SHAD: A Human-Centered Security Architecture for the Plan B Operating System

This paper describes SHAD, a novel architecture for security in pervasive computing environments, and a prototype implementation. SHAD is a peer-to-peer and human-centered security architecture. It is based in a general purpose personal device that manages the user´s security: the UbiTerm. There are several other systems that, at first sight, seem to provide single sign-on in ubiquitous environments. We argue that they fail to do so in practice, and that SHAD offers for the first time a real SSO that works well in ubiquitous environments that require using multiple machines and services simultaneously. SHAD permits users to share their resources in an easy, natural, and intuitive way, even while being disconnected from the rest of the world. The architecture we propose is able to exploit context information, when it is available. It does not require hard administration tasks, and permits users to manage their own resources. We have been using SHAD for one year. This paper describes our prototype implementation, the experience using it, and some measures that confirm that our approach is reasonable in practice