A composable framework for secure multi-modal access to Internet services from post-PC devices

Abstract

The post-PC revolution is bringing information access to a wide-range of devices beyond the desktop, such as public kiosks, and mobile devices like cellular telephones, PDAs, and voice based vehicle telematics. However existing deployed Internet services are geared toward the secure rich interface of private desktop computers. We propose the use of an infrastructure-based secure proxy architecture to bridge the gap between the capabilities of post-PC devices and the requirements of Internet services. By combining generic content and security transformation functions with service-specific rules, the architecture decouples device capabilities from service requirements and simplifies the addition of new devices and services. Security and protocol specifics are abstracted into reusable components. Additionally, the architecture offers the novel ability to deal with untrusted public Internet access points by providing fine-grain control over the content and functionality exposed to the end device, as well as support for using trusted and untrusted devices in tandem. Adding support for a deployed Internet service requires a few hundred lines of scraping scripts. Similarly, adding support for a new device requires a few hundred lines of stylesheets for the device format. The average latency added by proxy transformations is around three seconds in our unoptimized Java implementation.