Authenticating ubiquitous services

摘要

This paper concerns the problem of phishing attacks in ubiquitous computing environments. The embedding of ubiquitous services into our everyday environments may make fake services seem plausible but it also enables us to authenticate them with respect to those environments. We propose physical and virtual linkage as two types of authenticating evidence in ubiquitous environments and two protocols based on them. We describe an experiment to test hypotheses concerning user responses to physical and virtual linkage with respect to fake Wi-Fi hotspots. Based on our experience we derive an improved protocol for authenticating spontaneously accessed ubiquitous services.