GTmoPass: Two-factor Authentication on Public Displays Using Gaze-touch Passwords and Personal Mobile Devices

As public displays continue to deliver increasingly private and personalized content, there is a need to ensure that only the legitimate users can access private information in sensitive contexts. While public displays can adopt similar authentication concepts like those used on public terminals (e.g., ATMs), authentication in public is subject to a number of risks. Namely, adversaries can uncover a user's password through (1) shoulder surfing, (2) thermal attacks, or (3) smudge attacks. To address this problem we propose GTmoPass, an authentication architecture that enables Multi-factor user authentication on public displays. The first factor is a knowledge-factor: we employ a shoulder-surfing resilient multimodal scheme that combines gaze and touch input for password entry. The second factor is a possession-factor: users utilize their personal mobile devices, on which they enter the password. Credentials are securely transmitted to a server via Bluetooth beacons. We describe the implementation of GTmoPass and report on an evaluation of its usability and security, which shows that although authentication using GTmoPass is slightly slower than traditional methods, it protects against the three aforementioned threats

Designing Usable and Secure Authentication Mechanisms for Public Spaces

Usable and secure authentication is a research field that approaches different challenges related to authentication, including security, from a human-computer interaction perspective. That is, work in this field tries to overcome security, memorability and performance problems that are related to the interaction with an authentication mechanism. More and more services that require authentication, like ticket vending machines or automated teller machines (ATMs), take place in a public setting, in which security threats are more inherent than in other settings. In this work, we approach the problem of usable and secure authentication for public spaces. The key result of the work reported here is a set of well-founded criteria for the systematic evaluation of authentication mechanisms. These criteria are justified by two different types of investigation, which are on the one hand prototypical examples of authentication mechanisms with improved usability and security, and on the other hand empirical studies of security-related behavior in public spaces. So this work can be structured in three steps: Firstly, we present five authentication mechanisms that were designed to overcome the main weaknesses of related work which we identified using a newly created categorization of authentication mechanisms for public spaces. The systems were evaluated in detail and showed encouraging results for future use. This and the negative sides and problems that we encountered with these systems helped us to gain diverse insights on the design and evaluation process of such systems in general. It showed that the development process of authentication mechanisms for public spaces needs to be improved to create better results. Along with this, it provided insights on why related work is difficult to compare to each other. Keeping this in mind, first criteria were identified that can fill these holes and improve design and evaluation of authentication mechanisms, with a focus on the public setting. Furthermore, a series of work was performed to gain insights on factors influencing the quality of authentication mechanisms and to define a catalog of criteria that can be used to support creating such systems. It includes a long-term study of different PIN-entry systems as well as two field studies and field interviews on real world ATM-use. With this, we could refine the previous criteria and define additional criteria, many of them related to human factors. For instance, we showed that social issues, like trust, can highly affect the security of an authentication mechanism. We used these results to define a catalog of seven criteria. Besides their definition, we provide information on how applying them influences the design, implementation and evaluation of a the development process, and more specifically, how adherence improves authentication in general. A comparison of two authentication mechanisms for public spaces shows that a system that fulfills the criteria outperforms a system with less compliance. We could also show that compliance not only improves the authentication mechanisms themselves, it also allows for detailed comparisons between different systems

Application of automatic vehicle location in law enforcement: An introductory planning guide

A set of planning guidelines for the application of automatic vehicle location (AVL) to law enforcement is presented. Some essential characteristics and applications of AVL are outlined; systems in the operational or planning phases are discussed. Requirements analysis, system concept design, implementation planning, and performance and cost modeling are described and demonstrated with numerous examples. A detailed description of a typical law enforcement AVL system, and a list of vendor sources are given in appendixes

DEVELOPMENT AND IMPLEMENTATION OF ROBOT OPERATING SYSTEMS FOR UNDERGRADUATES

The purpose of this project was to create an undergraduate junior lab to teach students about Robotic Operating System (ROS). The labs were designed to highlight the usefulness of ROS and the process used. Designing algorithms, how to send/receive messages, and the hierarchy of how nodes work with each other are emphasized. Taking packages that are open-source then modifying them is also emphasized. This is done so that students can transfer their knowledge from this course to other robot operating systems

Smartphone-Based pH Sensor for Home Monitoring of Pulmonary Exacerbations in Cystic Fibrosis.

Currently, Cystic Fibrosis (CF) patients lack the ability to track their lung health at home, relying instead on doctor checkups leading to delayed treatment and lung damage. By leveraging the ubiquity of the smartphone to lower costs and increase portability, a smartphone-based peripheral pH measurement device was designed to attach directly to the headphone port to harvest power and communicate with a smartphone application. This platform was tested using prepared pH buffers and sputum samples from CF patients. The system matches within ~0.03 pH of a benchtop pH meter while fully powering itself and communicating with a Samsung Galaxy S3 smartphone paired with either a glass or Iridium Oxide (IrOx) electrode. The IrOx electrodes were found to have 25% higher sensitivity than the glass probes at the expense of larger drift and matrix sensitivity that can be addressed with proper calibration. The smartphone-based platform has been demonstrated as a portable replacement for laboratory pH meters, and supports both highly robust glass probes and the sensitive and miniature IrOx electrodes with calibration. This tool can enable more frequent pH sputum tracking for CF patients to help detect the onset of pulmonary exacerbation to provide timely and appropriate treatment before serious damage occurs

A genetically encoded reporter of synaptic activity in vivo

To image synaptic activity within neural circuits, we tethered the genetically encoded calcium indicator (GECI) GCaMP2 to synaptic vesicles by fusion to synaptophysin. The resulting reporter, SyGCaMP2, detected the electrical activity of neurons with two advantages over existing cytoplasmic GECIs: it identified the locations of synapses and had a linear response over a wider range of spike frequencies. Simulations and experimental measurements indicated that linearity arises because SyGCaMP2 samples the brief calcium transient passing through the presynaptic compartment close to voltage-sensitive calcium channels rather than changes in bulk calcium concentration. In vivo imaging in zebrafish demonstrated that SyGCaMP2 can assess electrical activity in conventional synapses of spiking neurons in the optic tectum and graded voltage signals transmitted by ribbon synapses of retinal bipolar cells. Localizing a GECI to synaptic terminals provides a strategy for monitoring activity across large groups of neurons at the level of individual synapses