Using a Spatial Context Authentication Proxy for Establishing SecureWireless Connections


Spontaneous interaction in wireless ad-hoc networks is often desirablenot only between users or devices in direct contact, but also withdevices that are accessible only via a wireless network. Secure communicationwith such devices is difficult because of the required authentication,which is often either password- or certificate-based. An intuitivealternative is context-based authentication, where device authenticityis verified by shared context, and often by direct physical evidence.Devices that are physically separated cannot experience the samecontext and thus cannot benefit directly from context authentication.We introduce a emphcontext authentication proxy that is pre-authenticatedwith one of the devices and can authenticate with the other by sharedcontext. This concept is applicable to a wide range of applicationscenarios, context sensing technologies, and trust models. We showits practicality in an implementation for setting up IPSec connectionsbased on spatial reference. Our specific scenario is ad-hoc accessof mobile devices to secure 802.11 WLANs using a mobile device asauthentication proxy. A user study shows that our method and implementationare intuitive to use and compare favourably to a standard, password-basedapproach.

Journal of Mobile Multimedia