friendly authentication and communication experience (face) for ubiquitous authentication on mobile...
Post on 21-Dec-2015
229 views
TRANSCRIPT
Friendly Authentication and Communication Experience (Face) for Ubiquitous Authentication on
Mobile Devices
Author: Benjamin Halpert
Presented by: 魏聲尊
Outline
• Introduction
• FACE
• Ad-hoc authentication
Introduction
• Current wireless personal area network (WPAN) standers provide no method for two previously unacquainted parties to authenticate to one another in a trusted manner upon first encounter.
• The target environment for FACE is wirelessly enabled mobile devices that form ad-hoc network.
FACE• Motivation
– reducing the passage of malicious code from one wireless enabled device to another
– bring people in contact with others they may not typically associate
– the proposed ubiquitous authentication method can assist in reducing identity theft occurrences
• Requirement– Low resource consumption– To include battery life – Processing power– Application footprint
FACE
• Assumption– all devices within the ad-hoc network have
already agreed on a given routing to communicate
– at lease one device has access to the internet– the user has already been authenticated to the
actual in-hand
• Environment– wirelessly enabled mobile devices
Ad-hoc authentication
• Towards Flexible Credential Verification in Mobile Ad-hoc Network
• SHAD:A Human Centered Security Architecture for Partitionable, Dynamic and Heterogeneous Distributed System
• Talking To Strangers: Authentication in Ad-hoc Wireless Network
Towards Flexible Credential Verification in Mobile Ad-hoc Network
• It improves the likelihood that participants in an ad-hoc network can verify each others credentials despite the lack of access certification and attribute authorities.
• It combines aspect in PGP, XML Signature and SMAL and comprise four architecture.– the XML credential generator
• Create the readable credential assertion statement (CAS)
– the security assertion module• Issue assertion to other users (ASS)
– the verification and validation module • Determinate whether a CAS is authentic
– the key management module• Provide key
Towards Flexible Credential Verification in Mobile Ad-hoc Network
SHAD:A Human Centered Security Architecture for Partitionable, Dynamic and Heterogeneous Distributed System
• SHAD avoids the use of centralized entities and it is designed to be agile in a peer-to peer environment.
• SHAD will meet the following requirements:– 1.Independence of centralized services or authentication servers.
– 2.Ease of use and the non-obtrusiveness.
– 3.Supporting of disconnections and delegation.
– 4.Minimizing of power consumption and the processing limitations of mobile devices
– Ease of deployment
Talking To Strangers: Authentication in Ad-hoc Wireless Network
• They provide secure authentication using almost any established public-key-based key exchange protocol.
• A few concepts:– Demonstrative identification– Location-limited channels– Pre-authentication