Grey Project: device-enabled authorization

Researcher(s): Lujo Bauer

Research Area: Access to Devices & Spaces

Abstract

The Grey Project is an ongoing effort to use smartphones to intelligently control the environment. Grey is built on two main underlying technologies: proof-carrying authorization, a logic-based distributed-access-control scheme that offers strong security guarantees and great flexibility; and capture resilience, a software-based scheme that helps protect a smartphone's secrets in the event of loss or theft. These technologies combined with the unique capabilities of smartphones make Grey more flexible, powerful, and secure than most alternatives. Grey is currently deployed to provide access control to physical space and computer logins in parts of the Collaborative Innovation Center on Carnegie Mellon's campus. Grey is a multidisciplinary project. Recent research results include a new, efficient distributed proof-generation algorithm that leverages human intuition to construct proofs of access; a technique for identifying and resolving misconfigurations in access-control policy; and new metrics for evaluating the accuracy of access-control systems in practice.

Copyright (c) 2009 Carnegie Mellon CyLab Partner Login | Carnegie Mellon Home
All Rights Reserved. Privacy Policy