Abstract
The rich interaction capabilities of public terminals can make them more convenient to use than small personal devices, such as smart phones. However, the use of public terminals to handle personal data may compromise privacy. We present a system that enables users to access their applications and data securely using a combination of public terminals and a more trusted, personal device. Our system (i) provides users with capabilities to censor the public terminal display, so that it does not show private data; (ii) filters input events coming from the public terminal, so that maliciously injected keyboard/pointer events do not compromise privacy; and (iii) enables users to view personal information and perform data-entry via their personal device. A key feature of our system is that it works with unmodified applications. A prototype implementation of the system has been publicly released for Linux and Windows. The results arising from a pilot usability study based on this implementation are presented.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anderson, R., Stajano, F., Lee, J.-H.: Security policies. In: Advances in Computers, vol. 55, Academic Press, London (2001)
Anti-Phishing Working Group (APWG). Phishing activity trends report (June 2005), http://antiphishing.org/
Balfanz, D., Felton, E.: Hand-held computers can be better smart cards. In: Proceedings of USENIX Security (1999)
Berger, S., Kjeldsen, R., Narayanaswami, C., Pinhanez, C., Podlaseck, M., Raghunath, M.: Using symbiotic displays to view sensitive information in public. In: Proceedings of PERCOM, IEEE, Los Alamitos (2005)
Boyle, M., Edwards, C., Greenberg, S.: The effects of filtered video on awareness and privacy. In: Proceedings of ACM CSCW (2000)
Han, R., Perret, V., Naghshineh, M.: WebSplitter: a unified XML framework for multi-device collaborative web browsing. In: Proceedings of CSCW 2000, ACM Press, New York (2000)
Jung, K., Kim, K.I., Jain, A.K.: Text information extraction in images and video: a survey. Pattern Recognition 37, 977–997 (2004)
Amecisco KeyLogger product range, http://www.keylogger.com/
Kozuch, M., Satyanarayanan, M.: Internet suspend/resume. In: Proceedings of the WMCSA 2002 (June 2002)
Lewis, C., Rieman, J.: Task-centered user interface design—a practical introduction, University of Colorado, Boulder (1993), This shareware book is available at ftp.cs.colorado.edu
Myers, B.A.: Using handhelds and PCs together. Communications of the ACM 44(11), 34–41 (2001)
Narayanaswami, C., Raghunath, M.T., Kamijoh, N., Inoue, T.: What would you do with 100 MIPS on your wrist? Technical Report RC 22057 (98634), IBM Research (January 2001)
O’Hara, K., Perry, M., Churchill, E.: Public and Situated Displays: Social and Interactional Aspects of Shared Display Technologies. Kluwer Academic Publishers, Norwell (2004)
Oprea, A., Balfanz, D., Durfee, G., Smetters, D.: Securing a remote terminal application with a mobile trusted device. In: Proceedings of ACSA (2004), available from http://www.acsa-admin.org/
Pering, T., Kozuch, M.: Situated mobility: Using situated displays to support mobile activities. In: Public and Situated Displays: Social and Interactional Aspects of Shared Display Technologies, Kluwer, Dordrecht (2003)
Pierce, J.S., Mahaney, H.: Opportunistic annexing for handheld devices: Opportunities and challenges. In: Proceedings of HCIC 2004 (2004)
Raghunath, M., Narayanaswami, C., Pinhanez, C.: Fostering a symbiotic handheld environment. Computer 36(9), 56–65 (2003)
Richardson, T., Stafford-Fraser, Q., Wood, K.R., Hopper, A.: Virtual network computing. IEEE Internet Computing 2(1), 33–38 (1998)
Ross, S.J., Hill, J.L., Chen, M.Y., Joseph, A.D., Culler, D.E., Brewer, E.A.: A composable framework for secure multi-modal access to Internet services from post-PC devices. Mob. Netw. Appl. 7(5) (2002)
Salchow, K.: Sorting through the hype of ubiquitous secure remote access and SSL VPNs. SecurityDocs white paper, http://www.securitydocs.com/library/3103
Scheifler, R.W., Gettys, J.: The X window system. ACM Trans. Graph. 5(2), 79–109 (1986)
Sharp, R., Scott, J., Beresford, A.: Resources and code accompanying this paper, http://www.cambridge.intel-research.net/securemobilecomputing/
Spring, T.: Google Desktop Search: Security Threat? Today@PCWorld, http://blogs.pcworld.com/staffblog/archives/000264.html
Richardson, T.: RealVNC Ltd. The RFB Protocol (2005), http://www.realvnc.com/docs/rfbproto.pdf
Tan, D.S., Czerwinski, M.: Information Voyeurism: Social impact of physically large displays on information privacy. In: Extended Abstracts of CHI 2003, ACM Press, New York (2003)
Want, R., Pering, T., Danneels, G., Kumar, M., Sundar, M., Light, J.: The personal server: Changing the way we think about ubiquitous computing. In: Borriello, G., Holmquist, L.E. (eds.) UbiComp 2002. LNCS, vol. 2498, pp. 194–209. Springer, Heidelberg (2002)
Ylonen, T.: SSH transport layer protocol. RFC 3667
Zhao, Q.A., Stasko, J.T.: The awareness-privacy tradeoff in video supported informal awareness: A study of image-filtering based techniques. Technical Report 98-16, Georgia Institute of Technology (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sharp, R., Scott, J., Beresford, A.R. (2006). Secure Mobile Computing Via Public Terminals. In: Fishkin, K.P., Schiele, B., Nixon, P., Quigley, A. (eds) Pervasive Computing. Pervasive 2006. Lecture Notes in Computer Science, vol 3968. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11748625_15
Download citation
DOI: https://doi.org/10.1007/11748625_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33894-9
Online ISBN: 978-3-540-33895-6
eBook Packages: Computer ScienceComputer Science (R0)