Mobility Innovations from Microsoft Research - InformationWeek
12:00 AM
[Dark Reading Crash Course] Finding & Fixing Application Security Vulnerabilitie
Sep 14, 2017
Hear from a top applications security expert as he discusses key practices for scanning and securi ...Read More>>

Mobility Innovations from Microsoft Research

If you have an opportunity browse through the research projects going on at Microsoft Research.  As the site states the research projects are not the ivory tower type but are focused on "turning ideas into reality".  The overarching goals of the projects are "to enhance the user experience on computing devices, reduce the cost of writing and maintaining software, and invent novel computing technologies".

Here are a couple I found on the site focused on mobile technology:

SPACE: Secure Protocol for Address-Book based Connection Establishment

SPACE is focused on addressing the largely unrealized potential of peer-to-peer mobile applications, examples sited are collaboration and gaming.  The research team provides 2 main reasons why the potential of peer-to-peer mobile applications remains "unrealized".  First, the existing connection establishment protocols for Bluetooth and IEEE 802.11 have known security flaws which limit the categories of applications that can comfortably be deployed.  Second, the protocols are do not provide automatic ad-hoc connections, they require explicit user interaction to initiate a connection, for example entering a passkey.

 The solution, SPACE, a protocol for secure automatic ad-hoc connection-establishment between two devices based on the address book entries contained on the devices.  The team's premise?,  if  two  people  have  each  other's contact  details  in  their  address  books there is a  basis for a trust relationship  between  their  devices, and an automatic ad-hoc connection can be made without additional  user  intervention.

WiFiAds: A Novel Approach for Delivering Location-Sensitive Advertisements Using Wi-Fi Networks

WiFiAds has its foundation in an interesting augmentation of WiFi Access Point (AP) to device communication called "beacon stuffing". When a wireless client associates with an AP to begin wireless communications it can no longer communicate with other APs in the reachable area without using sophisticated software.  The research team argues that this limitation in the wireless world is no better, if not similar, to the wired model where an ethernet cable connection needlessly limits the capabilities.  Why limit a wireless client to simply hearing or being aware of other non-associated APs, why not enable the  exchange useful information with them.  If a wireless client were able to exchange information with non-associated APs it might be able to determine which AP has the lowest load or highest bandwidth, enabling clients to select and deselect APs based on this information. 

This is where "beacon stuffing" comes in, a low bandwidth communication protocol for IEEE 802.11 networks that enables APs to communicate with clients without association.  The concept is based on the fact that APs send beacons to clients that are not associated with them, and that it is possible to overload fields in the beacons and management frames to embed interesting data. The approach is complimentary to 802.11 association and works by overloading 802.11 management frames without breaking the standard, in fact the team claims that minor driver changes are required at the client and AP.

The team has come up with a number of new applications that are enabled by "beacon stuffing".  One application we discussed above, is the ability of APs to embed network selection content into beacons to broadcast performance or pricing information about their wireless network.  Another application is for APs to send location-specific advertisements or coupons to unassociated clients to advertise goods and services. For example you walk into a coffee shop and get a coupon to try the coffee of the day. 


Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll