31,266 research outputs found
Recommended from our members
On Physical Disorder Based Hardware Security Primitives
With CMOS scaling extending transistors to nanometer regime, process variations from manufacturing impacts modern IC design. Fortunately, such variations have enabled an emerging hardware security primitive - Physically Unclonable Function. Physically Unclonable Functions (PUFs) are hardware primitives which utilize disorder from manufacturing variations for their core functionality. In contrast to insecure non-volatile key based roots-of-trust, PUFs promise a favorable feature - no attacker, not even the PUF manufacturer can clone the disorder and any attempt at invasive attack will upset that disorder. Despite a decade of research, certain practical problems impede the widespread adoption of PUFs. This dissertation addresses the important problems of (i) post-manufacturing testing, (ii) secure design and (iii) cost efficiency of PUFs. This is with the aim of making PUFs practical and also learning hardware design limitations of disorder based systems
Recommended from our members
On Improving Robustness of Hardware Security Primitives and Resistance to Reverse Engineering Attacks
The continued growth of information technology (IT) industry and proliferation of interconnected devices has aggravated the problem of ensuring security and necessitated the need for novel, robust solutions. Physically unclonable functions (PUFs) have emerged as promising secure hardware primitives that can utilize the disorder introduced during manufacturing process to generate unique keys. They can be utilized as \textit{lightweight} roots-of-trust for use in authentication and key generation systems. Unlike insecure non-volatile memory (NVM) based key storage systems, PUFs provide an advantage -- no party, including the manufacturer, should be able to replicate the physical disorder and thus, effectively clone the PUF. However, certain practical problems impeded the widespread deployment of PUFs. This dissertation addresses such problems of (i) reliability and (ii) unclonability. Also, obfuscation techniques have proven necessary to protect intellectual property in the presence of an untrusted supply chain and are needed to aid against counterfeiting. This dissertation explores techniques utilizing layout and logic-aware obfuscation. Collectively, we present secure and cost-effective solutions to address crucial hardware security problems
Regulating Mobile Mental Health Apps
Mobile medical apps (MMAs) are a fastâgrowing category of software typically installed on personal smartphones and wearable devices. A subset of MMAs are aimed at helping consumers identify mental states and/or mental illnesses. Although this is a fledgling domain, there are already enough extant mental health MMAs both to suggest a typology and to detail some of the regulatory issues they pose. As to the former, the current generation of apps includes those that facilitate selfâassessment or selfâhelp, connect patients with online support groups, connect patients with therapists, or predict mental health issues. Regulatory concerns with these apps include their quality, safety, and data protection. Unfortunately, the regulatory frameworks that apply have failed to provide coherent riskâassessment models. As a result, prudent providers will need to progress with caution when it comes to recommending apps to patients or relying on appâgenerated data to guide treatment
The Emerging Internet of Things Marketplace From an Industrial Perspective: A Survey
The Internet of Things (IoT) is a dynamic global information network
consisting of internet-connected objects, such as Radio-frequency
identification (RFIDs), sensors, actuators, as well as other instruments and
smart appliances that are becoming an integral component of the future
internet. Over the last decade, we have seen a large number of the IoT
solutions developed by start-ups, small and medium enterprises, large
corporations, academic research institutes (such as universities), and private
and public research organisations making their way into the market. In this
paper, we survey over one hundred IoT smart solutions in the marketplace and
examine them closely in order to identify the technologies used,
functionalities, and applications. More importantly, we identify the trends,
opportunities and open challenges in the industry-based the IoT solutions.
Based on the application domain, we classify and discuss these solutions under
five different categories: smart wearable, smart home, smart, city, smart
environment, and smart enterprise. This survey is intended to serve as a
guideline and conceptual framework for future research in the IoT and to
motivate and inspire further developments. It also provides a systematic
exploration of existing research and suggests a number of potentially
significant research directions.Comment: IEEE Transactions on Emerging Topics in Computing 201
SecuCode: Intrinsic PUF Entangled Secure Wireless Code Dissemination for Computational RFID Devices
The simplicity of deployment and perpetual operation of energy harvesting
devices provides a compelling proposition for a new class of edge devices for
the Internet of Things. In particular, Computational Radio Frequency
Identification (CRFID) devices are an emerging class of battery-free,
computational, sensing enhanced devices that harvest all of their energy for
operation. Despite wireless connectivity and powering, secure wireless firmware
updates remains an open challenge for CRFID devices due to: intermittent
powering, limited computational capabilities, and the absence of a supervisory
operating system. We present, for the first time, a secure wireless code
dissemination (SecuCode) mechanism for CRFIDs by entangling a device intrinsic
hardware security primitive Static Random Access Memory Physical Unclonable
Function (SRAM PUF) to a firmware update protocol. The design of SecuCode: i)
overcomes the resource-constrained and intermittently powered nature of the
CRFID devices; ii) is fully compatible with existing communication protocols
employed by CRFID devices in particular, ISO-18000-6C protocol; and ii) is
built upon a standard and industry compliant firmware compilation and update
method realized by extending a recent framework for firmware updates provided
by Texas Instruments. We build an end-to-end SecuCode implementation and
conduct extensive experiments to demonstrate standards compliance, evaluate
performance and security.Comment: Accepted to the IEEE Transactions on Dependable and Secure Computin
- âŠ