In this paper we present a framework for ubiquitous authentication using commodity mobile devices. The solution is intended to be a replacement for the proliferation of physical authentication artifacts that users typically have to carry today. We describe the authentication protocol and its prototypical implementation for a solution designed for the retail industry. We also propose a means of personalizing user–service interactions with embedded user-controlled profiles.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anderson, C., The long tail: why the future of business is selling less of more, Hyperion, 2006.
Ankolekar, A., Vrandecic, D., Personalizing web surfing with semantically enriched personal profiles, in Bouzid, M., Henze, N., editors, in Proceedings of the Semantic Web Personalization Workshop, Budva, Montenegro, 2006.
Bauer, L., Garriss, S., McCune, J., Reiter, M., Rouse, J., Rutenbar, P., Device-enabled authorization in the Grey system, in Proceedings of the 8th Information Security Conference (ISC’05), Singapore, 2005, pp. 431–445.
Bluetooth SIG, Object Push Profile, in Specification of the Bluetooth system: profiles, 2001, pp. 339-364, available at http://www.bluetooth.com/Bluetooth/Learn/Technology/Specifications/
Brickley, D., Miller, L., FOAF vocabulary specification 0.9, available at http://xmlns.com/foaf/0.1/.
Hewlett-Packard Press Release, HP shows off system that affords every customer a personal shopper, May 2007, available at http://www.hp.com/hpinfo/newsroom/press/2007/070529b.html .
International Telecommunication Union, ITU-T recommendation X.509, 2005, available at http://www.itu.int/rec/T-REC-X.509/en
Kindberg, T., Jones, T., Merolyn the phone: a study of Bluetooth naming practices, in Krumm, J. et al., eds., Proceedings of the 9th international conference on Ubiquitous Computing, Innsbruck, Austria, 2007, pp. 318-335.
Krawczyk, H., Bellare, M., Canetti, R., HMAC: keyed-hashing for message authentication, IETF RFC 2104, 1997.
McCready, J., Integral Java: a single solution for bypassing the pitfalls of split stacks, in Java Developers Journal, 11(8), August 2006.
Mulligan, D., Schwartz, A., Your place or mine?: privacy concerns and solutions for server and client-side storage of personal information, in Proceedings of the 10th conference on Computers, Freedom and Privacy: Challenging the assumptions, Toronto, Canada, 2000.
Pullar-Strecker, T., NZ bank adds security online, in Sydney Morning Herald, Wellington, November 8, 2004.
Riecken, D., Personalized views of personalization, in Communications of the ACM, 43(8):27-28, August 2000.
Scott, D., Sharp, R., Madhavapeddy, A., Upton, E., Using visual tags to bypass Bluetooth device discovery, in ACM SIGMOBILE Mobile Computing and Communications Review,9(1), January 2005.
Versit Consortium, vCard: the electronic business card, version 2.1, 1996, available at http://www.imc.org/pdi/vcard-21.txt.
Wu, M., Garfinkel, S., Miller, R., Secure web authentication with mobile phones, in DIMACS Workshop on Usable Privacy and Security Software, 2004.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer Science+Business Media B.V.
About this paper
Cite this paper
Ghosh, R., Dekhil, M. (2008). BlueCard: Mobile Device-Based Authentication and Profile Exchange. In: Sobh, T. (eds) Advances in Computer and Information Sciences and Engineering. Springer, Dordrecht. https://doi.org/10.1007/978-1-4020-8741-7_79
Download citation
DOI: https://doi.org/10.1007/978-1-4020-8741-7_79
Publisher Name: Springer, Dordrecht
Print ISBN: 978-1-4020-8740-0
Online ISBN: 978-1-4020-8741-7
eBook Packages: Computer ScienceComputer Science (R0)