A comprehensive review of RFID and bluetooth security: practical analysis

The Internet of Things (IoT) provides the ability to digitize physical objects into virtual data, thanks to the integration of hardware (e.g., sensors, actuators) and network communications for collecting and exchanging data. In this digitization process, however, security challenges need to be taken into account in order to prevent information availability, integrity, and confidentiality from being compromised. In this paper, security challenges of two broadly used technologies, RFID (Radio Frequency Identification) and Bluetooth, are analyzed. First, a review of the main vulnerabilities, security risk, and threats affecting both technologies are carried out. Then, open hardware and open source tools like: Proxmark3 and Ubertooth as well as BtleJuice and Bleah are used as part of the practical analysis. Lastly, risk mitigation and counter measures are proposed

A Key Recovery Attack on Error Correcting Code Based a Lightweight Security Protocol

One of the interesting types of RFID application is RFID searching which aims to hear a specific RFID tag from a large group of tags, i.e. ability of detecting whether a target RFID tag is nearby. Very recently, a lightweight protocol using error-correcting codes has been proposed by Chen et al. to provide a solution to needs in this field. The authors give a detailed analysis of their protocol in terms of security, privacy, communication overhead, hardware cost and they claim that it is a realizable scheme with fulfilling security and privacy requirements. In this study, however, we investigate security of this protocol and clearly demonstrate its security flaws that completely allow an adversary to exploit the system. In particular, by using linear properties of error correcting coding we firstly describe a tag tracing attack that undermines untraceability property which is one its design objectives. Then along with its implementation details we present a key recovery attack that reduces dramatically search space of a tag\u27s secret key and show that an adversary can compromise it in practical time by only querying this tag for several times. As an illustrative example we retrieve the secret key of the protocol in two hours for the adopted linear block code C(47,24,11) which is one of the suggested codes

An Overview of DRAM-Based Security Primitives

Recent developments have increased the demand for adequate security solutions, based on primitives that cannot be easily manipulated or altered, such as hardware-based primitives. Security primitives based on Dynamic Random Access Memory (DRAM) can provide cost-efficient and practical security solutions, especially for resource-constrained devices, such as hardware used in the Internet of Things (IoT), as DRAMs are an intrinsic part of most contemporary computer systems. In this work, we present a comprehensive overview of the literature regarding DRAM-based security primitives and an extended classification of it, based on a number of different criteria. In particular, first, we demonstrate the way in which DRAMs work and present the characteristics being exploited for the implementation of security primitives. Then, we introduce the primitives that can be implemented using DRAM, namely Physical Unclonable Functions (PUFs) and True Random Number Generators (TRNGs), and present the applications of each of the two types of DRAM-based security primitives. We additionally proceed to assess the security such primitives can provide, by discussing potential attacks and defences, as well as the proposed security metrics. Subsequently, we also compare these primitives to other hardware-based security primitives, noting their advantages and shortcomings, and proceed to demonstrate their potential for commercial adoption. Finally, we analyse our classification methodology, by reviewing the criteria employed in our classification and examining their significance

'A new discovery of an old intrigue' : a re-evaluation of daniel defoe's library catalogue, with a case study of its iberian content

This thesis presents a comprehensive re-examination of Daniel Defoe's library catalogue, a problematic resource which has been consistently neglected and maligned throughout the history of Defoe studies. Surveying both the catalogue's broad critical history and its treatment in specialist scholarship, it locates two major problems in the current body of knowledge. Firstly, Defoe scholarship's concentration on dividing the inventory between Defoe and Phillips Farewell (whose libraries were combined in the sale) ignores the full extent of its attribution problems, since many of the listed items were added to the sale by bookseller Olive Payne. Secondly, the field lacks a complete biographical and business profile of Payne, which is necessary for both the location of salted items and for tracing his connections to the Defoes. Solutions to both problems are offered here, as Payne's contribution to the Defoe/Farewell inventory is revealed through his previous sales and his habitual business practices, which are detailed in the first full-length biographical study of this obscure bookseller. New guidelines and recommendations for catalogue usage are formulated on the basis of these findings. The thesis highlights the catalogue's potential in the exploration of neglected sources and contexts for Defoe's work. Credible usage is demonstrated through a two-part study of Defoe's diverse Spanish contexts and their relation to the fictional modes represented in the catalogue. Close reading of his use of picaresque fiction, Italianate amatory novellas and moral allegory reveals both the direct influence of specific sources and a complex manifestation of genre conventions that supports further investigation of the nexus of Spanish literary texts behind Defoe's writing

