Enabling Secure Ad-hoc Communication using Context-Aware Security Services

It is a stated goal of the ubiquitous computing research thrust to make the computer "disappear". One of the most intrusive aspects about computers today is security man-agement. Thinking about security places an immense bur-den on users (e. g., Is it safe to open this attachment? Should I accept this cookie? Should I let Internet Explorer remem-ber my password?, etc. ). Moreover, managing security set-tings is cumbersome, difficult to understand, and often con-sidered a hassle that is in the way of getting work done [8]. Making security management "disappear" does not only accomplish a goal of ubiquitous computing-we believe that it can, in fact, also make things more secure. If users are bothered less often with dialog boxes that they don't understand, then they are less likely to make bad decisions. Likewise, if users don't have to go through a difficult secu-rity setup, then they are less likely to skip that cumbersome step. In this paper, we propose a step toward making security management disappear in certain situations. Imagine the following situation: you are at a meeting in a conference room and would like to share a sensitive doc-ument you just received with members from various orga-nizations in the conference room. Traditionally, you would have to have some sort of a priori trust information from the intended recipients of your sensitive message (such as their public keys). Exchanging this trust information is a cumbersome step, and not everybody in the room may par-ticipate in the same Public Key Infrastructure (PKI). Recently, mechanisms have been suggested to exchange trust information on-the-fly in an ad-hoc manner [2], which would reduce the need for cumbersome setup steps and also eliminate the need for an all-embracing PKI. But the ultimate automation of this process would be if, simply by entering the conference room, all partici-pants of the meeting became members of some sort of se-cure group communication scheme they could use to com-municate with each other. No setup would be necessary,