Computer Science Department
School of Computer Science, Carnegie Mellon University


Device-Enabled Authorization in the Grey System

Lujo Bauer*, Scott Garriss+, Jonathan M. McCune+,
Michael K. Reiter*+, Jason Rouse*, Peter Rutenbar**

February 2005


Keywords: Security, access control, mobile devices, smartphones

We describe the design and implementation of Grey, a set of software extensions that convert an off-the-shelf smartphone-class device into a tool by which its owner exercises and delegates her authority to both physical and virtual resources. We describe the software architecture and user interfaces of Grey, and then detail two initial case studies in which we have converted infrastructure to accommodate requests from Grey-enabled devices. The first is two floors (nearly 30,000 square feet) of office space, in which we are equipping over 65 doors for access control using Grey for a population of roughly 150 persons. The second is modifications to Windows XP that permit login via Grey-enabled phones. We provide preliminary evaluations of these efforts and directions for research to further the vision of a unified authorization framework for both physical and virtual resources.

26 pages

*CyLab, Carnegie Mellon University
+Department of Electrical and Computer Engineering, Carnegie Mellon University
**Winchester Thurston High School, Pittsburgh, PA.

Return to: SCS Technical Report Collection
School of Computer Science homepage

This page maintained by