Privacy in rfid and mobile objects

Los sistemas RFID permiten la identificación rápida y automática de etiquetas RFID a través de un canal de comunicación inalámbrico. Dichas etiquetas son dispositivos con cierto poder de cómputo y capacidad de almacenamiento de información. Es por ello que los objetos que contienen una etiqueta RFID adherida permiten la lectura de una cantidad rica y variada de datos que los describen y caracterizan, por ejemplo, un código único de identificación, el nombre, el modelo o la fecha de expiración. Además, esta información puede ser leída sin la necesidad de un contacto visual entre el lector y la etiqueta, lo cual agiliza considerablemente los procesos de inventariado, identificación, o control automático. Para que el uso de la tecnología RFID se generalice con éxito, es conveniente cumplir con varios objetivos: eficiencia, seguridad y protección de la privacidad. Sin embargo, el diseño de protocolos de identificación seguros, privados, y escalables es un reto difícil de abordar dada las restricciones computacionales de las etiquetas RFID y su naturaleza inalámbrica. Es por ello que, en la presente tesis, partimos de protocolos de identificación seguros y privados, y mostramos cómo se puede lograr escalabilidad mediante una arquitectura distribuida y colaborativa. De este modo, la seguridad y la privacidad se alcanzan mediante el propio protocolo de identificación, mientras que la escalabilidad se logra por medio de novedosos métodos colaborativos que consideran la posición espacial y temporal de las etiquetas RFID. Independientemente de los avances en protocolos inalámbricos de identificación, existen ataques que pueden superar exitosamente cualquiera de estos protocolos sin necesidad de conocer o descubrir claves secretas válidas ni de encontrar vulnerabilidades en sus implementaciones criptográficas. La idea de estos ataques, conocidos como ataques de “relay”, consiste en crear inadvertidamente un puente de comunicación entre una etiqueta legítima y un lector legítimo. De este modo, el adversario usa los derechos de la etiqueta legítima para pasar el protocolo de autenticación usado por el lector. Nótese que, dada la naturaleza inalámbrica de los protocolos RFID, este tipo de ataques representa una amenaza importante a la seguridad en sistemas RFID. En esta tesis proponemos un nuevo protocolo que además de autenticación realiza un chequeo de la distancia a la cual se encuentran el lector y la etiqueta. Este tipo de protocolos se conocen como protocolos de acotación de distancia, los cuales no impiden este tipo de ataques, pero sí pueden frustrarlos con alta probabilidad. Por último, afrontamos los problemas de privacidad asociados con la publicación de información recogida a través de sistemas RFID. En particular, nos concentramos en datos de movilidad que también pueden ser proporcionados por otros sistemas ampliamente usados tales como el sistema de posicionamiento global (GPS) y el sistema global de comunicaciones móviles. Nuestra solución se basa en la conocida noción de k-anonimato, alcanzada mediante permutaciones y microagregación. Para este fin, definimos una novedosa función de distancia entre trayectorias con la cual desarrollamos dos métodos diferentes de anonimización de trayectorias.Els sistemes RFID permeten la identificació ràpida i automàtica d’etiquetes RFID a través d’un canal de comunicació sense fils. Aquestes etiquetes són dispositius amb cert poder de còmput i amb capacitat d’emmagatzematge de informació. Es per això que els objectes que porten una etiqueta RFID adherida permeten la lectura d’una quantitat rica i variada de dades que els descriuen i caracteritzen, com per exemple un codi únic d’identificació, el nom, el model o la data d’expiració. A més, aquesta informació pot ser llegida sense la necessitat d’un contacte visual entre el lector i l’etiqueta, la qual cosa agilitza considerablement els processos d’inventariat, identificació o control automàtic. Per a que l’ús de la tecnologia RFID es generalitzi amb èxit, es convenient complir amb diversos objectius: eficiència, seguretat i protecció de la privacitat. No obstant això, el disseny de protocols d’identificació segurs, privats i escalables, es un repte difícil d’abordar dades les restriccions computacionals de les etiquetes RFID i la seva