Device-Based Isolation for Securing Cryptographic Keys

In this work, we describe an eective device-based isolation approach for achieving data security. Device-based isolation leverages the proliferation of personal computing devices to provide strong run-time guarantees for the condentiality of secrets. To demonstrate our isolation approach, we show its use in protecting the secrecy of highly sensitive data that is crucial to security operations, such as cryptographic keys used for decrypting ciphertext or signing digital signatures. Private key is usually encrypted when not used, however, when being used, the plaintext key is loaded into the memory of the host for access. In our threat model, the host may be compromised by attackers, and thus the condentiality of the host memory cannot be preserved. We present a novel and practical solution and its prototype called DataGuard to protect the secrecy of the highly sensitive data through the storage isolation and secure tunneling enabled by a mobile handheld device. DataGuard can be deployed for the key protection of individuals or organizations

Quire: Lightweight Provenance for Smart Phone Operating Systems

Smartphone apps often run with full privileges to access the network and sensitive local resources, making it difficult for remote systems to have any trust in the provenance of network connections they receive. Even within the phone, different apps with different privileges can communicate with one another, allowing one app to trick another into improperly exercising its privileges (a Confused Deputy attack). In Quire, we engineered two new security mechanisms into Android to address these issues. First, we track the call chain of IPCs, allowing an app the choice of operating with the diminished privileges of its callers or to act explicitly on its own behalf. Second, a lightweight signature scheme allows any app to create a signed statement that can be verified anywhere inside the phone. Both of these mechanisms are reflected in network RPCs, allowing remote systems visibility into the state of the phone when an RPC is made. We demonstrate the usefulness of Quire with two example applications. We built an advertising service, running distinctly from the app which wants to display ads, which can validate clicks passed to it from its host. We also built a payment service, allowing an app to issue a request which the payment service validates with the user. An app cannot not forge a payment request by directly connecting to the remote server, nor can the local payment service tamper with the request

Conceptual evidence collection and analysis methodology for Android devices

Android devices continue to grow in popularity and capability meaning the need for a forensically sound evidence collection methodology for these devices also increases. This chapter proposes a methodology for evidence collection and analysis for Android devices that is, as far as practical, device agnostic. Android devices may contain a significant amount of evidential data that could be essential to a forensic practitioner in their investigations. However, the retrieval of this data requires that the practitioner understand and utilize techniques to analyze information collected from the device. The major contribution of this research is an in-depth evidence collection and analysis methodology for forensic practitioners.Comment: in Cloud Security Ecosystem (Syngress, an Imprint of Elsevier), 201

Implicit Sensor-based Authentication of Smartphone Users with Smartwatch

Smartphones are now frequently used by end-users as the portals to cloud-based services, and smartphones are easily stolen or co-opted by an attacker. Beyond the initial log-in mechanism, it is highly desirable to re-authenticate end-users who are continuing to access security-critical services and data, whether in the cloud or in the smartphone. But attackers who have gained access to a logged-in smartphone have no incentive to re-authenticate, so this must be done in an automatic, non-bypassable way. Hence, this paper proposes a novel authentication system, iAuth, for implicit, continuous authentication of the end-user based on his or her behavioral characteristics, by leveraging the sensors already ubiquitously built into smartphones. We design a system that gives accurate authentication using machine learning and sensor data from multiple mobile devices. Our system can achieve 92.1% authentication accuracy with negligible system overhead and less than 2% battery consumption.Comment: Published in Hardware and Architectural Support for Security and Privacy (HASP), 201

Mobile qualified electronic signatures and certification on demand

Despite a legal framework being in place for several years, the market share of qualified electronic signatures is disappointingly low. Mobile Signatures provide a new and promising opportunity for the deployment of an infrastructure for qualified electronic signatures. We analyzed two possible signing approaches (server based and client based signatures) and conclude that SIM-based signatures are the most secure and convenient solution. However, using the SIM-card as a secure signature creation device (SSCD) raises new challenges, because it would contain the user’s private key as well as the subscriber identification. Combining both functions in one card raises the question who will have the control over the keys and certificates. We propose a protocol called Certification on Demand (COD) that separates certification services from subscriber identification information and allows consumers to choose their appropriate certification services and service providers based on their needs. We also present some of the constraints that still have to be addressed before qualified mobile signatures are possible

The system architecture of the Pocket Companion

In the Moby Dick project we design the architecture of a so-called Pocket Companion. It is a small personal portable computer with wireless communication facilities for every day use. The typical use of the Pocket Companion induces a number of requirements concerning security, performance, energy consumption, communication and size. We have shown that these requirements are interrelated and can only be met optimal with one single architecture. The Pocket Companion architecture consists of a central switch with a security module surrounded by several modules. The Pocket Companion is a personal machine. Communication, and particularly wireless communication, is essential for the system to support electronic transactions. Such a system requires a good security infrastructure not only for safeguarding personal data, but also to allow safe (financial) transactions. The integration of a security module in the Pocket Companion architecture provides the basis for a secure environment.\ud Because battery life is limited and battery weight is an important factor for the size and the weight of the Pocket Companion, energy consumption plays a crucial role in the architecture. An important theme of the architecture is: enough performance for minimal energy consumption