An Analysis of Computer Systems for the Secure Creation and Verification of User Instructions

The ongoing digitisation of previously analogue systems through the Fourth Industrial Revolution transforms modern societies. Almost every citizen and businesses operating in most parts of the economy are increasingly dependent on the ability of computer systems to accurately execute people's command. This requires efficient data processing capabilities and effective data input methods that can accurately capture and process instructions given by a user. This thesis is concerned with the analysis of state-of-the-art technologies for reliable data input through three case studies. In the first case study, we analyse the UI of Windows 10 and macOS 10.14 for their ability to capture accurate input from users intending to erase data. We find several shortcomings in how both OS support users in identifying and selecting operations that match their intentions and propose several improvements. The second study investigates the use of transaction authentication technology in online banking to preserve the integrity of transaction data in the presence of financial malware. We find a complex interplay of personal and sociotechnical factors that affect whether people successfully secure their transactions, derive representative personas, and propose a novel transaction authentication mechanism that ameliorates some of these factors. In the third study, we analyse the Security Code AutoFill feature in iOS and macOS and its interactions with security processes of remote servers that require users to handle security codes delivered via SMS. We find novel security risks arising from this feature's design and propose amendments, some of which were implemented by Apple. From these case studies, we derive general insights on latent failure as causes for human error that extend the Swiss Cheese model of human error to non-work environments. These findings consequently extend the Human Factors Analysis and Classification System and can be applied to human error incident investigations

Secure and Usable User Authentication

Authentication is a ubiquitous task in users\u27 daily lives. The dominant form of user authentication are text passwords. They protect private accounts like online banking, gaming, and email, but also assets in organisations. Yet, many issues are associated with text passwords, leading to challenges faced by both, users and organisations. This thesis contributes to the body of research enabling secure and usable user authentication, benefiting both, users and organisations. To that end, it addresses three distinct challenges. The first challenge addressed in this thesis is the creation of correct, complete, understandable, and effective password security awareness materials. To this end, a systematic process for the creation of awareness materials was developed and applied to create a password security awareness material. This process comprises four steps. First, relevant content for an initial version is aggregated (i.e. descriptions of attacks on passwords and user accounts, descriptions of defences to these attacks, and common misconceptions about password and user account security). Then, feedback from information security experts is gathered to ensure the correctness and completeness of the awareness material. Thereafter, feedback from lay-users is gathered to ensure the understandability of the awareness material. Finally, a formal evaluation of the awareness material is conducted to ensure its effectiveness (i.e. whether the material improves participant\u27s ability to assess the security of passwords as well as password-related behaviour and decreases the prevalence of common misconceptions about password and user account security). The results of the evaluation show the effectiveness of the awareness material: it significantly improved the participants\u27 ability to assess the security of password-related behaviour as well as passwords and significantly decreased the prevalence of misconceptions about password and user account security. The second challenge addressed in this thesis is shoulder-surfing resistant text password entry with gamepads (as an example of very constrained input devices) in shared spaces. To this end, the very first investigation of text password entry with gamepads is conducted. First, the requirements of authentication in the gamepad context are described. Then, these requirements are applied to assess schemes already deployed in the gamepad context and shoulder-surfing resistant authentication schemes from the literature proposed for non-gamepad contexts. The results of this assessment show that none of the currently deployed and only four of the proposals in the literature fulfil all requirements. Furthermore, the results of the assessment also indicate a need for an empirical evaluation in order to exactly gauge the shoulder-surfing threat in the gamepad context and compare alternatives to the incumbent on-screen keyboard. Based on these results, two user studies (one online study and one lab study) are conducted to investigate the shoulder-surfing resistance and usability of three authentication schemes in the gamepad context: the on-screen keyboard (as de-facto standard in this context), the grid-based scheme (an existing proposal from the literature identified as the most viable candidate adaptable to the gamepad context during the assessment), and Colorwheels (a novel shoulder-surfing resistant authentication scheme specifically designed for the gamepad context). The results of these two user studies show that on-screen keyboards are highly susceptible to opportunistic shoulder-surfing, but also show the most favourable usability properties among the three schemes. Colorwheels offers the most robust shoulder-surfing resistance and scores highest with respect to participants\u27 intention to use it in the future, while showing more favourable usability results than the grid-based scheme. The third challenge addressed in this thesis is secure and efficient storage of passwords in portfolio authentication schemes. Portfolio authentication is used to counter capture attacks such as shoulder-surfing or eavesdropping on network traffic. While usability studies of portfolio authentication schemes showed promising results, a verification scheme which allows secure and efficient storage of the portfolio authentication secret had been missing until now. To remedy this problem, the (t,n)-threshold verification scheme is proposed. It is based on secret sharing and key derivation functions. The security as well as the efficiency properties of two variants of the scheme (one based on Blakley secret sharing and one based on Shamir secret sharing) are evaluated against each other and against a naive approach. These evaluations show that the two (t,n)-threshold verification scheme variants always exhibit more favourable properties than the naive approach and that when deciding between the two variants, the exact application scenario must be considered. Three use cases illustrate as exemplary application scenarios the versatility of the proposed (t,n)-threshold verification scheme. By addressing the aforementioned three distinct challenges, this thesis demonstrates the breadth of the field of usable and secure user authentication ranging from awareness materials, to the assessment and evaluation of authentication schemes, to applying cryptography to craft secure password storage solutions. The research processes, results, and insights described in this thesis represent important and meaningful contributions to the state of the art in the research on usable and secure user authentication, offering benefits for users, organisations, and researchers alike

