469 research outputs found
Survey and Systematization of Secure Device Pairing
Secure Device Pairing (SDP) schemes have been developed to facilitate secure
communications among smart devices, both personal mobile devices and Internet
of Things (IoT) devices. Comparison and assessment of SDP schemes is
troublesome, because each scheme makes different assumptions about out-of-band
channels and adversary models, and are driven by their particular use-cases. A
conceptual model that facilitates meaningful comparison among SDP schemes is
missing. We provide such a model. In this article, we survey and analyze a wide
range of SDP schemes that are described in the literature, including a number
that have been adopted as standards. A system model and consistent terminology
for SDP schemes are built on the foundation of this survey, which are then used
to classify existing SDP schemes into a taxonomy that, for the first time,
enables their meaningful comparison and analysis.The existing SDP schemes are
analyzed using this model, revealing common systemic security weaknesses among
the surveyed SDP schemes that should become priority areas for future SDP
research, such as improving the integration of privacy requirements into the
design of SDP schemes. Our results allow SDP scheme designers to create schemes
that are more easily comparable with one another, and to assist the prevention
of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications
Surveys & Tutorials 2017 (Volume: PP, Issue: 99
Fog based Secure Framework for Personal Health Records Systems
The rapid development of personal health records (PHR) systems enables an
individual to collect, create, store and share his PHR to authorized entities.
Health care systems within the smart city environment require a patient to
share his PRH data with a multitude of institutions' repositories located in
the cloud. The cloud computing paradigm cannot meet such a massive
transformative healthcare systems due to drawbacks including network latency,
scalability and bandwidth. Fog computing relieves the burden of conventional
cloud computing by availing intermediate fog nodes between the end users and
the remote servers. Aiming at a massive demand of PHR data within a ubiquitous
smart city, we propose a secure and fog assisted framework for PHR systems to
address security, access control and privacy concerns. Built under a fog-based
architecture, the proposed framework makes use of efficient key exchange
protocol coupled with ciphertext attribute based encryption (CP-ABE) to
guarantee confidentiality and fine-grained access control within the system
respectively. We also make use of digital signature combined with CP-ABE to
ensure the system authentication and users privacy. We provide the analysis of
the proposed framework in terms of security and performance.Comment: 12 pages (CMC Journal, Tech Science Press
Certificateless Algorithm for Body Sensor Network and Remote Medical Server Units Authentication over Public Wireless Channels
Wireless sensor networks process and exchange mission-critical data relating to patientsā health status. Obviously, any leakages of the sensed data can have serious consequences which can endanger the lives of patients. As such, there is need for strong security and privacy protection of the data in storage as well as the data in transit. Over the recent past, researchers have developed numerous security protocols based on digital signatures, advanced encryption standard, digital certificates and elliptic curve cryptography among other approaches. However, previous studies have shown the existence of many security and privacy gaps that can be exploited by attackers to cause some harm in these networks. In addition, some techniques such as digital certificates have high storage and computation complexities occasioned by certificate and public key management issues. In this paper, a certificateless algorithm is developed for authenticating the body sensors and remote medical server units. Security analysis has shown that it offers data privacy, secure session key agreement, untraceability and anonymity. It can also withstand typical wireless sensor networks attacks such as impersonation, packet replay and man-in-the-middle. On the other hand, it is demonstrated to have the least execution time and bandwidth requirements
Social, Private, and Trusted Wearable Technology under Cloud-Aided Intermittent Wireless Connectivity