naturalesa sense fils. Es per això que, en la present tesi, partim de protocols d’identificació segurs i privats, i mostrem com es pot aconseguir escalabilitat mitjançant una arquitectura distribuïda i col•laborativa. D’aquesta manera, la seguretat i la privacitat s’aconsegueixen mitjançant el propi protocol d’identificació, mentre que l’escalabilitat s’aconsegueix per mitjà de nous protocols col•laboratius que consideren la posició espacial i temporal de les etiquetes RFID. Independentment dels avenços en protocols d’identificació sense fils, existeixen atacs que poden passar exitosament qualsevol d’aquests protocols sense necessitat de conèixer o descobrir claus secretes vàlides, ni de trobar vulnerabilitats a les seves implantacions criptogràfiques. La idea d’aquestos atacs, coneguts com atacs de “relay”, consisteix en crear inadvertidament un pont de comunicació entre una etiqueta legítima i un lector legítim. D’aquesta manera, l’adversari utilitza els drets de l’etiqueta legítima per passar el protocol d’autentificació utilitzat pel lector. Es important tindre en compte que, dada la naturalesa sense fils dels protocols RFID, aquests tipus d’atacs representen una amenaça important a la seguretat en sistemes RFID. En aquesta dissertació proposem un nou protocol que, a més d’autentificació, realitza una revisió de la distància a la qual es troben el lector i l’etiqueta. Aquests tipus de protocols es coneixen com a “distance-boulding protocols”, els quals no prevenen aquests tipus d’atacs, però si que poden frustrar-los amb alta probabilitat. Per últim, afrontem els problemes de privacitat associats amb la publicació de informació recol•lectada a través de sistemes RFID. En concret, ens concentrem en dades de mobilitat, que també poden ser proveïdes per altres sistemes àmpliament utilitzats tals com el sistema de posicionament global (GPS) i el sistema global de comunicacions mòbils. La nostra solució es basa en la coneguda noció de privacitat “k-anonymity” i parcialment en micro-agregació. Per a aquesta finalitat, definim una nova funció de distància entre trajectòries amb la qual desenvolupen dos mètodes diferents d’anonimització de trajectòries.Radio Frequency Identification (RFID) is a technology aimed at efficiently identifying and tracking goods and assets. Such identification may be performed without requiring line-of-sight alignment or physical contact between the RFID tag and the RFID reader, whilst tracking is naturally achieved due to the short interrogation field of RFID readers. That is why the reduction in price of the RFID tags has been accompanied with an increasing attention paid to this technology. However, since tags are resource-constrained devices sending identification data wirelessly, designing secure and private RFID identification protocols is a challenging task. This scenario is even more complex when scalability must be met by those protocols. Assuming the existence of a lightweight, secure, private and scalable RFID identification protocol, there exist other concerns surrounding the RFID technology. Some of them arise from the technology itself, such as distance checking, but others are related to the potential of RFID systems to gather huge amount of tracking data. Publishing and mining such moving objects data is essential to improve efficiency of supervisory control, assets management and localisation, transportation, etc. However, obvious privacy threats arise if an individual can be linked with some of those published trajectories. The present dissertation contributes to the design of algorithms and protocols aimed at dealing with the issues explained above. First, we propose a set of protocols and heuristics based on a distributed architecture that improve the efficiency of the identification process without compromising privacy or security. Moreover, we present a novel distance-bounding protocol based on graphs that is extremely low-resource consuming. Finally, we present two trajectory anonymisation methods aimed at preserving the individuals' privacy when their trajectories are released

The Hilltop 11-30-1990

This document created through a generous donation of Mr. Paul Cottonhttps://dh.howard.edu/hilltop_902000/1012/thumbnail.jp

Flue gas injection for methane recovery from gas hydrate reservoirs and geological Storage of CO2

