A PUF-and biometric-based lightweight hardware solution to increase security at sensor nodes

Security is essential in sensor nodes which acquire and transmit sensitive data. However, the constraints of processing, memory and power consumption are very high in these nodes. Cryptographic algorithms based on symmetric key are very suitable for them. The drawback is that secure storage of secret keys is required. In this work, a low-cost solution is presented to obfuscate secret keys with Physically Unclonable Functions (PUFs), which exploit the hardware identity of the node. In addition, a lightweight fingerprint recognition solution is proposed, which can be implemented in low-cost sensor nodes. Since biometric data of individuals are sensitive, they are also obfuscated with PUFs. Both solutions allow authenticating the origin of the sensed data with a proposed dual-factor authentication protocol. One factor is the unique physical identity of the trusted sensor node that measures them. The other factor is the physical presence of the legitimate individual in charge of authorizing their transmission. Experimental results are included to prove how the proposed PUF-based solution can be implemented with the SRAMs of commercial Bluetooth Low Energy (BLE) chips which belong to the communication module of the sensor node. Implementation results show how the proposed fingerprint recognition based on the novel texture-based feature named QFingerMap16 (QFM) can be implemented fully inside a low-cost sensor node. Robustness, security and privacy issues at the proposed sensor nodes are discussed and analyzed with experimental results from PUFs and fingerprints taken from public and standard databases.Ministerio de Economía, Industria y Competitividad TEC2014-57971-R, TEC2017-83557-

On the security of consumer wearable devices in the Internet of Things

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands

Wearable Computing for Defence Automation : Opportunities and Challenges in 5G Network

Peer reviewedPublisher PD

Design and Testing Novel Wearable Instrumentation for Assessing Pelvic Floor Function and Exploring Continence Mechanisms

Urinary incontinence (UI) and fecal incontinence (FI) affect 20% of North Americans, with a higher prevalence in women and the elderly. The prevention and treatment of these conditions unfortunately leaves much to be desired, despite the $88B and$49B annual U.S. costs associated with managing UI and FI, respectively. Recent research suggests that the major problem lies with the sphincters themselves, rather than other structures. More needs to be learned about how age, injury and disease affect these sphincters. The literature is reviewed in Chapter 1, knowledge gaps are identified and testable hypotheses formulated. In Chapter 2, we describe the first subject-specific, 3-D, biomechanics model of the urethra capable of contracting the three individual muscle layers along their lines of action. This was developed to better understand how the different layers contribute to urethral closure during activities of daily living. Exploratory studies of the vascular plexus suggest a role in affecting functional urethral length. While this model helps one to understand which muscles contribute to continence, it could not provide insights into the amount of urine leaked which, after all, is what bothers women the most. In Chapter 3, we describe a novel approach for quantifying urine leakage both in and out of the clinic. While one can presently obtain micturition flowmetry in the seated posture in the clinic, this precludes the possibility of any information being gathered on leakage during activities of daily living (ADL). Instead, a patient must keep a leakage diary for several days, which unfortunately is prone to recall bias and other errors. Therefore, a novel wearable personal uroflowmeter (PUF) was invented and developed to attach over the urethral meatus in women to collect urine flow rate and leakage data during ADL leakage episodes. This was connected with a waist-mounted inertial measurement unit (IMU) to provide data on the pose and ADL associated with the volume of each leakage episode. Chapter 4 describes the first-in-human testing of the PUF in women in and outside the clinic, demonstrating the feasibility of wearable uroflowmetry. Moreover, theoretical studies of labia majora coaptation suggest that the labia can inadvertently form a potential reservoir for urine leakage during a sneeze or cough. This insight will help eliminate the confusion over the relationship between the ADL causing the passage of urine through the urethra (i.e., a cough) and that which later causes urine to leak from the labial reservoir (i.e., rising from a chair). A few incidents of this phenomenon were measured for the first time while testing the PUF in women. In terms of anorectal function, Chapter 5 reports the design and development of a disposable point-of-service instrumented anorectal manometry glove (“digital manometry”, DM) for testing anal sphincter and anorectal function at an order of magnitude lower cost than the standard high resolution anorectal manometry (HR-ARM). Chapter 6 reports first-in-human testing of the DM device in patients with and without FI and chronic constipation. Comparisons of the DM and HR-ARM results show reasonable agreement. In addition, the DM also provided myoelectric information useful for identifying paradoxical contraction of the anorectal muscle in patients with dyssynergic defecation. In summary, the dissertation provides novel and inexpensive approaches for a clinician or researcher to better document and understand incontinence.PHDMechanical EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/163121/1/attari_1.pd

