Free Essays - Computer Science Essays
Authentication Techniques in Ubiquitous Computing.
Derive an authentication model that would enable differentsecurity levels by using different authentication techniques that are suited tothe context of ubiquitous computing.
What is it all about?
The term UbiquitousComputing, otherwise known as Ubicomp, refers to the growing concept in thecomputing technology and human-computer interaction sector, which proposes aparadigm shift in which the glass is broken and we will have a peripheraldisappearance of the computer as we know it today around us, whilst in reality moreof these machines (computers) pervading all aspect of the human endeavour; fromcradle to the grave (talking of smart incinerators). The paradigm proposes anintensive interweaving of computers into our every day activities, but sohidden that we will not notice that they are there. This is the concept behindthe paradigm of smart things: smart fridge, smart cars, smart tooth brush,smart dresses and other smart artefacts already made or proposed to be made.This is from the fish eye view of the terminology of ubiquitous computing. On amore focused level, attention shifts to the individual or unique context andthe envisioned user for which the system is created. This forms the basis forthe ever-growing concept of User-Centered Design (UCD) to (Marcus, A. (2005),Interactions / Jan. + Feb. 2005, p.18.)). Some school of thought argues thatUbicomp and Pervasive Computing are same, but that line of argument is not theaim of this report.
One otherissue of prime importance when thinking about Ubicomp is that ofnetworking-most of which is ad hoc since we are talking about numerouscomputers collaborating to achieve a desired or planned task or goal. How toensure security and authentication of such ad hoc network protocols haveremained a big challenge to all the stakeholders (Arias, et al (2000)),especially the engineers.
How do we proceed?
Returning to the setout objective of this project, the major question is: How can an effective AuthenticationTechnique model be derived? Attempt to answer this question leads us to a setof new questions, which will help us to make the picture clearer. Thesequestions include the following and others that will emerge as we proceed inthe project:
- What is the purpose of authentication technique in a system?
- Which system needs it and for whom?
The answer to these twoquestions may appear somehow generic, because it simply translates to securityof information, data, or passage in a system, protecting it from unauthorizedaccess or corruption. There various examples of secured, authenticatedproducts and services, such as international passports, credit and debit cards,I.D. cards, down to secured web access, requesting login passwords. The listis endless, but the purpose is same, securing access to information or a systemallowing only authorized individual or group.
The second question,though, raised another crucial issue, which centres on placement and ownershipof the technique, which highlights the fact that authentication techniques donot exist in isolation, they are usually an integral, though important part ofa whole system, which is created to fulfil a need-be it as a physical productor as a service.
Answering these twoquestions is leading us to another set of questions including:
- How do you find and identify a system that needs creation of model for authentication techniques?
- What type of model is to be created?
- What is the time frame for this project?
- Who are the stakeholders?
- Who foots the bills?
The answer to the firstquestion, which relates to the initiation stage of the project, is dependent ontwo factors:
Who is initiating theproject and for what purpose? Is it a company project or academic research? Itis of prime importance to find answers to these questions, because they willclear the view and inform what is expected to be done; whether we are upgradingan existing artefact such as credit card or creating a new and unique systemfor a specified purpose. This questioning stage is necessary because creatinga system model is based on finding answers to certain rudimentary questions andsometimes the questions are more or less conventional in the concernedpractice. Here, we are dealing with Human-Computer-InteractionComputer-Computer-Interaction, so the context must be well researched for theemerging artefact to be effectively applicable to the situation. In orderwords, we are looking for opportunities for situated intervention (Halse, J.(2003)), that has need for an effective authentication technique/system.
Methodology
Asearlier mentioned, it is important to ascertain the type of application forwhich authentication is required and the best way to implement it. There are atleast five main types of communication models for ad hoc networks (Hoeper,K. et al, (online)); these are:
- One-to-one communication, e.g., beamingbusiness cards from one PDA to another PDA.
- One-to-many communication, e.g.one remote control controls all home appliances, or laptop has access tonetwork resources (fixed backbone) via access point.
- Many-to-many communication, e.g., beamingbusiness cards from one PDA to another PDA.
- Many-to-one communication, e.g. a PAN(Personal Area Networks) with many consumer devices talking to a laptop.
- Any to any communication, e.g., e.g. laptopscommunicating at a conference, or any sensor can broadcast message and anysensor can forward it to base station.
