ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Authenticating ubiquitous services: a study of wireless hotspot access
Full text PdfPdf (1.46 MB)
Source
ACM International Conference Proceeding Series archive
Proceedings of the 11th international conference on Ubiquitous computing table of contents
Orlando, Florida, USA
SESSION: Security & access table of contents
Pages 115-124  
Year of Publication: 2009
ISBN:978-1-60558-431-7
Authors
Tim Kindberg  HP Labs, Bristol, United Kingdom
Chris Bevan  University of Bath, Bath, United Kingdom
Eamonn O'Neill  University of Bath, Bath, United Kingdom
James Mitchell  University of Bath, Bath, United Kingdom
Jim Grimmett  University of Bath, Bath, United Kingdom
Dawn Woodgate  University of Bath, Bath, United Kingdom
Sponsors
ACM: Association for Computing Machinery
SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing
SIGCHI: ACM Special Interest Group on Computer-Human Interaction
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 20,   Downloads (12 Months): 20,   Citation Count: 0
Additional Information:

abstract   references   index terms  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1620545.1620565
What is a DOI?

ABSTRACT

This paper concerns the problem of phishing attacks in ubiquitous computing environments. The embedding of ubiquitous services into our everyday environments may make fake services seem plausible but it also enables us to authenticate them with respect to those environments. We propose physical and virtual linkage as two types of authenticating evidence in ubiquitous environments and two protocols based on them. We describe an experiment to test hypotheses concerning user responses to physical and virtual linkage with respect to fake Wi-Fi hotspots. Based on our experience we derive an improved protocol for authenticating spontaneously accessed ubiquitous services.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Balfanz, D., Smetters, D.K., Stewart, P., and Chi Wong, H. Talking to strangers: Authentication in ad--hoc wireless networks. In Proc. Network and Distributed Systems Security (NDSS 2002), (2002).
 
2
BBC News: Parking ticket leads to a virus. http://news.bbc.co.uk/2/hi/technology/7872299.stm.
 
3
Bugzilla@Mozilla -- MITM in-the-wild. https://bugzilla.mozilla.org/show_bug.cgi?id=460374.
 
4
Dhamija, R., Tygar, J.D., and Hearst, M. Why phishing works. In Proc. CHI 2006. ACM Press (2006), 581--590.
 
5
Fogg, B.J. Persuasive Technology: Using computers to change what we think and do. San Francisco: Morgan Kaufman. (2002).
 
6
Gehrmann, C., Mitchell, J. and Nyberg, K. Manual authentication for wireless devices. RSA Cryptobytes 7(1), (2004), 29--37.
 
7
Kindberg, T., and Fox, A. System software for ubiquitous computing. In IEEE Pervasive Computing 1(1), (2002), 70--81.
 
8
Kindberg, T., O'Neill, E., Bevan, C., Kostakos, V., Stanton Fraser, D., and Jay, T. Measuring trust in wi-fi hotspots. In Proc. CHI 2008. ACM Press (2008), 173--182.
 
9
Kindberg, T., Zhang, K., and Im, S. Evidently secure device associations. HP Labs tech report HPL-2005-40.
 
10
McCune, J.M., Perrig, A., and Reiter, M.K. Seeing-is-believing: using camera phones for human-verifiable authentication. In IEEE Security and Privacy, (2005), 110--124.
 
11
Riegelsberger, J. and Sasse, M.A. Trust builders and trustbusters: the role of trust cues in interfaces to e-commerce applications. In Proc. E-Commerce, E-Society, and E-Government 2001. Kluwer, London (2001), 17--30.
 
12
Rivest, R., and Shamir, A. How to expose an eavesdropper. Communications of the ACM, 27(4), (1984).
 
13
Roth, V., Polak, W., Rieffel, E., and Turner, T. Simple and effective defenses against evil twin access points. In Proc. ACM Conference on Wireless Network Security (WiSec), (2008).
 
14
Saxena, N., Ekberg, J.-E., Kostiainen, K., and Asokan, N. Secure device pairing based on a visual channel (extended abstract). In Proc. IEEE Symposium on Security and Privacy, (2006).
 
15
Uzun, E., Karvonen, K., and Asokan, N. Usability analysis of secure pairing methods. In Financial Cryptography and Data Security, (2008), 307--324.
 
16
Vaudenay, S. Secure communications over insecure channels based on short authenticated strings. In Proc. Advances in Cryptology -- CRYPTO 2005, (2005), 309--326.

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.5 INFORMATION INTERFACES AND PRESENTATION (I.7)
      H.5.m Miscellaneous

Additional Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection

  H. Information Systems
  H.1 MODELS AND PRINCIPLES
      H.1.2 User/Machine Systems
          Subjects: Software psychology


General Terms:
Experimentation, Human Factors, Security


Keywords:
authentication, phishing, ubiquitous services, wi-fi


The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player