Location attestation and access control for mobile devices using GeoXACML

Access control has been applied in various scenarios in the past for negotiating the best policy. Solutions with XACML for access control has been very well explored by research and have resulted in significant contributions to various sectors including healthcare. In controlling access to the sensitive data such as medical records, it is important to guarantee that the data is accessed by the right person for the right reason. Location of access requestor can be a good indication for his/her eligibility and reasons for accessing the data. To reason with geospatial information for access control, Geospatial XACML (eXtensible Access Control Markup Language) is proposed as a standard. However, there is no available implementation and architecture for reasoning with Geospatial XACML policies. This paper proposes to extend XACML with geohashing to implement geospatial policies. It also proposes an architecture for checking reliability of the geospatial information provided by clients. With a case study, we demonstrate how our framework can be used to control the privacy and data access of health service data in handheld devices

Glimmers: Resolving the Privacy/Trust Quagmire

Many successful services rely on trustworthy contributions from users. To establish that trust, such services often require access to privacy-sensitive information from users, thus creating a conflict between privacy and trust. Although it is likely impractical to expect both absolute privacy and trustworthiness at the same time, we argue that the current state of things, where individual privacy is usually sacrificed at the altar of trustworthy services, can be improved with a pragmatic $Glimmer$ $of$ $Trust$, which allows services to validate user contributions in a trustworthy way without forfeiting user privacy. We describe how trustworthy hardware such as Intel's SGX can be used client-side -- in contrast to much recent work exploring SGX in cloud services -- to realize the Glimmer architecture, and demonstrate how this realization is able to resolve the tension between privacy and trust in a variety of cases

KALwEN: a new practical and interoperable key management scheme for body sensor networks

Key management is the pillar of a security architecture. Body sensor networks (BSNs) pose several challenges–some inherited from wireless sensor networks (WSNs), some unique to themselves–that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new parameterized key management scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports secure global broadcast, local broadcast, and local (neighbor-to-neighbor) unicast, while preserving past key secrecy and future key secrecy (FKS). The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case. With both formal verification and experimental evaluation, our results should appeal to theorists and practitioners alike

Smart cards: State-of-the-art to future directions

The evolution of smart card technology provides an interesting case study of the relationship and interactions between security and business requirements. This paper maps out the milestones for smart card technology, discussing at each step the opportunities and challenges. The paper reviews recently proposed innovative ownership/management models and the security challenges associated with them. The paper concludes with a discussion of possible future directions for the technology, and the challenges these present