Authentication and Authorization Modules for Open Messaging Interface (O-MI)

With the constant rise of new technology, developments in the fields of computer science, wireless networks, storage capabilities and sensing possibilities along with the demand for continuous connectivity have lead to the formation of the Internet of Things (IoT) concept. Today, there are numerous organizations working on the IoT technology aimed at developing smart products and services. Each company proposes its own methods directed for a particular field of industry thus, it ends up with having several protocols. This has poorly followed the concept of a unified system. The Open Group attempted to address this issue by proposing Open Messaging Interface (O-MI) and Open Data Format (O-DF) protocols and claimed O-MI to be an IoT messaging standard as that of HTTP for world-wide-web (WWW). The proposed protocols have been designed to ensure robust development, data standardization, and required security level. However, the security model needs to be upgraded with the recent security techniques. This thesis attempts to specify appropriate authentication and authorization (access control) mechanisms that manage various consumers and provide functionalities that fit into O-MI/O-DF standards. The thesis first discusses several challenges regarding IoT security and then different authentication and authorization techniques available today. It then describes in detail the design decisions and implementation technicalities of the autonomous services created for the reference implementation of O-MI and O-DF

Cybersecurity of Industrial Cyber-Physical Systems: A Review

Industrial cyber-physical systems (ICPSs) manage critical infrastructures by controlling the processes based on the "physics" data gathered by edge sensor networks. Recent innovations in ubiquitous computing and communication technologies have prompted the rapid integration of highly interconnected systems to ICPSs. Hence, the "security by obscurity" principle provided by air-gapping is no longer followed. As the interconnectivity in ICPSs increases, so does the attack surface. Industrial vulnerability assessment reports have shown that a variety of new vulnerabilities have occurred due to this transition while the most common ones are related to weak boundary protection. Although there are existing surveys in this context, very little is mentioned regarding these reports. This paper bridges this gap by defining and reviewing ICPSs from a cybersecurity perspective. In particular, multi-dimensional adaptive attack taxonomy is presented and utilized for evaluating real-life ICPS cyber incidents. We also identify the general shortcomings and highlight the points that cause a gap in existing literature while defining future research directions.Comment: 32 pages, 10 figure

