Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Usability classification for spontaneous device association

  • Original Article
  • Published:
Personal and Ubiquitous Computing Aims and scope Submit manuscript

    We’re sorry, something doesn't seem to be working properly.

    Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Abstract

As wireless devices increasingly becoming ubiquitous, spontaneous interaction opportunities are accordingly becoming common. Although spontaneous interaction research has been ongoing for many years, a key question of spontaneous interaction still remains open: how can users associate devices in a natural, intuitive and secure manner. Over the past decade, researchers have demonstrated a plethora of device association techniques. Nonetheless, users were often neglected during design or they were only involved in a later stage, like testing. We argue that since device association is performed by end-users, usability factors need to be considered in the early stage of design. In this article, we present a categorisation of factors that influence the usability of device association. This paper aims at providing a framework that informs researchers and system designers of the considerations needed when designing or adopting an association technique.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Notes

  1. Alternative terminologies, such as pairing, binding, or coupling of devices, have been adopted by other literature. Essentially, the underlying concept remains the same—to establish an ad hoc network amongst multiple devices.

  2. Suomalainen et al. [39] defined an association model as the part of an association procedure that is visible to the user(s).

  3. To establish a secure connection, a common secret key for encryption must be agreed amongst the participating devices during their association.

  4. Apple’s Nike+iPod. http://www.apple.com/uk/ipod/nike.

  5. We thank Rene Mayrhofer for pointing this out during a conversation we had.

  6. Project Blinkenlights. http://blinkenlights.net/.

  7. A man-in-the-middle (MITM) attack is a form of active eavesdropping. An assailant impersonates both endpoints of a connection, establishes independent connections with the victims and relays messages while making the victims perceive they are communicating with each other over a private connection. During the communication, the attacker can intercept and inject false messages.

  8. Some literature refers an OOB channel as an auxiliary channel.

  9. We found no research that explores the senses of taste and smell for device association.

References

  1. Balfanz D, Durfee G, Grinter RE, Smetters DK, Stewart P (2004) Network-in-a-box: how to set up a secure wireless network in under a minute. In: SSYM’04: Proceedings of the 13th conference on USENIX security symposium, USENIX Association, pp 207–222

  2. Balfanz D, Smetters D, Stewart P, Wong HC (2002) Talking to strangers: authentication in ad-hoc wireless networks. In: NDSS’02: Proceedings of the 2002 network and distributed systems security symposium

  3. Beigl M (1999) Point & Click-interaction in smart environments. In: HUC ’99: Proceedings of the 1st international symposium on handheld and ubiquitous computing. Springer, pp 311–313

  4. Bichler D, Stromberg G, Huemer M, Löw M (2007) Key generation based on acceleration data of shaking processes. In: UbiComp 2007: ubiquitous computing. Springer, pp 304–317

  5. Bluetooth Special Interest Group (2006) Simple pairing whitepaper (revision v10r00)

  6. Buhan I, Boom B, Doumen J, Hartel PH, Veldhuis RNJ (2009) Secure pairing with biometrics. Int J Secur Netw 4(1/2): 27–42

    Article  Google Scholar 

  7. Castelluccia C, Mutaf P (2005) Shake them up!: a movement-based pairing protocol for cpu-constrained devices. In: MobiSys ’05: Proceedings of the 3rd international conference on mobile systems, applications, and services, ACM, pp 51–64

  8. Chong MK, Gellersen H (2010) Classification of spontaneous device association from a usability perspective. In: IWSSI/SPMU 2010, pp 1–7

  9. Chong MK, Marsden G, Gellersen H (2010) GesturePIN: using discrete gestures for associating mobile devices. In: MobileHCI 2010

  10. Fitts PM (1954) The information capacity of the human motor system in controlling the amplitude of movement. J Exp Psychol 47(6):381–391

    Article  Google Scholar 

  11. Gehrmann C, Mitchell CJ, Nyberg K (2004) Manual authentication for wireless devices. RSA CryptoBytes 7(1):29–37

    Google Scholar 

  12. Goodrich MT, Sirivianos M, Solis J, Soriente C, Tsudik G, Uzun E (2009) Using audio in secure device pairing. Int J Secur Netw 4(1/2):57–68

    Article  Google Scholar 

  13. Goodrich MT, Sirivianos M, Solis J, Tsudik G, Uzun E (2006) Loud and Clear: Human-verifiable authentication based on audio. In: ICDCS ’06: Proceedings of the 26th IEEE international conference on distributed computing systems, IEEE Computer Society, p 10.

  14. Hinckley K (2003) Synchronous gestures for multiple persons and computers. In: UIST ’03: Proceedings of the 16th annual ACM symposium on user interface software and technology. ACM, pp 149–158

  15. Holmquist LE, Mattern F, Schiele B, Alahuhta P, Beigl M, Gellersen H-W (2001) Smart-its friends: a technique for users to easily establish connections between smart artefacts. In: UbiComp ’01: Proceedings of the 3rd international conference on ubiquitous computing. Springer, pp 116–122

  16. Ion I, Langheinrich M, Kumaraguru P, Capkun S (2010) Influence of user perception, security needs, and social factors on device pairing method choices. In: SOUPS ’10

  17. Iwasaki Y, Kawaguchi N, Inagaki Y (2003) Touch-and-connect: a connection request framework for ad-hoc networks and the pervasive computing environment. In: PERCOM ’03: Proceedings of the first IEEE international conference on pervasive computing and communications, IEEE Computer Society, pp 20–29

  18. Kainda R, Flechais I, Roscoe AW (2010) Secure mobile ad-hoc interactions: reasoning about out-of-band (oob) channels. In: IWSSI/SPMU 2010, pp 10–15

