by a given application but, at the same time, is limited by users ’ inability to deal with large amounts of data with high levels of accuracy. Large fingerprints provide high technical security but potentially reduce usability of protocols which may result in users making mistakes that compromise security. This conflict between technical security and usability requires methods for transferring fingerprints between devices that maximise both to achieve acceptable effective security. In this paper, we propose two methods for transferring fingerprints between devices. We conducted a usability and security evaluation of the methods and our results show that, in contrast to previous proposals, our methods are both usable and resistant to security failures.
Secure Mobile Ad-hoc Interactions: Reasoning About Out-Of-Band (OOB) Channels
"... Previous research has proposed Human-Interactive Security Protocols (HISP) for bootstrapping security in ad hoc mobile device interactions. These protocols rely on low bandwidth Out-Of-Band (OOB) channels—that are suitable for transferring limited information (e.g. fingerprints of public keys) but u ..."
Abstract
-
Cited by 2 (2 self)
- Add to MetaCart
(Show Context)
Previous research has proposed Human-Interactive Security Protocols (HISP) for bootstrapping security in ad hoc mobile device interactions. These protocols rely on low bandwidth Out-Of-Band (OOB) channels—that are suitable for transferring limited information (e.g. fingerprints of public keys) but unsuitable for transmitting cryptographic keys due to bandwidth constraints—and high bandwidth channels such as Bluetooth and WiFi. In this paper, we argue that factors that are crucial to designing OOB channels that are both usable and secure have not been understood and analysed, and propose a framework for reasoning about them in order to design OOB channels that suit human and contextual needs to achieve usable and acceptable effective security.
Playful Security: A Computer Game for Secure Wireless Device Pairing
"... Abstract—The secure “pairing ” of wireless devices based on out-of-band communication is an established research direction. Unfortunately, this approach is prone to human errors that lead to man-in-the-middle attacks. To address this and to better motivate users, this paper proposes the use of compu ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract—The secure “pairing ” of wireless devices based on out-of-band communication is an established research direction. Unfortunately, this approach is prone to human errors that lead to man-in-the-middle attacks. To address this and to better motivate users, this paper proposes the use of computer games for pairing. Games make the pairing process enjoyable and engaging, thus improving its usability and security. The technical contribution of this work is a new pairing system called “Alice Says. ” This is a game that achieves pairing and is based on the memory game Simon. We also discuss the design and implementation of Alice Says. On a broader note, this paper also points to other security problems that are currently lacking optimal solutions and sug-gests how games and entertainment can be applied to improve them.
comlab.ox.ac.uk
, 2016
"... Two heads are better than one: security and usability of device associations in group scenarios. ..."
Abstract
- Add to MetaCart
(Show Context)
Two heads are better than one: security and usability of device associations in group scenarios.
