Electronic Employment Eligibility Verification

[Excerpt] Unauthorized immigration and unauthorized employment continue to be key issues in the ongoing debate over immigration policy. Today’s discussions about these issues build on the work of prior Congresses. In 1986, following many years of debate about unauthorized immigration to the United States, Congress passed the Immigration Reform and Control Act (IRCA). This law sought to address unauthorized immigration, in part, by requiring all employers to examine documents presented by new hires to verify identity and work authorization and to complete and retain employment eligibility verification (I 9) forms. Ten years later, in the face of a growing unauthorized population, Congress attempted to strengthen the employment verification process by establishing pilot programs for electronic verification, as part of the Illegal Immigration Reform and Immigrant Responsibility Act of 1996 (IIRIRA). The Basic Pilot program (known today as E Verify), the first of the three IIRIRA employment verification pilots to be implemented and the only one still in operation, began in November 1997. Originally scheduled to terminate in November 2001, it has been extended several times. It is currently authorized until September 30, 2018, in accordance with the Consolidated Appropriations Act, 2018 (P.L. 115 141). E Verify is administered by the Department of Homeland Security’s (DHS’s) U.S. Citizenship and Immigration Services (USCIS). As of April 2, 2018, there were 779,722 employers enrolled in E Verify, representing more than 2.5 million hiring sites. E Verify is a largely voluntary program, but there are some mandatory participation requirements. Among them is a rule, which became effective in 2009, requiring certain federal contracts to contain a new clause committing contractors to use E Verify. Under E Verify, participating employers enter information about their new hires (name, date of birth, Social Security number, immigration/citizenship status, and alien number, if applicable) into an online system. This information is automatically compared with information in Social Security Administration and, if necessary, DHS databases to verify identity and employment eligibility. Legislation on electronic employment eligibility verification has been considered in recent Congresses. In weighing proposals on electronic employment verification, Congress may find it useful to evaluate them in terms of their potential impact on a set of related issues: unauthorized employment; verification system accuracy, efficiency, and capacity; discrimination; employer compliance; privacy; and verification system usability and employer burden

Integrity and Privacy Protection for Cyber-physical Systems (CPS)

The present-day interoperable and interconnected cyber-physical systems (CPS) provides significant value in our daily lives with the incorporation of advanced technologies. Still, it also increases the exposure to many security privacy risks like (1) maliciously manipulating the CPS data and sensors to compromise the integrity of the system (2) launching internal/external cyber-physical attacks on the central controller dependent CPS systems to cause a single point of failure issues (3) running malicious data and query analytics on the CPS data to identify internal insights and use it for achieving financial incentive. Moreover, (CPS) data privacy protection during sharing, aggregating, and publishing has also become challenging nowadays because most of the existing CPS security and privacy solutions have drawbacks, like (a) lack of a proper vulnerability characterization model to accurately identify where privacy is needed, (b) ignoring data providers privacy preference, (c) using uniform privacy protection which may create inadequate privacy for some provider while overprotecting others.Therefore, to address these issues, the primary purpose of this thesis is to orchestrate the development of a decentralized, p2p connected data privacy preservation model to improve the CPS system's integrity against malicious attacks. In that regard, we adopt blockchain to facilitate a decentralized and highly secured system model for CPS with self-defensive capabilities. This proposed model will mitigate data manipulation attacks from malicious entities by introducing bloom filter-based fast CPS device identity validation and Merkle tree-based fast data verification. Finally, the blockchain consensus will help to keep consistency and eliminate malicious entities from the protection framework. Furthermore, to address the data privacy issues in CPS, we propose a personalized data privacy model by introducing a standard vulnerability profiling library (SVPL) to characterize and quantify the CPS vulnerabilities and identify the necessary privacy requirements. Based on this model, we present our personalized privacy framework (PDP) in which Laplace noise is added based on the individual node's selected privacy preferences. Finally, combining these two proposed methods, we demonstrate that the blockchain-based system model is scalable and fast enough for CPS data's integrity verification. Also, the proposed PDP model can attain better data privacy by eliminating the trade-off between privacy, utility, and risk of losing information

