Camera phones as mice, v.2

To follow on from this post, I have another use case coming from the 'smartphone as personal TCB' perspective. Not only could a smartphone function as a mouse, but also as a security device in place of a smart-card. The existing mentalities fit perfectly, because nobody leaves their smartphone lying around.

If the phone has a fingerprint scanner, then it also becomes a secure logon terminal. The use case:

  1. The user puts his phone on the the desk, camera-face down, and swipes his thumb on the strip reader.
  2. The phone establishes a secure link with the workstation via bluetooth, and authenticates the user with the server.
  3. If the authentication is valid, the workstation unlocks and the user begins work.
  4. The user leaves his office, taking his phone-mouse with him.
  5. The workstation detects a break in the bluetooth connection and locks the console.
  6. The user returns to his office, re-swipes his thumb to unlock the console, and continues work.

No comments: