Home

Frequently Asked Questions

  1. Q: Why is this a toolkit and not a framework?
    A: Different applications require different sensor modalities for interaction as well as different levels of security. Therefore, a toolkit, i.e. a collection of loosely coupled components, is better suited to fulfil those different needs than a framework that implements the complete program flow and offers only defined hooks for application behaviour. For adding authentication to applications, it is easier to select and combine provided components than to make the application fit a pre-defined structure.
  2. Q: Why the LGPL and not <insert your favorite software license here>?
    A: Because a toolkit is most useful when it is released under a license liberal enough to allow linking in all cases, both for other open source and for proprietary, closed source applications. The GNU General Public License (GPL) is problematic in this respect, because it does not allow linking with components that are not released under the same license. However, we want OpenUAT itself to remain open source, and the LGPL guarantees that any changes in its core will need to be released under the same license.
  3. Q: Why Java and not <insert your favorite platform or programming language here>?
    A: We expect a very heterogeneous range of devices to make use of context authentication. Consequently, no single software platform can be the base for supporting all of these systems.
    Java is only the first platform with an implementation, because it makes it (comparably) easy to implement cryptographic protocols and is available on many platforms. It is currently also the most wide-spread language when programming for mobile phones. Other implementations, especially with TinyOS, .NET, and Symbian OS should follow (initial work on TinyOS ports has begun). Any help in porting is highly appreciated!
  4. Q: Is this an application?
    A: In short, no. Although OpenUAT includes demonstration applications, it is a toolkit and therefore aims at developers who want to integrate authentication into applications.
  5. Q: How can I use it then?
    A: Either by developing with it, or by using one of the applications already created.
  6. Q: Why is this web page so ugly?
    A: Because I am better at designing cryptographic protocols than in designing web pages ;-) If anybody wants to help in improving it, this would be most appreciated.