Thursday, April 01, 2010

'MULE' Prototype Uses Location for Authentication

Researchers at CMU (Carnegie Mellon University) have constructed a location-based encryption model for protecting data in lost or stolen laptops with little or no user interaction or IT administrative overhead.

The so-named Mobile User Location Specific Encryption (MULE) method encrypts only sensitive files on a user's laptop.

In a paper entitled Mobile User Location-specific Encryption (MULE): Using Your Office as Your Password researchers say
Our goal is to remove user effort associated with encryption technology while achieving the same or better security comparedto traditional password-based approaches. For example, with MULE, a user can securely store encrypted copies of bank records and tax returns on a laptop, and automatically gain access when opening those files in the home office, CMU CyLab technical director Adrian Perrig and CMU graduate student Ahren Studer write in their paper on MULE. "After a thief steals the laptop, the only way to recover the files is to break into the user's home."

See Tech Center: Insider Threat article in Dark Reading .