research-article

Open access

Secure bootstrapping of cloud-managed ubiquitous displays

Authors:

Mario Di Francesco, and

Tuomas AuraAuthors Info & Claims

UbiComp '14: Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing

September 2014

Pages 739 - 750

https://doi.org/10.1145/2632048.2632049

Published: 13 September 2014 Publication History

Abstract

Eventually, all printed signs and bulletins will be replaced by electronic displays, which are wirelessly connected to the Internet and cloud-based services. Deploying such ubiquitous displays can be cumbersome since they need to be correctly configured and authorized to access both the Internet and the necessary services, despite the fact that they have minimal input capabilities and may be in inaccessible locations. Our goal is to enable easy and secure configuration of ubiquitous displays such as digital signage and advertisements, which are managed by cloud services and show HTML5 content. In our solution, the display shows a QR code which, when scanned by the user with a camera phone, allows automatic configuration of the wireless network along with the content to be shown. This is accomplished by a long-term trust relation configured between the cloud service and the wireless access network. We build on existing technologies and standard protocols, including RADIUS and EAP, without requiring new software to be installed on the phone or changes to the network infrastructure.

Supplementary Material

MOV File (p739-sethi.mov)

Download
78.85 MB

References

[1]

Google cloud-based print service. http://www.google.com/cloudprint/learn/.

[2]

hostapd: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator. http://hostap.epitest.fi/hostapd/.

[3]

jQuery Mobile framework. http://jquerymobile.com/.

[4]

QR Droid. https://play.google.com/store/apps/details?id=la.droid.qr.

[5]

The FreeRADIUS Project. http://freeradius.org/.

[6]

WPA Supplicant for Linux, BSD, Mac OS X, and Windows. http://hostap.epitest.fi/wpa_supplicant/.

[7]

3GPP Organizational Partners. Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA). 3GPP Technical Specification 33.220, European Telecommunications Standards Institute (ETSI), December 2013. version 12.2.0.

[8]

Aboba, B., Beadles, M. A., Arkko, J., and Eronen, P. The Network Access Identifier. RFC 4282, Internet Engineering Task Force (IETF), December 2005.

[9]

Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and Levkowetz, H. Extensible Authentication Protocol (EAP). RFC 3748, Internet Engineering Task Force (IETF), June 2004.

[10]

Bauer, K., Gonzales, H., and McCoy, D. Mitigating evil twin attacks in 802.11. In IEEE International Performance, Computing and Communications Conference (IPCCC), IEEE (2008), 513--516.

[11]

Bichler, D., Stromberg, G., Huemer, M., and Löw, M. Key generation based on acceleration data of shaking processes. In UbiComp: Ubiquitous Computing. Springer, 2007, 304--317.

Digital Library

[12]

Buhan, I., Doumen, J., Hartel, P., and Veldhuis, R. Feeling is believing: a secure template exchange protocol. In Advances in Biometrics. Springer, 2007, 897--906.

Digital Library

[13]

Clinch, S., Davies, N., Friday, A., and Clinch, G. Yarely: A software player for open pervasive display networks. In Proceedings of the 2Nd ACM International Symposium on Pervasive Displays, PerDis '13 (2013), 25--30.

Digital Library

[14]

Dementyev, A., Gummeson, J., Thrasher, D., Parks, A., Ganesan, D., Smith, J. R., and Sample, A. P. Wirelessly powered bistable display tags. In Proceedings of the 2013 ACM International Joint Conference on Pervasive and Ubiquitous Computing, UbiComp '13 (2013), 383--386.

Digital Library

[15]

Dhamija, R., Tygar, J. D., and Hearst, M. Why phishing works. In Proceedings of the SIGCHI conference on Human Factors in computing systems, ACM (2006), 581--590.

Digital Library

[16]

Diffie, W., and Hellman, M. E. New directions in cryptography. IEEE Transactions on Information Theory 22, 6 (1976), 644--654.

