Portable Security: Michigan Engineering Designs Laptop Security System

Engineers at the University of Michigan have developed a security framework for mobile computing devices that will automatically encrypt sensitive information when owners stray too far from their machines, or vice-versa. Called ZIA, or Zero-Interaction Authentication, the system could help protect sensitive documents from falling into the wrong hands.

Missing laptops are a particular concern for government agencies that deal regularly with national security documents. Last week, two laptops disappeared from MacDill Air Force Base in Tampa, Fla., a key command post for U.S. operations in Afghanistan. Although the laptops were later recovered, it is still unknown what information might have been compromised. Also, in a separate story, five agencies under Justice Department jurisdiction, including the FBI and DEA, reported 400 laptops of unknown security classification as missing. In 2000, a laptop holding thousands of pages of classified documents was taken from a conference room in the State Department's headquarters.

Protections schemes like ZIA could help keep national security documents secret by automatically scrambling sensitive information found on these laptops as soon as they are separated from their owners.

While data encryption is a common method of protecting information, most current protection systems require users to actively take part in the encrypting and decrypting process. Usually, users must identify themselves to their computer at regular intervals and then actively tell it when to decrypt or encrypt documents. People who find this process overly burdensome often ignore or disable these security measures intended to protect their data. Other times, unexpected events pull users away from their laptops without securing them.

ZIA overcomes these problems by reducing the amount of participation needed from the user. ZIA automatically manages the identification and authentication process with the laptop via an "authentication token" worn by the user. The token, which could take the form of a wristwatch, continuously communicates with the laptop via a wireless link. As long as the token is present, the computer functions normally. But if the user and token wander away from the machine, the laptop automatically encrypts all of its data.

According to the system's creator, Brian Noble, the system will be virtually unnoticeable to the user.

"When a user walks away from his laptop to get a cup of coffee, it will sense that he is leaving and begin securing the computer," said Noble, an assistant professor of electrical engineering and computer science at the University of Michigan. "As he returns, as soon as the user comes within radio range, the computer will begin unlocking the computer so that it is ready to resume work when the user sits down."

The wearable nature of the authentication token also helps keep the system unobtrusive to the user and more secure. According to Noble, ZIA could use a Linux wristwatch already designed by IBM to act as the token. Such a wristwatch would be less vulnerable to loss or theft than a device that is carried and often set down.

Noble's research was funded in part by Intel Corp., Novell Inc., the NSF, DARPA and the U.S. Air Force. It will be presented at the Association of Computing Machinery MobiCom 2002 conference in Atlanta, September 23-26.

A PDF describing this research can be found at: http://www.acm.org/sigmobile/mobicom/2002/papers/p002-corner.pdf

About the University of Michigan College of Engineering

The University of Michigan College of Engineering is consistently ranked among the top engineering schools in the world. The College is composed of 11 academic departments: aerospace engineering; atmospheric, oceanic and space sciences; biomedical engineering; chemical engineering; civil and environmental engineering; electrical engineering and computer science; industrial and operations engineering; materials science and engineering; mechanical engineering; naval architecture and marine engineering; and nuclear engineering and radiological sciences. Each year the college enrolls over 6,000 undergraduate and graduate students and grants about 1,000 undergraduate degrees and 600 masters and doctoral degrees. To learn more, please visit our web site at http://www.engin.umich.edu.