  19. Kainda R, Flechais I, Roscoe AW (2010) Two heads are better than one: security and usability of device associations in group scenarios. In: Proceedings of SOUPS 2010. ACM Press

  20. Kindberg T, Zhang K (2003) Secure spontaneous device association. In: UbiComp 2003: ubiquitous computing. Springer, pp 124–131

  21. Kindberg T, Zhang K (2003) Validating and securing spontaneous associations between wireless devices. In: ISC 2003: information security. Springer, pp 44–53

  22. Laur S, Nyberg K (2006) Efficient mutual data authentication using manually authenticated strings. In: Cryptology and network security, Springer, pp 90–107

  23. Mayrhofer R, Gellersen H (2009) Shake well before use: intuitive and secure pairing of mobile devices. IEEE Trans Mobile Comput 8(6):792–806

    Article  Google Scholar 

  24. Mayrhofer R, Gellersen H, Hazas M (2007) Security by spatial reference: using relative positioning to authenticate devices for spontaneous interaction. In: UbiComp 2007: ubiquitous computing, Springer, pp 199–216

  25. Mayrhofer R, Welch M (2007) A human-verifiable authentication protocol using visible laser light. In: ARES ’07: Proceedings of the second international conference on availability, reliability and security, IEEE Computer Society, pp 1143–1148

  26. McCune JM, Perrig A, Reiter MK (2005) Seeing-Is-believing: using camera phones for human-verifiable authentication. In: SP ’05: Proceedings of the 2005 IEEE Symposium on Security and Privacy, IEEE Computer Society, pp 110–124

  27. Nicholson AJ, Smith IE, Hughes J, Noble BD (2006) LoKey: Leveraging the sms network in decentralized, end-to-end trust establishment. In: Pervasive computing. Springer, pp 202–219

  28. Park DG, Kim JK, Sung JB, Hwang JH, Hyung CH, Kang SW (2006) TAP: Touch-And-Play. In: CHI ’06: Proceedings of the SIGCHI conference on Human Factors in computing systems. ACM, pp 677–680

  29. Patel SN, Pierce JS, Abowd GD (2004) A gesture-based authentication scheme for untrusted public terminals. In: UIST ’04: Proceedings of the 17th annual ACM symposium on user interface software and technology. ACM, pp 157–160

  30. Rekimoto J (2004) SyncTap: synchronous user operation for spontaneous network connection. Pers Ubiquit Comput 8(2):126–134

    Article  Google Scholar 

  31. Rekimoto J, Ayatsuka Y, Kohno M, Oba H (2003) Proximal interactions: a direct manipulation technique for wireless networking. In: INTERACT ’03, IOS Press, pp 511–518

  32. Saxena N, Ekberg J-E, Kostiainen K, Asokan N (2006) Secure device pairing based on a visual channel (short paper). In: SP ’06: Proceedings of the 2006 IEEE symposium on security and privacy, IEEE Computer Society, pp 306–313

  33. Saxena N, Uddin MB, Voris J (2008) Universal device pairing using an auxiliary device. In: SOUPS ’08: Proceedings of the 4th symposium on usable privacy and security, ACM, pp 56–67

  34. Schmidt D, Chehimi F, Rukzio E, Gellersen H (2010) Phonetouch: a technique for direct phone interaction on surfaces. In: UIST ’10: Proceedings of the 23nd annual ACM symposium on user interface software and technology. ACM, pp 13–16

  35. Seewoonauth K, Rukzio E, Hardy R, Holleis P (2009) Touch & connect and touch & select: interacting with a computer by touching it with a mobile phone. In: MobileHCI ’09: Proceedings of the 11th international conference on human-computer interaction with mobile devices and services. ACM, pp 36:1–36:9

  36. Soriente C, Tsudik G, Uzun E (2008) HAPADEP: Human-assisted pure audio device pairing. In: ISC ’08: Proceedings of the 11th international conference on information security. Springer, pp 385–400

  37. Soriente C, Tsudik G, Uzun E (2009) Secure pairing of interface constrained devices. Int J Secur Netw 4(1/2):17–26

    Article  Google Scholar 

  38. Stajano F, Anderson R (1999) The resurrecting duckling: security issues for ad-hoc wireless networks. In: Proceedings of the 7th international workshop on security protocols. Springer, pp 172–194

  39. Suomalainen J, Valkonen J, Asokan N (2009) Standards for security associations in personal networks: a comparative analysis. Int J Secur Netw 4(1/2):87–100

    Article  Google Scholar 

  40. Swindells C, Inkpen KM, Dill JC, Tory M (2002) That one there! pointing to establish device identity. In: UIST ’02: Proceedings of the 15th annual ACM symposium on user interface software and technology. ACM, pp 151–160

  41. Terrenghi L, Quigley A, Dix A (2009) A taxonomy for and analysis of multi-person-display ecosystems. Pers Ubiquit Comput 13(8):583–598

    Article  Google Scholar 

  42. Varshavsky A, Scannell A, LaMarca A, de Lara E (2007) Amigo: proximity-based authentication of mobile devices. In: UbiComp 2007: ubiquitous computing. Springer, pp 253–270

  43. Vaudenay S (2005) Secure communications over insecure channels based on short authenticated strings. In: CRYPTO 2005. Springer, Heidelberg, pp 309–326

Download references

Author information

Authors and Affiliations

  1. School of Computing and Communications, Lancaster University, Lancaster, UK

    Ming Ki Chong & Hans Gellersen

Authors
  1. Ming Ki Chong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hans Gellersen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ming Ki Chong.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Chong, M.K., Gellersen, H. Usability classification for spontaneous device association. Pers Ubiquit Comput 16, 77–89 (2012). https://doi.org/10.1007/s00779-011-0421-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00779-011-0421-1

Search

Navigation