iSecurity: A Security Framework for Interactive Workspaces

Yee Jiun Song, Wendy Tobagus, Der Yao Leong, Brad Johanson, Armando Fox
fyeejiun@, tobagus@, deryao@, bjohanso@graphics,

Stanford University
September 3, 2003

Security is an important and open issue in ubiquitous computing. Recent work has focused either
on developing models of security suitable for various ubiquitous computing environments, or on the
coupling of context-awareness with traditional security mechanisms to provide context-aware security.
In this paper, we examine a specific instance of ubiquitous computing | interactive workspaces | and
propose a security framework, iSecurity, for this environment. In particular, we investigate iROS-based
interactive workspaces and exploit the fact that all communications in these environments have to pass
through the Event Heap. We differ from existing work in ubicomp by distributing security policy
enforcement to individual client applications while keeping the responsibility of authentication on a
central server. This decoupling of authentication and policy enforcement provides a powerful framework
that supports a dynamically changing set of applications and users. While security mechanisms incur a
performance cost, our system is capable of meeting the human level performance needs of an interactive
workspace by offering a round-trip latency of less than 100 ms with normal workloads. iSecurity is fully
backwards compatible with existing Event Heap applications, allowing its deployment into iROS-based
interactive workspaces with minimal disruption to their daily operation.

Full PDF