35,663 research outputs found
Smart Humans... WannaDie?
It won't be long until our prostheses, ECG personal monitors, subcutaneous
insulin infusors, glasses, etc. become devices of the Internet of Things (IoT),
always connected for monitoring, maintenance, charging and tracking. This will
be the dawn of the Smart Human, not just a user of the IoT but a Thing in the
Internet. How long would it then take for hackers to attack us like they have
been attacking IoT devices? What would happen if hackers were able to blackmail
us threatening our IoT body parts? Smart Humans may become victims of the
devastating attack of WannaDie, a new ransomware that could provide the
plot-line for a possible future episode of the Black Mirror TV series.Comment: 5 pages, 3 figures, Accepted at the "Re-Coding Black Mirror" workshop
of the International Conference Data Protection and Democracy (CPDP
Localization to Enhance Security and Services in Wi-Fi Networks under Privacy Constraints
Developments of seamless mobile services are faced with two broad challenges, systems security and user privacy - access to wireless systems is highly insecure due to the lack of physical boundaries and, secondly, location based services (LBS) could be used to extract highly sensitive user information. In this paper, we describe our work on developing systems which exploit location information to enhance security and services under privacy constraints. We describe two complimentary methods which we have developed to track node location information within production University Campus Networks comprising of large numbers of users. The location data is used to enhance security and services. Specifically, we describe a method for creating geographic firewalls which allows us to restrict and enhance services to individual users within a specific containment area regardless of physical association. We also report our work on LBS development to provide visualization of spatio-temporal node distribution under privacy considerations
Conceivable security risks and authentication techniques for smart devices
With the rapidly escalating use of smart devices and fraudulent transaction of users’ data from their devices, efficient and reliable techniques for authentication of the smart devices have become an obligatory issue. This paper reviews the security risks for mobile devices and studies several authentication techniques available for smart devices. The results from field studies enable a comparative evaluation of user-preferred authentication mechanisms and their opinions about reliability, biometric authentication and visual authentication techniques
Provably-secure symmetric private information retrieval with quantum cryptography
Private information retrieval (PIR) is a database query protocol that
provides user privacy, in that the user can learn a particular entry of the
database of his interest but his query would be hidden from the data centre.
Symmetric private information retrieval (SPIR) takes PIR further by
additionally offering database privacy, where the user cannot learn any
additional entries of the database. Unconditionally secure SPIR solutions with
multiple databases are known classically, but are unrealistic because they
require long shared secret keys between the parties for secure communication
and shared randomness in the protocol. Here, we propose using quantum key
distribution (QKD) instead for a practical implementation, which can realise
both the secure communication and shared randomness requirements. We prove that
QKD maintains the security of the SPIR protocol and that it is also secure
against any external eavesdropper. We also show how such a classical-quantum
system could be implemented practically, using the example of a two-database
SPIR protocol with keys generated by measurement device-independent QKD.
Through key rate calculations, we show that such an implementation is feasible
at the metropolitan level with current QKD technology.Comment: 19 page
Privacy-Protecting Energy Management Unit through Model-Distribution Predictive Control
The roll-out of smart meters in electricity networks introduces risks for
consumer privacy due to increased measurement frequency and granularity.
Through various Non-Intrusive Load Monitoring techniques, consumer behavior may
be inferred from their metering data. In this paper, we propose an energy
management method that reduces energy cost and protects privacy through the
minimization of information leakage. The method is based on a Model Predictive
Controller that utilizes energy storage and local generation, and that predicts
the effects of its actions on the statistics of the actual energy consumption
of a consumer and that seen by the grid. Computationally, the method requires
solving a Mixed-Integer Quadratic Program of manageable size whenever new meter
readings are available. We simulate the controller on generated residential
load profiles with different privacy costs in a two-tier time-of-use energy
pricing environment. Results show that information leakage is effectively
reduced at the expense of increased energy cost. The results also show that
with the proposed controller the consumer load profile seen by the grid
resembles a mixture between that obtained with Non-Intrusive Load Leveling and
Lazy Stepping.Comment: Accepted for publication in IEEE Transactions on Smart Grid 2017,
special issue on Distributed Control and Efficient Optimization Methods for
Smart Gri
- …