SECURITY, PRIVACY AND APPLICATIONS IN VEHICULAR AD HOC NETWORKS

With wireless vehicular communications, Vehicular Ad Hoc Networks (VANETs) enable numerous applications to enhance traffic safety, traffic efficiency, and driving experience. However, VANETs also impose severe security and privacy challenges which need to be thoroughly investigated. In this dissertation, we enhance the security, privacy, and applications of VANETs, by 1) designing application-driven security and privacy solutions for VANETs, and 2) designing appealing VANET applications with proper security and privacy assurance. First, the security and privacy challenges of VANETs with most application significance are identified and thoroughly investigated. With both theoretical novelty and realistic considerations, these security and privacy schemes are especially appealing to VANETs. Specifically, multi-hop communications in VANETs suffer from packet dropping, packet tampering, and communication failures which have not been satisfyingly tackled in literature. Thus, a lightweight reliable and faithful data packet relaying framework (LEAPER) is proposed to ensure reliable and trustworthy multi-hop communications by enhancing the cooperation of neighboring nodes. Message verification, including both content and signature verification, generally is computation-extensive and incurs severe scalability issues to each node. The resource-aware message verification (RAMV) scheme is proposed to ensure resource-aware, secure, and application-friendly message verification in VANETs. On the other hand, to make VANETs acceptable to the privacy-sensitive users, the identity and location privacy of each node should be properly protected. To this end, a joint privacy and reputation assurance (JPRA) scheme is proposed to synergistically support privacy protection and reputation management by reconciling their inherent conflicting requirements. Besides, the privacy implications of short-time certificates are thoroughly investigated in a short-time certificates-based privacy protection (STCP2) scheme, to make privacy protection in VANETs feasible with short-time certificates. Secondly, three novel solutions, namely VANET-based ambient ad dissemination (VAAD), general-purpose automatic survey (GPAS), and VehicleView, are proposed to support the appealing value-added applications based on VANETs. These solutions all follow practical application models, and an incentive-centered architecture is proposed for each solution to balance the conflicting requirements of the involved entities. Besides, the critical security and privacy challenges of these applications are investigated and addressed with novel solutions. Thus, with proper security and privacy assurance, these solutions show great application significance and economic potentials to VANETs. Thus, by enhancing the security, privacy, and applications of VANETs, this dissertation fills the gap between the existing theoretic research and the realistic implementation of VANETs, facilitating the realistic deployment of VANETs

Homo Datumicus : correcting the market for identity data

Effective digital identity systems offer great economic and civic potential. However, unlocking this potential requires dealing with social, behavioural, and structural challenges to efficient market formation. We propose that a marketplace for identity data can be more efficiently formed with an infrastructure that provides a more adequate representation of individuals online. This paper therefore introduces the ontological concept of Homo Datumicus: individuals as data subjects transformed by HAT Microservers, with the axiomatic computational capabilities to transact with their own data at scale. Adoption of this paradigm would lower the social risks of identity orientation, enable privacy preserving transactions by default and mitigate the risks of power imbalances in digital identity systems and markets

An Automatic Reader of Identity Documents

Identity documents automatic reading and verification is an appealing technology for nowadays service industry, since this task is still mostly performed manually, leading to waste of economic and time resources. In this paper the prototype of a novel automatic reading system of identity documents is presented. The system has been thought to extract data of the main Italian identity documents from photographs of acceptable quality, like those usually required to online subscribers of various services. The document is first localized inside the photo, and then classified; finally, text recognition is executed. A synthetic dataset has been used, both for neural networks training, and for performance evaluation of the system. The synthetic dataset avoided privacy issues linked to the use of real photos of real documents, which will be used, instead, for future developments of the system.Comment: 6 pages, 9 figure

A Formal Study of the Privacy Concerns in Biometric-Based Remote Authentication Schemes

With their increasing popularity in cryptosystems, biometrics have attracted more and more attention from the information security community. However, how to handle the relevant privacy concerns remains to be troublesome. In this paper, we propose a novel security model to formalize the privacy concerns in biometric-based remote authentication schemes. Our security model covers a number of practical privacy concerns such as identity privacy and transaction anonymity, which have not been formally considered in the literature. In addition, we propose a general biometric-based remote authentication scheme and prove its security in our security model

Electronic Employment Eligibility Verification

[Excerpt] The policy issues discussed here may be especially important to consider in the context of proposals to require most or all employers to participate in E-Verify or another electronic employment eligibility verification system. A mandatory system could arguably make it possible to identify many more unauthorized workers. At the same time, under such a system, any inaccuracies, inefficiencies, or privacy breaches that occurred could affect much larger numbers of employees and employers. Employer compliance under a mandatory system would seem to be a salient issue, especially since it has direct implications for other issues, notably discrimination. Employer burden may be another important consideration. It may be that a mandatory system would require new strategies to address these issues

Giving You back Control of Your Data: Digital Signing Practical Issues and the eCert Solution

As technologies develop rapidly, digital signing is commonly used in eDocument security. However, unaddressed issues exist. An eCertificate system represents the problem situation, and therefore is being used as case study, in a project called eCert, to research for the solution. This paper addresses these issues, explores the gap between current tools and the desired system, through analysis of the existing services and eCertificate use cases, and the identified requirements, thereby presenting an approach which solves the above problems. Preliminary results indicate that the recommendation from this research meets the design requirements, and could form the foundation of future study of solving digital signing issues