A Dual-Factor Access Control System Based on Device and User Intrinsic Identifiers

This paper proposes an access control system based on the simultaneous authentication of what the user has and who the user is. At enrollment phase, the wearable access device (a smart card, key fob, etc.) stores a template that results from the fusion of the intrinsic device identifier and the user biometric identifier. At verification phase, both the device and user identifiers are extracted and matched with the stored template. The device identifier is generated from the start-up values of the SRAM in the device hardware, which are exploited as a Physically Unclonable Function (PUF). Hence, if the device hardware is cloned, the authentic identifier is not generated. The user identifier is obtained from level-1 fingerprint features (directional image and singular points), which are extracted from the fingerprint images captured by the sensor in the access device. Hence, only genuine users with genuine devices are authorized to access and no sensitive information is stored or travels outside the access device. The proposal has been validated by using 560 fingerprints acquired in live by an optical sensor and 560 SRAM-based identifiers

Towards Security and Privacy in Networked Medical Devices and Electronic Healthcare Systems

E-health is a growing eld which utilizes wireless sensor networks to enable access to effective and efficient healthcare services and provide patient monitoring to enable early detection and treatment of health conditions. Due to the proliferation of e-health systems, security and privacy have become critical issues in preventing data falsification, unauthorized access to the system, or eavesdropping on sensitive health data. Furthermore, due to the intrinsic limitations of many wireless medical devices, including low power and limited computational resources, security and device performance can be difficult to balance. Therefore, many current networked medical devices operate without basic security services such as authentication, authorization, and encryption. In this work, we survey recent work on e-health security, including biometric approaches, proximity-based approaches, key management techniques, audit mechanisms, anomaly detection, external device methods, and lightweight encryption and key management protocols. We also survey the state-of-the art in e-health privacy, including techniques such as obfuscation, secret sharing, distributed data mining, authentication, access control, blockchain, anonymization, and cryptography. We then propose a comprehensive system model for e-health applications with consideration of battery capacity and computational ability of medical devices. A case study is presented to show that the proposed system model can support heterogeneous medical devices with varying power and resource constraints. The case study demonstrates that it is possible to signicantly reduce the overhead for security on power-constrained devices based on the proposed system model

SecuCode: Intrinsic PUF Entangled Secure Wireless Code Dissemination for Computational RFID Devices

The simplicity of deployment and perpetual operation of energy harvesting devices provides a compelling proposition for a new class of edge devices for the Internet of Things. In particular, Computational Radio Frequency Identification (CRFID) devices are an emerging class of battery-free, computational, sensing enhanced devices that harvest all of their energy for operation. Despite wireless connectivity and powering, secure wireless firmware updates remains an open challenge for CRFID devices due to: intermittent powering, limited computational capabilities, and the absence of a supervisory operating system. We present, for the first time, a secure wireless code dissemination (SecuCode) mechanism for CRFIDs by entangling a device intrinsic hardware security primitive Static Random Access Memory Physical Unclonable Function (SRAM PUF) to a firmware update protocol. The design of SecuCode: i) overcomes the resource-constrained and intermittently powered nature of the CRFID devices; ii) is fully compatible with existing communication protocols employed by CRFID devices in particular, ISO-18000-6C protocol; and ii) is built upon a standard and industry compliant firmware compilation and update method realized by extending a recent framework for firmware updates provided by Texas Instruments. We build an end-to-end SecuCode implementation and conduct extensive experiments to demonstrate standards compliance, evaluate performance and security.Comment: Accepted to the IEEE Transactions on Dependable and Secure Computin