Access Control In and For the Real World

Access control is a core component of any information-security strategy. Researchers have spent tremendous energy over the past forty years defining abstract access-control models and proving various properties about them. However, surprisingly little attention has been paid to how well these models work in real socio-technical systems (i.e., real human organizations). This dissertation describes the results of two qualitative studies (involving 52 participants from four companies, drawn from the financial, software, and healthcare sectors) and observes that the current practice of access control is dysfunctional at best. It diagnoses the broken assumptions that are at the heart of this dysfunction, and offers a new definition of the access-control problem that is grounded in the requirements and limitations of the real world

Telemedicine system in the South Atlantic. Phase VII (I)

The information technology and communications (also known as ICT) are an essential part of the evolution in the economy and society. Access to information has become a vital tool for the development of a community. Consequently, there has been a phenomenon known as "digital divide", which refers to differences between countries that have access to ICT and those without. This project aims to provide a small gesture to reduce the gap between what is often called "differences between North and South", providing an improvement in the telemedicine system that the NGO Telecos Sense Fronteres is developing to the Region of South Atlantic of Nicaragua since 2006. This seventh stage of the project has tried, first of all, to make a careful maintenance of the infrastructure and equipment which currently has the Hospital Ernesto Sequeira Blanco of Bluefields; to improve their performance by incorporating a system of virtual desktops. In addition, the VoIP telephony system has been expanded to other departments of the hospital and other health centres of Bluefields, plus designing a virtual private network for their internal use. Secondly, there has been worked in a radio-link to bring telemedicine to Monkey Point, a rural community, isolated and without access to telecommunications. Finally, it has been emphasized the fact to bring the project to the community of Bluefields in order that they appropriate it and not see it as mere spectators. Related to this, some collaboration agreements have been closed with various local institutions that can contribute to self-management of the project, such as Bluefields Indian & Caribbean University (with engineering students) or the Sistema Local de Atención Integral en Salud (both with the economic and health sides).Català: Les tecnologies de la informació i les comunicacions (també anomenades TIC) són una part essencial dels canvis en l'economia i la societat actual. L'accés a la informació s'ha convertit en una eina vital pel desenvolupament d'una comunitat. Arran d'això, ha sorgit un fenomen conegut com a “bretxa digital”, el qual fa referència a les diferències entre països que tenen accés a les TIC, i aquells que no. Aquest projecte pretén aportar un petit gest per tal de disminuir aquesta bretxa entre el que freqüentment s'anomena “diferències entre Nord i Sud”, proporcionant una millora en el Sistema de Telemedicina que la ONG Telecos Sense Fronteres està desenvolupant a la Regió de l'Atlàntic Sur de Nicaragua des del 2006. En aquesta setena fase del projecte, s'ha pretés, en primer lloc, fer un manteniment acurat de la infraestructura i els equips dels quals disposa l'Hospital Ernesto Sequeira Blanco de Bluefields, millorat-ne les prestacions amb la incorporació d'un sistema d'escriptoris virtuals. A més, s'ha ampliat la xarxa de telefonia VoIP per tal de fer-la extensiva a altres departaments de l'hospital i a altres centres de salut de la població, concretant una xarxa privada virtual pel seu ús intern. En segon terme, s'ha treballat en un radioenllaç per fer arribar la telemedicina a Monkey Point, una comunitat rural, aïllada i sense accés a les telecomunicacions. Finalment, s'ha fet èmfasi en apropar el projecte a la pròpia comunitat de Bluefields amb la finalitat que se l'apropiïn i no el vegin com a mers espectadors. En aquesta direcció, s'han establert convenis de col·laboració amb diferents entitats que poden contribuir a l'autogestió del projecte, com són la Bluefields Indian & Caribbean University (amb estudiants d'enginyeria) o el Sistema Local de Atención Integral en Salud (amb la part econòmica i relacionada amb la salut)