Securing First Connect
Seminar Type: Invited Speakers
Title: Securing First Connect
Start Time: 01/16/2008 - 11:00
End Time: 01/16/2008 - 12:00
Location: ICT 618B
Speaker: N. Asokan
Abstract:
Short-range wireless networking is enormously popular. Many handheld devices now support WiFi and Bluetooth. More such technologies are on their way. Increasingly, short-range networking is used by ordinary consumers who are not technically savvy. This makes the the process of setting up communication and security contexts particularly challenging. Users find the setup procedures difficult, and often end up with insecure communication.
During the last two years or so, several standardization bodies have started developing improved setup procedures for short-range wireless networking. The challenge is to strike a balance among security, usability, and cost overhead.
I will describe the problem, some examples of the various approaches that have appeared in recent research literature and the variations that have been included in the new standards specifications. I will also discuss some preliminary results of usability tests, and point to some open issues.
Bio:
N. Asokan is a principal scientist with Nokia Research Center in Helsinki. He also served as a part-time professor at the Helsinki University of Technology from March 2006 till December 2007. Asokan has been conducting research in building secure systems for over ten years, first at the IBM Zurich Research Laboratory and then at Nokia Research Center. His primary research interest has been in applying cryptographic techniques to design secure protocols for distributed systems. Recently, he has also been investigating the use of Trusted Computing technologies for securing endnodes, and ways to make secure systems usable.
At Nokia Research Center, one of Asokan's primary responsibilities as principal scientist has been to identify potential new research areas for the security research group and doing exploratory research paving the way for bigger research projects. An example research project he initiated at Nokia is on "generic bootstrapping architecture" (GBA) which provides a systematic means to bootstrap authentication service for new applications from the existing cellular security infrastructure. GBA is now a specification of 3GPP, the leading standardization body for cellular communications. Another example is "secure first connect" which allows ordinary users to easily set up secure connectivity between their devices (e.g., setting up Bluetooth pairing between a phone and a PC). This work is part of the new Bluetooth Secure Simple Pairing specification.
Asokan is an inventor of twelve granted patents and several pending patent applications. He is an author of over 40 scientific research papers and serves on the program committees of several security research conferences. He also serves on the editorial board of IEEE Network magazine.
Asokan received his doctorate in Computer Science from the University of Waterloo, MS in Computer and Information Science from Syracuse University, and BTech (Hons.) in Computer Science and Engineering from the Indian Institute of Technology at Kharagpur.
For more information about Asokan's work see his website at
http://asokan.org/asokan or send him e-mail at asokan@acm.org