Bastian Könings

Exploring the design space of graphical passwords on smartphones

Smartphones have emerged as a likely application area for graphical passwords, because they are easier to input on touchscreens than text passwords. Extensive research on graphical passwords and the capabilities of modern smartphones result in a complex design space for graphical password schemes on smartphones. We analyze and describe this design space in detail. In the process, we identify and highlight interrelations between usability and security characteristics, available design features, and smartphone capabilities. We further show the expressiveness and utility of the design space in the development of graphical passwords schemes by implementing five different existing graphical password schemes on one smartphone platform. We performed usability and shoulder surfing experiments with the implemented schemes to validate identified relations in the design space. From our results, we derive a number of helpful insights and guidelines for the design of graphical passwords.

Resilient secure aggregation for vehicular networks

Innovative ways to use ad hoc networking between vehicles are an active research topic and numerous proposals have been made for applications that make use of it. Due to the bandwidth-limited wireless communication medium, scalability is one crucial factor for the success of these future protocols. Data aggregation is one solution to accomplish such scalability. The goal of aggregation is to semantically combine information and only disseminate this combined information in larger regions. However, the integrity of aggregated information cannot be easily verified anymore. Thus, attacks are possible resulting in lower user acceptance of applications using aggregation or, even worse, in accidents due to false information crafted by a malicious user. Therefore, it is necessary to design novel mechanisms to protect aggregation techniques. However, high vehicle mobility, as well as tight bandwidth constraints, pose strong requirements on the efficiency of such mechanisms. We present new security mechanisms for semantic data aggregation that are suitable for use in vehicular ad hoc networks. Resilience against both malicious users of the system and wrong information due to faulty sensors are taken into consideration. The presented mechanisms are evaluated with respect to their bandwidth overhead and their effectiveness against possible attacks.

Channel switch and quiet attack: New DoS attacks exploiting the 802.11 standard

Network communication using unprotected air as a medium leads to unique challenges ensuring confidentiality, integrity and availability. While newer amendments of IEEE 802.11 provide acceptable confidentiality and integrity, availability is still questionable despite broad usage of Wi-Fi technologies for tasks where availability is critical. We will present new security weaknesses that we have identified in the 802.11 standard and especially the 802.11h amendment. Our results are underlined by an extensive analysis of attacks addressing the quiet information element and channel switch announcement in management frames. For some stations a complete DoS effect can be achieved with a single packet for more than one minute. This shows that the newly identified attacks are more efficient than earlier approaches like a deauthentication attack. Tests were performed with a large variety of network interface cards, mobile devices, and operating systems.

Territorial privacy in ubiquitous computing

Smartphones define a trend towards increasing combination and integration of sensing capabilities with almost ubiquitous inter-connectivity. Resulting location-based services and context-aware applications will benefit users by adapting better to the user application needs. However, there is a lack of effective means for controlling privacy in such systems which will likely increase further with future ubiquitous computing systems. Territorial privacy is a concept that moves away from the information-centric view in traditional systems to a context-centric approach. In this paper, we define and model territorial privacy in the context of ubiquitous computing. We further discuss potential observers and disturbers in our model and provide an overview on how territorial privacy can be controlled in different environments, ranging from personal to public.

Context-Adaptive Privacy: Leveraging Context Awareness to Support Privacy Decision Making

Ubiquitous computing applications introduce multiple privacy challenges due to their sensing and actuation capabilities, which are often combined with ubiquitous interconnectivity. Because of the complexity of many ubicomp systems, users might have difficulties estimating the privacy implications of their actions and decisions. In this article, the authors discuss leveraging awareness about a users context and respective context changes to dynamically support privacy decision making. They present an operationalization of Irwin Altmans privacy regulation theory for this purpose, describing how individual phases of the process can be supported. They also report on their experiences in developing context-adaptive privacy mechanisms for different applications and domains. This article is part of a special issue on privacy and security.

P.I.A.N.O.: enhancing instrument learning via interactive projected augmentation

P.I.A.N.O. aims to support learning to play piano with a steep learning curve. In order to achieve this, traditional, hard-to-learn music notation is substituted for an alternative representation of a composition, which is projected directly onto the piano. Furthermore, we propose three different learning modes which support the natural learning process, incorporate live feedback and performance evaluation, as well as the augmentation of the system with aspects of gamification to achieve early experiences of success and prolonged motivation.

P.I.A.N.O.: Faster Piano Learning with Interactive Projection

Learning to play the piano is a prolonged challenge for novices. It requires them to learn sheet music notation and its mapping to respective piano keys, together with articulation details. Smooth playing further requires correct finger postures. The result is a slow learning progress, often causing frustration and strain. To overcome these issues, we propose P.I.A.N.O., a piano learning system with interactive projection that facilitates a fast learning process. Note information in form of an enhanced piano roll notation is directly projected onto the instrument and allows mapping of notes to piano keys without prior sight-reading skills. Three learning modes support the natural learning process with live feedback and performance evaluation. We report the results of two user studies, which show that P.I.A.N.O. supports faster learning, requires significantly less cognitive load, provides better user experience, and increases perceived musical quality compared to sheet music notation and non-projected piano roll notation.

Privacy implications of presence sharing in mobile messaging applications

Mobile messaging applications, such as WhatsApp, provide a free alternative for mobile texting on smartphones. Mobile messengers typically also share presence information about users to indicate when a user is online. We investigated the privacy implications of such presence updates, using WhatsApp as an example. We conducted a user study with two independent groups (19 participants in total), in which we collected and analyzed their presence information over four weeks of regular WhatsApp use and conducted follow-up interviews. Our results show that presence information alone is sufficient to accurately identify, for example, daily routines, deviations, times of inappropriate mobile messaging, or conversation partners. We discuss resulting privacy implications of presence information and potential solutions to mitigate these issues.

Towards context adaptive privacy decisions in ubiquitous computing

In ubiquitous systems control of privacy settings will be increasingly difficult due to the pervasive nature of sensing and communication capabilities. We identify challenges for privacy decisions in ubiquitous systems and propose a system for in situ privacy decision support. When context changes occur, the system adapts a users privacy preferences to the new situation. As a consequence, recommendations can be offered to the user or sharing behavior can be automatically adjusted to help the user maintain a desired level of privacy. The system learns from user interaction and behavior to improve decision accuracy. In this paper, we outline the main components of our system and illustrate its operation with an ambient assisted living use case.

PriCal: context-adaptive privacy in ambient calendar displays

PriCal is an ambient calendar display that shows a users schedule similar to a paper wall calendar. PriCal provides context-adaptive privacy to users by detecting present persons and adapting event visibility according to the users privacy preferences. We present a detailed privacy impact assessment of our system, which provides insights on how to leverage context to enhance privacy without being intrusive. PriCal is based on a decentralized architecture and supports the detection of registered users as well as unknown persons. In a three-week deployment study with seven displays, ten participants used PriCal in their real work environment with their own digital calendars. Our results provide qualitative insights on the implications, acceptance, and utility of context-adaptive privacy in the context of a calendar display system, indicating that it is a viable approach to mitigate privacy implications in ubicomp applications.