Inheriting the vast mobile phone market, converged mobile devices ("smartphones") are poised to become the first pervasive personal computing platform. Several research groups and companies are already exploring a vision of the smartphone as a universal access control device, replacing physical keys, access tokens, etc. In this talk we describe our flavor of this vision, with a focus on the new types of flexible policy management and authority delegation that such devices would enable, and summarize our efforts to address some of the primary obstacles to this vision. To date, these efforts have yielded advances in areas as diverse as cryptographic techniques to defend captured smartphones from misuse; automated theorem proving in support of a proof-carrying access control infrastructure; and user interfaces for security management. We also describe our efforts to deploy this technology in a testbed on the Carnegie Mellon campus.
Reception will PRECEDE the lecture at 2:30 p.m. in 301 CSL.
Michael Reiter is a Professor of Electrical & Computer Engineering and Computer Science at Carnegie Mellon University in Pittsburgh, Pennsylvania, USA. He received the B.Sc. degree in mathematical sciences from the University of North Carolina in 1989, and the M.Sc. and Ph.D. degrees in computer science from Cornell University in 1991 and 1993, respectively. He joined AT&T Bell Labs in 1993 and became a founding member of AT&T Labs Research when NCR and Lucent Technologies (including Bell Labs) were split away from AT&T in 1996. He returned to Bell Labs in 1998 as Director of Secure Systems Research, and then joined Carnegie Mellon in 2001. Dr. Reiter's research interests include all areas of computer and communications security and distributed computing. He regularly publishes and serves on conference organizing committees in these fields, and has served as program chair for the flagship computer security conferences of the IEEE, the ACM, and the Internet Society. He currently serves as Editor-in-Chief of ACM Transactions on Information and System Security, on the editorial board of the International Journal of Information Security, and on the Board of Visitors for the Software Engineering Institute. He previously served on the editorial boards of IEEE Transactions on Software Engineering and IEEE Transactions on Dependable and Secure Computing, and as Chair of the IEEE Technical Committee on Security and Privacy.
FOR MORE INFORMATION: www.iti.uiuc.edu