The trouble with login: on usability and computer security in ubiquitous computing

Authors:
E. Bardram
Affiliations:
Centre for Pervasive Healthcare, Department of Computer Science, University of Aarhus, Denmark
Venue:
Personal and Ubiquitous Computing
Year:
2005

Citing 16
Cited 16

Generating visions: future workshops and metaphorical design

Design at work
Mobility in collaboration

CSCW '98 Proceedings of the 1998 ACM conference on Computer supported cooperative work
User-centered security

NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Users are not the enemy

Communications of the ACM
Biometric identification

Communications of the ACM
The architecture and implementation of CPN2000, a post-WIMP graphical application

UIST '00 Proceedings of the 13th annual ACM symposium on User interface software and technology
DiamondTouch: a multi-user touch technology

Proceedings of the 14th annual ACM symposium on User interface software and technology
Modern Operating Systems

Modern Operating Systems
Secrets & Lies: Digital Security in a Networked World

Secrets & Lies: Digital Security in a Networked World
Pervasive Computing: Technology and Architecture of Mobile Internet Applications

Pervasive Computing: Technology and Architecture of Mobile Internet Applications
Supporting Human Activities - Exploring Activity-Centered Computing

UbiComp '02 Proceedings of the 4th international conference on Ubiquitous Computing
The Myth of the Paperless Office

The Myth of the Paperless Office
Virtual video prototyping of pervasive healthcare systems

DIS '02 Proceedings of the 4th conference on Designing interactive systems: processes, practices, methods, and techniques
Bringing security home: a process for developing secure and usable systems

Proceedings of the 2003 workshop on New security paradigms
Moving to get ahead: local mobility and collaborative work

ECSCW'03 Proceedings of the eighth conference on European Conference on Computer Supported Cooperative Work
Activity-Based support for mobility and collaboration in ubiquitous computing

UMICS'04 Proceedings of the Second CAiSE conference on Ubiquitous Mobile Information and Collaboration Systems

Interaction techniques for using handhelds and PCs together in a clinical setting

Proceedings of the 4th Nordic conference on Human-computer interaction: changing roles
MobiPass: a passport for mobile business

Personal and Ubiquitous Computing
An architecture of services for session management and contents adaptation in ubiquitous medical environments

Proceedings of the 2008 ACM symposium on Applied computing
Challenges and architectural approaches for authenticating mobile users

Proceedings of the 1st international workshop on Software architectures and mobility
Using service-based content adaptation platform to enhance mobile user experience

Mobility '07 Proceedings of the 4th international conference on mobile technology, applications, and systems and the 1st international symposium on Computer human interaction in mobile technology
A comparison of location and token-based interaction techniques for point-of-care access to medical information

Personal and Ubiquitous Computing
Network authentication using single sign-on: the challenge of aligning mental models

Proceedings of the 2nd ACM Symposium on Computer Human Interaction for Management of Information Technology
Beyond the Dyad: understanding sharing in instant messaging

CHI '09 Extended Abstracts on Human Factors in Computing Systems
Activity-based computing for medical work in hospitals

ACM Transactions on Computer-Human Interaction (TOCHI)
Yours, mine and ours? sharing and use of technology in domestic environments

UbiComp '07 Proceedings of the 9th international conference on Ubiquitous computing
Context sensitive adaptive authentication

EuroSSC'07 Proceedings of the 2nd European conference on Smart sensing and context
Activity-aware computing in mobile collaborative working environments

CRIWG'07 Proceedings of the 13th international conference on Groupware: design implementation, and use
Making infrastructure visible for nomadic work

Pervasive and Mobile Computing
Single sign-on and key establishment for ubiquitous smart environments

ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part IV
Pervasive Computing for Hospital, Chronic, and Preventive Care

Foundations and Trends in Human-Computer Interaction
Digital video analysis of health professionals' interactions with an electronic whiteboard: A longitudinal, naturalistic study of changes to user interactions

Journal of Biomedical Informatics

Quantified Score

Hi-index	0.00

Visualization

Abstract

Logging in by typing usernames and passwords is by far the most common way to access modern computer systems. However, such contemporary user authentication mechanisms are inappropriate in a ubiquitous computing environment, where users constantly are accessing a wide range of different devices. This paper introduces new concepts for user authentication in ubiquitous computing, such as the notion of proximity-based user authentication and silent login. The design of these new mechanisms is part of the design of a ubiquitous computing infrastructure for hospitals, which is grounded in field studies of medical work in hospitals. The paper reports from field studies of clinicians using an electronic patient record (EPR) and describes severe usability problems associated with its login procedures. The EPR’s login mechanisms do not recognize the nature of medical work as being nomadic, interrupted, and cooperative around sharing common material. The consequence is that login is circumvented and security is jeopardized.