Digital Library

[17]

Goodrich, M. T., Sirivianos, M., Solis, J., Tsudik, G., and Uzun, E. Loud and clear: Human-verifiable authentication based on audio. In 26th IEEE International Conference on Distributed Computing Systems (ICDCS), IEEE (2006).

Digital Library

[18]

Heikenfeld, J., Drzaic, P., Yeo, J.-S., and Koch, T. Review paper: A critical review of the present and future prospects for electronic paper. Journal of the Society for Information Display 19, 2 (2011).

[19]

Henzen, A., Ailenei, N., Van Reeth, F., Vansichem, G., Zehner, R. W., and Amundson, K. 32.4: An electronic ink low latency drawing tablet. SID Symposium Digest of Technical Papers 35, 1 (2004), 1070--1073.

[20]

Henzen, A., van de Kamer, J., Nakamura, T., Tsuji, T., Yasui, M., Pitt, M., Duthaler, G., Amundson, K., Gates, H., and Zehner, R. 13.2: Development of active matrix electronic ink displays for handheld devices. SID Symposium Digest of Technical Papers 34, 1 (2003), 176--179.

[21]

IEEE Std. 802.11 WG, Part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications", 1999. (Reaffirmed June 2003).

[22]

IEEE Standard for Local and Metropolitan Area Networks -- Port-based Network Access Control, February 2010.

[23]

Kindberg, T., Bevan, C., O'Neill, E., Mitchell, J., Grimmett, J., and Woodgate, D. Authenticating ubiquitous services: A study of wireless hotspot access. In Proceedings of the 11th International Conference on Ubiquitous Computing, Ubicomp '09 (2009), 115--124.

Digital Library

[24]

Kindberg, T., Mitchell, J., Grimmett, J., Bevan, C., and O'Neill, E. Authenticating public wireless networks with physical evidence. In IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (WIMOB)., IEEE (2009), 394--399.

Digital Library

[25]

Kubitza, T., Clinch, S., Davies, N., and Langheinrich, M. Using mobile devices to personalize pervasive displays. ACM SIGMOBILE Mobile Computing and Communications Review 16, 4 (2013), 26--27.

Digital Library

[26]

Lindén, T., Heikkinen, T., Kostakos, V., Ferreira, D., and Ojala, T. Towards multi-application public interactive displays. In Proc. of the 2012 International Symposium on Pervasive Displays (2012), 9:1--9:5.

Digital Library

[27]

Lu, Y., Li, S., and Shen, H. Virtualized screen: A third element for cloud--mobile convergence. Multimedia, IEEE 18, 2 (February 2011), 4--11.

Digital Library

[28]

Mayrhofer, R., and Gellersen, H. Shake well before use: Intuitive and secure pairing of mobile devices. IEEE Transactions on Mobile Computing 8, 6 (2009), 792--806.

Digital Library

[29]

McCune, J. M., Perrig, A., and Reiter, M. K. Seeing-is-believing: Using camera phones for human-verifiable authentication. In IEEE symposium on Security and privacy, IEEE (2005), 110--124.

Digital Library

[30]

Miller, S. P., Neuman, B. C., Schiller, J. I., and Saltzer, J. H. Kerberos authentication and authorization system. In In Project Athena Technical Plan, MIT (1987).

[31]

Oat, E., Di Francesco, M., and Aura, T. MoCHA: Augmenting pervasive displays through mobile devices and web-based technologies. In Proc. of the first IEEE Workshop on Developing Applications for Pervasive Display Networks (PD-Apps '14) (March 2014), 506--511.

[32]

O'Hara, K., Perry, M., Churchill, E., and Russell, D., Eds. Public and situated displays: Social and interactional aspects of shared display technologies, vol. 2 of Computer Supported Cooperative Work. Springer, 2003.

Digital Library

[33]

Richardson, T., Stafford-Fraser, Q., Wood, K., and Hopper, A. Virtual network computing. Internet Computing, IEEE 2, 1 (January/February 1998), 33--38.

