A Context Authentication Proxy for IPSec using Spatial Reference


Spontaneous interaction in ad-hoc networks is often desirable notonly between users or devices in direct contact, but also with devicesthat are accessible only via a wireless network. Secure communicationwith such devices is difficult because of the required authentication,which is often either password- or certificate-based. An intuitivealternative is context-based authentication, where device authenticityis verified by shared context, and often by direct physical evidence.Devices that are physically separated can not experience the samecontext and can thus not benefit directly from context authentication.We introduce a emphcontext authentication proxy that is pre-authenticatedwith one of the devices and can authenticate with the other by sharedcontext. This concept is applicable to a wide range of applicationscenarios, context sensing technologies, and trust models. We showits practicality in an implementation for setting up IPSec connectionsbased on spatial reference. Our specific scenario is ad-hoc accessof mobile devices to secure 802.11 WLANs using a PDA as authenticationproxy.

Proc. TwUC 2006: 1st International Workshop on Trustworthy UbiquitousComputing