Skip to main content
SpringerLink
Log in

A Composable Framework for Secure Multi-Modal Access to Internet Services from Post-PC Devices

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

The Post-PC revolution is bringing information access to a wide range of devices beyond the desktop, such as public kiosks, and mobile devices like cellular telephones, PDAs, and voice based vehicle telematics. However, existing deployed Internet services are geared toward the secure rich interface of private desktop computers. We propose the use of an infrastructure-based secure proxy architecture to bridge the gap between the capabilities of Post-PC devices and the requirements of Internet services. By combining generic content and security transformation functions with service-specific rules, the architecture decouples device capabilities from service requirements and simplifies the addition of new devices and services. Security and protocol specifics are abstracted into reusable components. Additionally, the architecture offers the novel ability to deal with untrusted public Internet access points by providing fine-grain control over the content and functionality exposed to the end device, as well as support for using trusted and untrusted devices in tandem. Adding support for a deployed Internet service requires a few hundred lines of scraping scripts. Similarly, adding support for a new device requires a few hundred lines of stylesheets for the device format. The average latency added by proxy transformations is around three seconds in our unoptimized Java implementation.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. 3Com, Web clipping applications tutorials (January 2000) http://www.palm.com/devzone/webclipping

  2. E. Amir, S. McCanne and H. Zhang, An application level video gateway, in: Proceedings of ACM Multimedia 95, San Francisco, CA (1995).

  3. Apache, Apache XML Project (March 2000) http://www.apache.org

  4. Apple, Keychain (January 2000) http://www.apple.com/macos/feature4.htm

  5. D. Balfanz and E. Felten, Hand-held computers can be better smart cards, in: Proceedings of the Eighth USENIX Security Symposium, Berkeley, CA (August 1999).

  6. UC Berkeley, Millennium (2000) http://www.millennium.berkeley.edu/

  7. M. Blaze, J. Feigenbaum, J. Ioannidis and A. Keromytis, The KeyNote trust-management system, Version 2, RFC 2704 (September 1999) http://www.crypto.com/papers/rfc2704.txt

  8. T. Bray, J. Paoli and C. M. Sperberg-McQueen, Extensible Markup Language (XML) 1.0 (2000) http://www.w3.org/TR/REC-xml

  9. Certicom, Elliptic curve cryptography for Palm VII (December 1998) http://www.certicom.com/press/98/dec0298.htm

  10. Cohera, Cohera (2000) http://www.cohera.com

  11. CommerceNet, IdentitySafe (January 2000) http://www.commerce.net/project/hotsheet.html

  12. Compaq, Web user manual (March 2000) http://www.compaq.com/WebL

  13. Security Dynamics, SecurID (January 2000) http://www.rsasecurity.com

  14. Epicentric, Epicentric Portal Server 3.0 Datasheet (2000) http://www.epicentric.com

  15. A. Adler et al., Extensible Stylesheet Language (XSL) (2000) http://www.w3.org/TR/xsl/

  16. A. Fox et al., Adapting to client variability via on-demand dynamic distillation, in: Proceedings of the 7th ACM Inter. Conference on Architectural support for Programming Languages and Operating Systems, Cambridge, MA (October 1996).

  17. A. Fox et al., Scalable network services, in: Proceedings of the 16th ACM Symposium on Operating Systems Principals (SOSP-16), St. Malo, France (October 1997).

  18. L. Cranor et al., Platform for Privacy Preferences (P3P1.0) Specification (2000) http://www.w3.org/TR/P3P

  19. N. Maller et al., A one-time password system (February 1998) http://www.ietf.org/rfc/rfc2289.txt

  20. S. Gribble et al., The MultiSpace: An evolutionary platform for infrastructural services, in: Proceedings of the 1999 USENIX Technical Conference (1999).

  21. S. Gribble et al., Scalable, distributed data structures for internet service construction, in: Proceedings of the Fourth Symposium on Operating Systems Design and Implementation, OSDI (October 2000).

  22. Yahoo Finance, Yahoo Finance investment challenge (2000) http://contest.finance.yahoo.com/t1?u/

  23. A. Fox and S. Gribble, Security on the move: indirect authentication using Kerberos, in: Proceedings of the Second ACM International Conference on Mobile Computing and Networking, Rye, NY (November 1996).