Digital Library

[34]

Rigney, C., Rubens, A. C., Simpson, W. A., and Willens, S. Remote Authentication Dial In User Service (RADIUS). RFC 2865, Internet Engineering Task Force (IETF), June 2000.

Digital Library

[35]

Rivest, R. L., and Shamir, A. How to expose an eavesdropper. Communications of the ACM 27, 4 (1984), 393--394.

Digital Library

[36]

Sethi, M., Antikainen, M., and Aura, T. Commitment-based device pairing with synchronized drawing. In Proc. of PerCom '14 (March 2014), 181--189.

[37]

Simoens, P., De Turck, F., Dhoedt, B., and Demeester, P. Remote display solutions for mobile cloud computing. Computer 44, 8 (August 2011), 46--53.

Digital Library

[38]

Simon, D., Aboba, B., and Hurst, R. The EAP-TLS authentication protocol. RFC 5216, Internet Engineering Task Force (IETF), March 2008.

[39]

Want, R., and Pering, T. System challenges for ubiquitous & pervasive computing. In Proceedings of the 27th International Conference on Software Engineering, ICSE '05 (2005), 9--14.

Digital Library

Cited By

Lu BWang LWang WYu KGarg SJalil Piran MAlamri A(2023)On-Body Device Clustering for Security Preserving in Internet of ThingsIEEE Internet of Things Journal10.1109/JIOT.2021.311104110:4(2852-2863)Online publication date: 15-Feb-2023
https://doi.org/10.1109/JIOT.2021.3111041
Boire SAkgün TGinzboorg PLaitinen PTamrakar SAura TBoukerche ATsiropoulou ECoutinho R(2021)Credential Provisioning and Device Configuration with EAPProceedings of the 19th ACM International Symposium on Mobility Management and Wireless Access10.1145/3479241.3486705(87-96)Online publication date: 22-Nov-2021
https://dl.acm.org/doi/10.1145/3479241.3486705
Freire MPotts DDayama NOulasvirta AFrancesco M(2019)Foraging-based optimization of pervasive displaysPervasive and Mobile Computing10.1016/j.pmcj.2019.02.008Online publication date: Mar-2019
https://doi.org/10.1016/j.pmcj.2019.02.008
Show More Cited By

Index Terms

Secure bootstrapping of cloud-managed ubiquitous displays
1. Human-centered computing
  1. Human computer interaction (HCI)

Recommendations

SecuSpot: Toward Cloud-Assisted Secure Multi-Tenant WiFi HotSpot Infrastructures
CAN '16: Proceedings of the 2016 ACM Workshop on Cloud-Assisted Networking

Despite the increasing popularity of WiFi networks and the trend toward automated offloading of cellular traffic to WiFi (e.g., HotSpot 2.0), today's WiFi networks still provide a very poor actual coverage: a WiFi equipped device can typically connect ...
Read More
Secure handover for Proxy Mobile IPv6 in next-generation communications: scenarios and performance

As wireless mobile network technologies have grown tremendously over the past few years, security issues of protecting user privacy and network resources have emerged. Particularly, a mobile node (MN) must be authenticated in order to utilize the ...
Read More
An authentication mechanism for the UMTS-WiFi networks
Mobility '09: Proceedings of the 6th International Conference on Mobile Technology, Application & Systems

UMTS (Universal Mobile Telecommunications System) network will permit to give support to the subscribers for performing any kind of communication without restriction in the service area. In view of mutual complementary feature of wide coverage and high ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

UbiComp '14: Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing

September 2014

973 pages

ISBN:9781450329682

DOI:10.1145/2632048

General Chairs:
AJ Brush
Microsoft Research
,
Adrian Friday
Lancaster University, UK
,
Program Chairs:
Julie Kientz
University of Washington
,
James Scott
Microsoft Research, UK
,
Junehwa Song
Korea Advanced Institute of Science and Technology (KAIST), KR

Copyright © 2014 Owner/Author.

