Friendly Authentication and Communication Experience (Face) for Ubiquitous Authentication on

Mobile Devices

Author: Benjamin Halpert

Presented by: 魏聲尊

Outline

• Introduction

• FACE

• Ad-hoc authentication

Introduction

• Current wireless personal area network (WPAN) standers provide no method for two previously unacquainted parties to authenticate to one another in a trusted manner upon first encounter.

• The target environment for FACE is wirelessly enabled mobile devices that form ad-hoc network.

FACE• Motivation

– reducing the passage of malicious code from one wireless enabled device to another

– bring people in contact with others they may not typically associate

– the proposed ubiquitous authentication method can assist in reducing identity theft occurrences

• Requirement– Low resource consumption– To include battery life – Processing power– Application footprint

FACE

• Assumption– all devices within the ad-hoc network have

already agreed on a given routing to communicate

– at lease one device has access to the internet– the user has already been authenticated to the

actual in-hand

• Environment– wirelessly enabled mobile devices

Ad-hoc authentication

• Towards Flexible Credential Verification in Mobile Ad-hoc Network

• SHAD:A Human Centered Security Architecture for Partitionable, Dynamic and Heterogeneous Distributed System

• Talking To Strangers: Authentication in Ad-hoc Wireless Network

Towards Flexible Credential Verification in Mobile Ad-hoc Network

• It improves the likelihood that participants in an ad-hoc network can verify each others credentials despite the lack of access certification and attribute authorities.

• It combines aspect in PGP, XML Signature and SMAL and comprise four architecture.– the XML credential generator

• Create the readable credential assertion statement (CAS)

– the security assertion module• Issue assertion to other users (ASS)

– the verification and validation module • Determinate whether a CAS is authentic

– the key management module• Provide key

Towards Flexible Credential Verification in Mobile Ad-hoc Network

SHAD:A Human Centered Security Architecture for Partitionable, Dynamic and Heterogeneous Distributed System

• SHAD avoids the use of centralized entities and it is designed to be agile in a peer-to peer environment.

• SHAD will meet the following requirements:– 1.Independence of centralized services or authentication servers.

– 2.Ease of use and the non-obtrusiveness.

– 3.Supporting of disconnections and delegation.

– 4.Minimizing of power consumption and the processing limitations of mobile devices

– Ease of deployment

Talking To Strangers: Authentication in Ad-hoc Wireless Network

• They provide secure authentication using almost any established public-key-based key exchange protocol.

• A few concepts:– Demonstrative identification– Location-limited channels– Pre-authentication