Mobile security and privacy: the quest for the mighty access control
Proceedings of the 18th ACM symposium on Access control models and technologies
CASA: context-aware scalable authentication
Proceedings of the Ninth Symposium on Usable Privacy and Security
Towards application-centric implicit authentication on smartphones
Proceedings of the 15th Workshop on Mobile Computing Systems and Applications
Hi-index | 0.00 |
Configuring access control policies in mobile devices can be quite tedious and unintuitive for users. Software designers attempt to address this problem by setting up default policy configurations. But such global defaults may not be sensible for all users. Modern smart phones are capable of sensing a variety of information about the surrounding environment like Bluetooth devices, WiFi access points, temperature, ambient light, sound and location coordinates. We conjecture that profiling this type of contextual information can be used to infer the familiarity and safety of a context and aid in access control decisions. We propose a context profiling framework and describe device locking as an example application where the locking timeout and unlocking method are dynamically decided based on the perceived safety of current context. We report on using datasets from a large scale smart phone data collection campaign to select parameters for the context profiling framework. We also describe a prototype implementation on a smart phone platform. More generally, we hope that our example design and implementation spurs further research on the notion of using context profiling towards automating security policy decisions and identify other applications.