There has been an unprecedented increase in the use of smart devices globally, together with novel forms of communication, computing, and control technologies that have paved the way for a new category of devices, known as high-end wearables. While massive deployments of these objects may improve the lives of people, unauthorized access to the said private equipment and its connectivity is potentially dangerous. Hence, communication enablers together with highly-secure human authentication mechanisms have to be designed.In addition, it is important to understand how human beings, as the primary users, interact with wearable devices on a day-to-day basis; usage should be comfortable, seamless, user-friendly, and mindful of urban dynamics. Usually the connectivity between wearables and the cloud is executed through the userās more power independent gateway: this will usually be a smartphone, which may have potentially unreliable infrastructure connectivity. In response to these unique challenges, this thesis advocates for the adoption of direct, secure, proximity-based communication enablers enhanced with multi-factor authentication (hereafter refereed to MFA) that can integrate/interact with wearable technology. Their intelligent combination together with the connection establishment automation relying on the device/user social relations would allow to reliably grant or deny access in cases of both stable and intermittent connectivity to the trusted authority running in the cloud.The introduction will list the main communication paradigms, applications, conventional network architectures, and any relevant wearable-speciļ¬c challenges. Next, the work examines the improved architecture and security enablers for clusterization between wearable gateways with a proximity-based communication as a baseline. Relying on this architecture, the author then elaborates on the social ties potentially overlaying the direct connectivity management in cases of both reliable and unreliable connection to the trusted cloud. The author discusses that social-aware cooperation and trust relations between users and/or the devices themselves are beneļ¬cial for the architecture under proposal. Next, the author introduces a protocol suite that enables temporary delegation of personal device use dependent on diļ¬erent connectivity conditions to the cloud.After these discussions, the wearable technology is analyzed as a biometric and behavior data provider for enabling MFA. The conventional approaches of the authentication factor combination strategies are compared with the āintelligentā method proposed further. The assessment ļ¬nds signiļ¬cant advantages to the developed solution over existing ones.On the practical side, the performance evaluation of existing cryptographic primitives, as part of the experimental work, shows the possibility of developing the experimental methods further on modern wearable devices.In summary, the set of enablers developed here for wearable technology connectivity is aimed at enriching peopleās everyday lives in a secure and usable way, in cases when communication to the cloud is not consistently available
Strangers in the Room: Unpacking Perceptions of 'Smartness' and Related Ethical Concerns in the Home
The increasingly widespread use of 'smart' devices has raised multifarious
ethical concerns regarding their use in domestic spaces. Previous work
examining such ethical dimensions has typically either involved empirical
studies of concerns raised by specific devices and use contexts, or
alternatively expounded on abstract concepts like autonomy, privacy or trust in
relation to 'smart homes' in general. This paper attempts to bridge these
approaches by asking what features of smart devices users consider as rendering
them 'smart' and how these relate to ethical concerns. Through a multimethod
investigation including surveys with smart device users (n=120) and
semi-structured interviews (n=15), we identify and describe eight types of
smartness and explore how they engender a variety of ethical concerns including
privacy, autonomy, and disruption of the social order. We argue that this
middle ground, between concerns arising from particular devices and more
abstract ethical concepts, can better anticipate potential ethical concerns
regarding smart devices.Comment: 10 pages, 1 figure. To appear in the Proceedings of the 2020 ACM
Conference on Designing Interactive Systems (DIS '20
FastZIP: Faster and More Secure Zero-Interaction Pairing
With the advent of the Internet of Things (IoT), establishing a secure
channel between smart devices becomes crucial. Recent research proposes
zero-interaction pairing (ZIP), which enables pairing without user assistance
by utilizing devices' physical context (e.g., ambient audio) to obtain a shared
secret key. The state-of-the-art ZIP schemes suffer from three limitations: (1)
prolonged pairing time (i.e., minutes or hours), (2) vulnerability to
brute-force offline attacks on a shared key, and (3) susceptibility to attacks
caused by predictable context (e.g., replay attack) because they rely on
limited entropy of physical context to protect a shared key. We address these
limitations, proposing FastZIP, a novel ZIP scheme that significantly reduces
pairing time while preventing offline and predictable context attacks. In
particular, we adapt a recently introduced Fuzzy Password-Authenticated Key
Exchange (fPAKE) protocol and utilize sensor fusion, maximizing their
advantages. We instantiate FastZIP for intra-car device pairing to demonstrate
its feasibility and show how the design of FastZIP can be adapted to other ZIP
use cases. We implement FastZIP and evaluate it by driving four cars for a
total of 800 km. We achieve up to three times shorter pairing time compared to
the state-of-the-art ZIP schemes while assuring robust security with
adversarial error rates below 0.5%.Comment: ACM MobiSys '21 - Code and data at:
https://github.com/seemoo-lab/fastzi
- ā¦