  24. A. Frier, P. Karlton and P. Kocher, The SSL 3.0 Protocol (March 1996) http://www.netscape.com/eng/ssl3/ssl-toc.html

  25. S. Gribble, M Welsh, R. von Behren, E. Brewer, D. Culler, N. Borisov, S. Czerwinski, R. Gummadi, J. Hill, A. Joseph, R.H. Katz, Z.M. Mao, S. Ross and B. Zhao, The Ninja architecture for robust Internet-scale systems and services, IEEE Computer Networks, Special Issue on Pervasive Computing (2000).

  26. S.D. Gribble, A design framework and a scalable storage platform to simplify Internet service construction, PhD thesis, University of California at Berkeley (September 2000).

    Google Scholar 

  27. InfoWorld, Boeing to put Net in the air (April 2000) http://www.infoworld.com/articles/hn/xml/00/04/27/000427enboeing.xml

  28. InfoWorld, E-cars take to the streets; wireless connections link road warriors to the Net (March 2000) http://www.infoworld.com/articles/hn/xml/00/03/13/000313hnauto.xml

  29. M. Langheinrich, A P3P preference exchange language (APPEL) working draft (1998) http://www.w3.org/TR/WD-P3P-preferences

  30. Lucent, Proxymate (January 2000) http://www.proxymate.com/

  31. N. Maller, The S/KEY one-time password system (February 1995) http://www.ietf.org/rfc/rfc1760.txt

  32. Microsoft, Passport (January 2000) http://www.passport.com

  33. Novell, Digitalme (January 2000) http://www.digitalme.com/

  34. Oracle, Oracle Portal-to-Go Any Service to Any Device (October 1999) http://www.oracle.com/mobile/panbwp.pdf

  35. Palm.com, Palm V PDA (1999) http://www.palm.com/products/vseries.html

  36. B. Schneier, Description of a new variable-length key, 64-bit block cipher (Blowfish), in: Fast Software Encryption, Cambridge Security Workshop Proceedings (December 1993).

  37. B. Schneier, Applied Cryptography (Wiley, 1996).

  38. L. Sweeney, Guaranteeing anonymity when sharing medical data, the Datafly system, in: Proceedings of the American Medical Informatics Association Symposium, Washington, DC (August 1998).

  39. WAP, WAP Forum Specifications (January 2000) http://www.wapforum.org/what/technical.htm

  40. M Welsh, S. Gribble, E. Brewer and D. Culler, A design framework for highly concurrent systems, Technical report No. UCB/CSD-00-1108, UC Berkeley CS (May 2000).

  41. G. Wiederhold and M. Bilello, Protecting inappropriate release of data from realistic databases, in: Proceedings of Data and Expert Systems (DEXA) Security Workshop (August 1998).

  42. Yodlee, Yodlee (January 2000) http://www.yodlee.com/

  43. B. Zenel and D. Duchamp, General purpose proxies: solved and unsolved problems, in: Proceedings of the Sixth Workshop on Hot Topics in Operating Systems, Los Alamitos, CA (IEEE Comput. Soc. Press, 1997).

  44. B. Zenel and D. Duchamp, A general purpose proxy filtering mechanism applied to the mobile environment, in: Proceedings of the Third ACM/IEEE Conference on Mobile Computing and Networking, New York, NY (1997).

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, University of California – Berkeley, Berkeley, CA, USA

    Steven J. Ross, Jason L. Hill, Michael Y. Chen, Anthony D. Joseph, David E. Culler & Eric A. Brewer

Authors
  1. Steven J. Ross
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jason L. Hill
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael Y. Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Anthony D. Joseph
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. David E. Culler
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Eric A. Brewer
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Ross, S.J., Hill, J.L., Chen, M.Y. et al. A Composable Framework for Secure Multi-Modal Access to Internet Services from Post-PC Devices. Mobile Networks and Applications 7, 389–406 (2002). https://doi.org/10.1023/A:1016595717639

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1016595717639

Search

Navigation