Intuitive security policy configuration in mobile devices using context profiling
Aditi Gupta, Markus Miettinen, N. Asokan
Tech report number
CERIAS TR 2011-13
Configuring access control policies in mobile devices can be quite tedious and unintuitive for users. Software designers attempt to address this problem by setting up default policy configurations. But such global defaults may not be sensible for all users. Modern smartphones are capable of sensing a variety of information about the surrounding environment like Bluetooth devices, WiFi access points, temperature, ambient light, sound and location coordinates. We claim that profiling this type of contextual information can be used to infer the familiarity and safety of a context and aid in access control decisions. We propose a context profiling framework and describe device locking as an example application where the locking timeout and unlocking method are dynamically decided based on the perceived safety of current context. We report on using datasets from a large scale smartphone data collection campaign to select parameters for the context profiling framework. We also describe a prototype implementation on a smartphone platform.
2011 – 12 – 6