Before explainingthese applications, it may be worthwhile to discuss the pathway to finding theplacement of their applications and the stages involved in making a model fortheir use. At this point it is important to mention that since all productsand services are intended to be used by a target group (user), it is necessaryto try and understand the envisioned user of the product. In other words, everyproduct or services designed with the intention of serving adequately the needsof a group of user (User-Friendly (Dunne, A. (1999))), is only obtainable viaappropriate user studies techniques. Quoting Crabtree, A. (2003): Onlythrough a course of investigation and analysis does the requirements problemget settled for practical purposes. The question, of course, is how?Manymethodologies are techniques have been developed, tested and proven for studyingcontext (Lawal, H. A. (2005) online) and hence discovering opportunities forsituated intervention, they include:
Affinity Diagramming:
Affinity diagramming (online) have been applied and proven to be a reliable method forunderstanding the context for which a design is need, whether the end productwill be physical artefact, virtual, or service. The approach and methodology issimple and direct. It is reputed for being a highly adaptable method forevaluating and analyzing data, both on paper and also electronically throughspreadsheets and word processor programmes.
Cultural Probe:
Cultural Probe is user-focused. It is a method forunderstanding people, who are prospective user of the emerging artefact. Themethod involves the use of camera, which is handed to the target group for themto capture images that has meaning or values to them and thereafter tell theirown stories with the pictures.
According to Gaver,W et. al (Cultural Probes and the Value of Uncertainty): Probes are collectionsof evocative tasks meant to elicit inspirational responses from peoplenotcomprehensive information about them, but fragmentary clues about their livesand thoughts.
This approach has been endorsed by many interaction designprofessionals and the academia; it gives reliable results when applied to theappropriate context.
Ethnographic Methods:
The use of ethnographic methods for design purposes,especially in the field of Human-Computer-Interaction and computer-basedcollaborative works, is becoming more popular. Traditionally, ethnographyrelates to the study of people and places; their traditions, cultures and othersocial factors that can be traced to their behavioural patterns. According toCrabtree (2003), Designing Collaborative Systems (p.4): Ethnography is anapproach to social research that is of increasing interest to the designers ofcollaborative computing systems.
According to Siegel and Dray (2005) (Interactions / March+ April 2005, p.58.): Ethnography and usability focus on aspects ofinformation about people that must be integrated for designs to be successful.
Ethnographic Insight, isa web-present company(www.ethno-insight.com), whose main line of business ishelping other companies to do user studies promising to deliver results thatwill help their clients in achieving unique user experience (UX); which issupported by Quesenbery, W. (2005),who wrote: Whatever type of product, service, or document you arecreating, whether it is a Web site, an application program, an MP3 player, or afinancial form, user experience encompasses so many diverse aspects of yourproduct UX is about providing value to your customer and the business servingthat customer. This in turnagrees with how Ethnographic Insight, perceive ethnography which was definedas: ...the study of people in their natural or "native"environmentswhere they live, work, shop, and play. It is a set ofcomplementary techniques developed within the discipline of anthropology. Theethnographic method requires a well-trained researcher skilful in immersing himor herself in diverse environments, cultures, and populations; in establishingrapport with people in these social contexts; and in interacting with themthrough participation, observation and dialogue to uncover their attitudes,beliefs, perceptions, and values, as well as the unspoken cultural patternsthat shape behaviour.
Field studies are the pivot of ethnographic studies and diversetools, such as interviews, shadowing, video documentation, etc are employed inthis technique. It is a popular and well accepted method in recent times forunderstanding the user.
Interviews:
Interviews, either recorded on tapes, paper or on video,are also a good way of studying and thereafter analysing the context for whicha model is to be created. This approach may not apply to most situations, butproved very effective when combined with other methods such as cultural probeor shadowing with video.
Questionnaires:
Be it electronic or printed on paper, questionnaires havebeen adopted for discovering the user's need in products and services and thusa useful tool for creating both Static and Dynamic (SaD) user models (Hothi,J. & Hall, W. (Online)). It may be consideredas an old-fashioned approach, but it has the advantage of providingquantitative data which could easily be explained mathematically.
Persona Creation:
Persona creation is a form of user-modelling technique,which is involves creation of an imaginary person to represent the envisioneduser and thereafter proceed to tailor a designed artefact or services towardsthe assumed needs of this fictitious character. Hundborg, J. et. Al. describedthe creation and usage of personas (in their paper: Constructing the User:SIDER05 p.81.) as: Knowing the unknown user. They praised thetechnique as an inexpensive technique for designing closely to the real user'sneed through fictitious scenarios and personas.
Others:
There are more emerging methods, which could be found byliaising with the academia through conferences, workshops, symposiums or bysearching websites for Interaction Design databases.