The global energy system has been gradually de-carbonised over the years, from wood to coal, coal to oil, and then natural gas. Natural gas hydrates with their abundance in nature, therefore represent a potentially significant new clean energy source for the future. A few field trials have been conducted to recover natural gas (methane) from gas hydrate reservoirs. While the outcomes of these trials offer a glimmer of hope on the possibility of methane production from gas hydrate resources, there remains the nagging question of production sustainability as most field trials are short-lived due to high energy penalty, sand management issues, excessive water production, and potential environmental risks. This thesis reports the development of a novel technique for methane recovery from natural gas hydrate reservoirs by flue gas injection. Compared to the existing methods, the principal concept of the technique is to break the thermodynamic equilibrium of methane hydrate by flue gas injected, causing a shift in the equilibrium phase boundary to accommodate the presence of flue gas while releasing methane from hydrate dissociation. A series of experiments were conducted at different simulated hydrate reservoir conditions to demonstrate the feasibility of the technique vis-à-vis understanding how methane hydrate decomposes in the presence of flue gas, the impact of flue gas on the depressurisation process, and the possibility of the CO2 component in the flue gas being sequestered as CO2 or CO2-mixed hydrates. Furthermore, the impact of the excess aqueous phase, salinity, and sediment mineralogy on methane recovery were also investigated. Finally, peculiarities of gas flow in hydrate-bearing sediments were also investigated and modelled with existing permeability models. Results indicated significant dissociation of methane hydrate by a shift in the methane hydrate equilibrium phase boundary leading to a rise in methane concentration in the vapour phase. Enhanced methane recovery by depressurisation in the presence of flue gas generated a methane-rich vapour phase of up to 80 mol% methane at experimental conditions within the methane hydrate stability zone (HSZ). CO2 hydrate, N2-CO2-CH4 hydrate, and CO2-CH4 were formed simultaneously alongside methane recovery after flue gas injection. Up to 70% of CO2 in the vapour phase was captured and retained in the hydrate phase. Increased aqueous phase salinity enhanced methane recovery and increased CO2 capture and storage in excess water environments. Extension of the concept to air and nitrogen injection showed enhance depressurisation compared to flue gas injection with up to 90 mol% methane in the vapour phase at conditions still within the methane HSZ. It is also flexible, with the possibility of stepwise depressurisation with continuous and incremental methane recovery. Potentially these techniques are economically feasible as they save on costs in terms of thermal energy supply and chemical additives. On the operational front, it is not subject to injectivity constraints due to secondary hydrate formation. It also has the capacity to maintain reservoir energy, limit water production, and deliver better sand management. Additionally, direct capture and storage of CO2 from flue gas could provide huge savings in carbon capture and storage processes

Translational Research for Zoonotic Parasites: New Findings toward Improved Diagnostics, Therapy and Prevention

In this book is reported novel information on diagnosis, treatment, and control of parasites that are naturally transmitted from animal reservoirs to humans. Subjects: Public Health and Healthcare: Prevention; Medicine and Pharmacology: Therapy

Impact de la configuration des bâtiments scolaires sur leur performance lumineuse, thermique et énergétique

Tableau d'honneur de la Faculté des études supérieures et postdoctorales, 2011-2012Ce projet de recherche porte sur l'effet des variations typologiques des bâtiments scolaires sur leur performance lumineuse, thermique et énergétique. Dans les études sur les bâtiments scolaires, de nombreux auteurs ont présenté la récurrence des modèles ou patrons de dessin. Toutefois, leurs études n'ont pas exploré l'interaction entre «thermique - lumière naturelle - performance énergétique ». La stratégie méthodologique consiste à modéliser différentes configurations de salles de classe et de bâtiments, en évaluant leur performance énergétique et environnementale à l'aide du logiciel IES-Virtual Environment. Le but est d'analyser le potentiel passif offert par différentes typologies dans deux contextes climatiques : froid et tempéré. Les résultats obtenus permettent confirmer l'impact direct de la forme du bâtiment, la composition de son enveloppe et son mode de contrôle de l'environnement sur la performance énergétique et environnementale. Ainsi, ils confirment l'idée posée par Hawkes (1996) mettant en doute la compacité de la forme comme la solution optimale pour la conservation de l'énergie