Various devices may operate wirelessly, communicating over radio frequency links or infra-red links in a network. Network security requires either physical isolation or cryptographic mechanisms or some combination of the two to assure that devices accessing the network are authorized to do so. Utility and/or security of the network may suffer as the techniques require increasing user attention and intervention to assure device verification.
Present network security either requires physical isolation or cryptographic mechanisms bootstrapped via some out-of-band (OOB) mechanism (or some combination of the two). Some out-of-band techniques require substantial user attention and intervention (such as entering passwords or examining digital certificates, names, or key identifiers). The user experience of some of these techniques is poor. To make matters worse, devices are increasingly multifunctional, with a variety of embedded applications and sharable resources that the user would like to selectively make available to other devices. These applications and services may operate at different layers of the software stack (communication stack), and credentials applicable at one level are not necessarily usable at another layer for a variety of reasons. Since each credential type may (and typically does) use a different method for trust bootstrapping, the user today is faced with the prospect of performing multiple separate trust bootstrapping operations to configure mutual trust between a given pair of devices. For devices with limited user interfaces, the complexity of current trust bootstrapping methods is such a serious obstacle that many devices simply omit security altogether or include only simple security built around extremely weak measures such as a 4-digit PIN (personal identification number).