Creating the Authentication Model
After thorough exploration and hence understanding of theuse context for the product the next stage in the process is to analyse theinformation or data obtained from the field using this to brainstorm the finalconcept (Lawal, H. A. (online)) for the design, model or service.
After conceptualisation, the next level is that ofprototyping. Sketching, rapid, 3-D prototyping (Rode, J. et al, 2AD (2004)) isemployed as a media for evaluating the interaction between the prospective userand the artefact. Prototype is a form of practical representation of the finalproduct's likeness. It is common to use mock-ups, prototypes and otherrepresentations to explore an interactive system before it is actually built.(Holmquist, L. (2005)) He explained further: This approach has beenparticularly fruitfuil in participatory design, where users are brought in veryearly in the design phase.
Scenario
Consider thefollowing scenario for the derivation of effective authentication techniques:
It was another dayat Loughborough wastewater plant and the workers were going about their dailybusiness. John, the manager had sent Billy, the newcomer out to the pumpstation at the University to go and attend to the alarm (AK501)situation which recently came on the newly installed digital dashboardin his office, from where he is able to monitor in real time activities at faraway pump stations.
Billy had nodifficulty locating the said pump station because he had his Flashback visorequipped with navigation facilities, which makes navigating easy via GPSsystem. He got to the pump station and the door, which is secured with digitallocks to prevent unauthorized access by in intruders, opened the lock for himautomatically because his visor had communicated wirelessly through Bluetoothtechnology with the lock. Billy's arrival at the site of the assignment wasregistered (in real time) at the headquarters on the managers dashboard, whichflashed Billy's identity code. Billy resumed the repair work bylocating the faulty equipment which was an advanced control panel for controlof the valves at that particular pump station. The situation is crucial andurgent repair is required to prevent an undesirable situation in which therewill be back flow of sewage back into houses, so Billy had to act fast.Unfortunately, he is not quite competent to handle the situation so he turnedthe visor to revision mode, since he already got all the history of the faultypanel displayed in form of hologram in his view by his Virtual Reality visor. Herequested for a playback of similar repair work by on of the experiencedworkers (who drives by car to any special case location carrying extra tools), sothat he could learn from these video footages. At the same time he continuesto hold dialogues with the manager and the experts on two separate, but parallelphone lines, from where he is instructed on the next line of action, beforethe arrival of the experts driving up to the pump station, also equipped with alaptop computer which receives video relay of the task he is working on, whichwas sent through secured WLAN network to their laptops and the databaseat the headquarters. The experts soon arrived at the scene and there presencewas registered at the headquarters and when the repairs was completed, therepaired panel registered a log of the repair and the I.D. code of the actualindividuals that effected the repairs through RF-ID or IRtechnolorgy and sent a log of this to the database at the headquarters,which is often accessed for recommendation purposes. Sometimes, the workersmay also receive urgent alarm messages on their mobile phones when theyare off duty, but their services are required as a matter of emergency; orsometimes when they are on break.
From this scenario,it is clear that the new device Flashback (Lawal, H. A. (Online)), isan example of application of ubiquitous computing in virtual reality (Davies,R. C. (2004) parlance and also the fact that its operations will very much rely onefficient authentication models, examples of which are listed on a tablepresented by Hoeper, K. and Gong, G (online). Refering now to the rich picture (Couprie,D. et al (Online)), it is more clear now to identify a possible authenticationmodel for this system of operations.
Fig. 1. Rich Picture model of the communication activitiesobtainable at a futuristic wastewater processing plant
From the table below it canbe deduced that the authentication technique that will make the envisionedsystem to function effectively as outlined will require a combination of allthe three major encryption schemes mention in the authentication modelstable prepared by Hoeper,K. and Gong, G, namely: Symetric, Hybrid and Assy metric.
Fig.2. Screenshot of atable of: Authentication models for ad hocnetworks asprepared by Hoeper, K. and Gong, G
Fig. 3. An example of T.R.A.P.(Total Response Authentication Program), is promised to investigative monitormarketplace, security audits of manufacturing and distribution facilities andsecure supply chain management.
Evaluation ofDerived Model
Evaluation of completed processis necessary for measuring the amount and level of work done. There are testedand recognised methodologies and techniques for evaluating a system such as theone above. Some of these techniques which is recommended on the world wide web(HCI Book (Online)) includes some of the following which have been applied tothe model derived:
- Evaluation tests the usability, functionality and acceptability of an interactive system.
- Some approaches are based on expert evaluation:
- analytic methods
- review methods
- model-based methods.
- Some approaches involve users:
- experimental methods
- observational methods
- query methods.
- An evaluation method must be chosen carefully and must be suitable for the job.
Theapproach best suited to the model that have just been derived will be thereview and the analytic, since it could be said that the model is designed fora purpose and with a user in view all the way, it is acceptable as apresentable model for authentication techniques.
Conclusion:
The whole process in this project re-affirm the importanceof context awareness and consideration for the users in the design of artefact,be it a physical product or services, especially in the area of ubicomp wherethe end product is aimed at serving specific social need, such as learning andcollaboration as the model derived suggest.
Bibliography
Arias, E. et al,(2000): 'Transcending the Individual Human MindCreating Shared Understandingthrough Collaborative Design': ACM Transactions on Computer-Human Interaction,Vol. 7, No. 1, March 2000, Pg. 84-113.
Couprie, D. et al, (2005) Soft SystemsMethodology, [Online]. [Accessed 10th May 2005]. Available from World Wide Web): http://sern.ucalgary.ca/courses/seng/613/F97/grp4/ssmfinal.html#Figure1
Crabtree, A. (2003) Designing Collaborative Systems (A practical Guide toEthnography). London:Springer-Verlag. p.3-15.
Davies, R. C. (2004) Adapting VirtualReality for the Participatory Design of Work Environments (The Journal ofCollaborative Computing Vol.13 No. 1 2004). Nederlands: Kluwer Academic Press. p.3.
Ethnographic Insight: (ConsumerAnthropology + Marketing Research (2005) [Online]. [Accessed 15th May 2005]. Available from World Wide Web): http://www.ethno-insight.com/ourservices_2.html
Gaffney, G. (1999) AffinityDiagramming (Usability Techniques series)[Online]. [Accessed 15th May 2005]. Available from World Wide Web):http://www.infodesign.com.au/ftp/AffinityDiagramming.pdf
Gaver, W. Cultural Probes and theValue of Uncertainty (2004) [Online]. [Accessed 15th May 2005]. Available from World Wide Web): http://www.equator.ac.uk/index.php/publication/657
HCI Book, [Online]. [Accessed 15th May 2005]. Available from World Wide Web): http://www.hcibook.com/e3/
Hoeper, K. andGong, G. Models of Authentications in Ad Hoc Networks and Their RelatedNetwork Properties (2005) [Online]. [Accessed 17th May 2005]. (Available from World Wide Web): http://www.cacr.math.uwaterloo.ca/techreports/2004/cacr2004-03.pdf
Holmquist, L. E. (2005) Prototyping:Generating Ideas or Cargo Cult Designs? (Interactions Vol. XII.2, March +April 2005). New York: ACM Publications. p.48.
Hothi,J. & Hall, W, An Evaluation of Adapted Hypermedia Techniques UsingStatic User Modelling, (2005) [Online]. [Accessed 15th May 2005]. Available from World Wide Web): http://wwwis.win.tue.nl/ah98/Hothi/Hothi.html
Hundborg, J. et al (2005) Constructingthe user: Proceedings of Student Interaction Design Research ConferenceSIDER05. (ISBN 87-909233-56-1). p.81.
Lawal, H. A. Virtual Reality for Augmented Collaborationand Accelerated Learning among Process Plant Workers (2005) [Online]. [Accessed 15th May 2005]. (Available from World Wide Web): http://www.fluidum.org/events/experience05/cameraready/hakeem.pdf
Marcus, A. User-CenteredDesign in the Enterprise (2005), (Interactions Vol.XII.1, Jan. + Feb. 2005). New York: ACMPublications. p.18 - 21.
Quesenbery, W. (2005)Designing Theatre, Designing User Experience, (Interactions Vol. XII.2,March + April 2005). New York: ACM Publications. p.55.
Quesenbery, W. (2005)User Experience Network: A Passion for Collaboration, (Interactions Vol.XII.2, May + June 2005). New York: ACM Publications. p.40.
Rode, J. et al, RapidPrototyping for Tangible UIS (2004) Proceedings of 2AD: SecondInternational Conference on Appliance Design 2004 (ISBN 0-9547460-0-7). p.153
Siegel, D. & Dray, S. (2005) Avoidingthe Next Schism: Ethnography and Usability (Interactions Vol. XII.2, March+ April 2005). New York: ACM Publications. p.58.
Computer-science Essays - Find your free computer-science essays...
We have a large assortment of free computer-science essays available to use as research material. Visit our computer-science essays from our free essays section.
All of the essays in the free essays section were written by students and then submitted to us to display and help others. Thanks to all the students who have submitted their essays to us. You should not hand in our essays as your own. We do not condone plagiarism!