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Sponsors

In-Cooperation

SIGSPATIAL: ACM Special Interest Group on Spatial Information

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 September 2014

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Division of Computer and Network Systems

Conference

UbiComp '14

Sponsor:

UbiComp '14: The 2014 ACM Conference on Ubiquitous Computing

September 13 - 17, 2014

Washington, Seattle

Acceptance Rates

Overall Acceptance Rate 764 of 2,912 submissions, 26%

Upcoming Conference

UBICOMP '24

Sponsor:
sigchi
sigchi

The 2024 ACM International Joint Conference on Pervasive and Ubiquitous Computing

October 5 - 9, 2024

Melbourne , VIC , Australia

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
1,661
Total Downloads

Downloads (Last 12 months)79
Downloads (Last 6 weeks)12

Other Metrics

View Author Metrics

Citations

Cited By

Lu BWang LWang WYu KGarg SJalil Piran MAlamri A(2023)On-Body Device Clustering for Security Preserving in Internet of ThingsIEEE Internet of Things Journal10.1109/JIOT.2021.311104110:4(2852-2863)Online publication date: 15-Feb-2023
https://doi.org/10.1109/JIOT.2021.3111041
Boire SAkgün TGinzboorg PLaitinen PTamrakar SAura TBoukerche ATsiropoulou ECoutinho R(2021)Credential Provisioning and Device Configuration with EAPProceedings of the 19th ACM International Symposium on Mobility Management and Wireless Access10.1145/3479241.3486705(87-96)Online publication date: 22-Nov-2021
https://dl.acm.org/doi/10.1145/3479241.3486705
Freire MPotts DDayama NOulasvirta AFrancesco M(2019)Foraging-based optimization of pervasive displaysPervasive and Mobile Computing10.1016/j.pmcj.2019.02.008Online publication date: Mar-2019
https://doi.org/10.1016/j.pmcj.2019.02.008
Schurmann D(2017)Establishing trust in heterogeneous networks2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops)10.1109/PERCOMW.2017.7917540(107-108)Online publication date: Mar-2017
https://doi.org/10.1109/PERCOMW.2017.7917540
Hessar MIyer VGollakota SLukowicz PKrüger ABulling ALim YPatel S(2016)Enabling on-body transmissions with commodity devicesProceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing10.1145/2971648.2971682(1100-1111)Online publication date: 12-Sep-2016
https://dl.acm.org/doi/10.1145/2971648.2971682
Freire MTatiraju VSethi MDi Francesco MOjala TKostakos VMüller JMemarovic N(2016)Replication of web-based pervasive display applicationsProceedings of the 5th ACM International Symposium on Pervasive Displays10.1145/2914920.2915013(204-211)Online publication date: 20-Jun-2016
https://dl.acm.org/doi/10.1145/2914920.2915013
Pierson TLiang XPeterson RKotz D(2016)Wanda: Securely introducing mobile devicesIEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications10.1109/INFOCOM.2016.7524366(1-9)Online publication date: Apr-2016
https://doi.org/10.1109/INFOCOM.2016.7524366
Sethi MLijding MDi Francesco MAura T(2015)Flexible Management of Cloud-Connected Digital Signage2015 IEEE 12th Intl Conf on Ubiquitous Intelligence and Computing and 2015 IEEE 12th Intl Conf on Autonomic and Trusted Computing and 2015 IEEE 15th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom)10.1109/UIC-ATC-ScalCom-CBDCom-IoP.2015.52(205-212)Online publication date: Aug-2015
https://doi.org/10.1109/UIC-ATC-ScalCom-CBDCom-IoP.2015.52
Sethi MKortoci PDi Francesco MAura T(2015)Secure and low-power authentication for resource-constrained devices2015 5th International Conference on the Internet of Things (IOT)10.1109/IOT.2015.7356545(30-36)Online publication date: Oct-2015
https://doi.org/10.1109/IOT.2015.7356545

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents