ZETA - Zero-Trust Authentication: Relying on Innate Human Ability, not Technology

Reliable authentication requires the devices and channels involved in the process to be trustworthy; otherwise authentication secrets can easily be compromised. Given the unceasing efforts of attackers worldwide such trustworthiness is increasingly not a given. A variety of technical solutions, such as utilising multiple devices/channels and verification protocols, has the potential to mitigate the threat of untrusted communications to a certain extent. Yet such technical solutions make two assumptions: (1) users have access to multiple devices and (2) attackers will not resort to hacking the human, using social engineering techniques. In this paper, we propose and explore the potential of using human-based computation instead of solely technical solutions to mitigate the threat of untrusted devices and channels. ZeTA (Zero Trust Authentication on untrusted channels) has the potential to allow people to authenticate despite compromised channels or communications and easily observed usage. Our contributions are threefold: (1) We propose the ZeTA protocol with a formal definition and security analysis that utilises semantics and human-based computation to ameliorate the problem of untrusted devices and channels. (2) We outline a security analysis to assess the envisaged performance of the proposed authentication protocol. (3) We report on a usability study that explores the viability of relying on human computation in this context

Individual Verifiability for E-Voting, From Formal Verification To Machine Learning

The cornerstone of secure electronic voting protocols lies in the principle of individual verifiability. This thesis delves into the intricate task of harmonizing this principle with two other crucial aspects: ballot privacy and coercion-resistance. In the realm of electronic voting, individual verifiability serves as a critical safeguard. It empowers each voter with the ability to confirm that their vote has been accurately recorded and counted in the final tally. This thesis explores the intricate balance between this pivotal aspect of electronic voting and the equally important facets of ballot privacy and coercion-resistance. Ballot privacy, or the assurance that a voter's choice remains confidential, is a fundamental right in democratic processes. It ensures that voters can express their political preferences without fear of retribution or discrimination. On the other hand, coercion-resistance refers to the system's resilience against attempts to influence or manipulate a voter's choice. Furthermore, this thesis also ventures into an empirical analysis of the effectiveness of individual voter checks in ensuring a correct election outcome. It considers a scenario where an adversary possesses additional knowledge about the individual voters and can strategically decide which voters to target. The study aims to estimate the degree to which these checks can still guarantee the accuracy of the election results under such circumstances. In essence, this thesis embarks on a comprehensive exploration of the dynamics between individual verifiability, ballot privacy, and coercion-resistance in secure electronic voting protocols. It also seeks to quantify the effectiveness of individual voter checks in maintaining the integrity of election outcomes, particularly when faced with a knowledgeable and capable adversary. The first contribution of this thesis is revisiting the seminal coercion-resistant e-voting protocol by Juels, Catalano, and Jakobsson (JCJ), examining its usability and practicality. It discusses the credential handling system proposed by Neumann et al., which uses a smart card to unlock or fake credentials via a PIN code. The thesis identifies several security concerns with the JCJ protocol, including an attack on coercion-resistance due to information leakage from the removal of duplicate ballots. It also addresses the issues of PIN errors and the single point of failure associated with the smart card. To mitigate these vulnerabilities, we propose hardware-flexible protocols that allow credentials to be stored by ordinary means while still being PIN-based and providing PIN error resilience. One of these protocols features a linear tally complexity, ensuring efficiency and scalability for large-scale electronic voting systems. The second contribution of this thesis pertains to the exploration and validation of the ballot privacy definition proposed by Cortier et. al., particularly in the context of an adversarial presence. Our exploration involves both the Selene and the MiniVoting abstract scheme. We apply Cortier's definition of ballot privacy to this scheme, investigating how it holds up under this framework. To ensure the validity of our findings, we employ the use of tools for machine-checked proof. This method provides a rigorous and reliable means of verifying our results, ensuring that our conclusions are both accurate and trustworthy. The final contribution of this thesis is a detailed examination and analysis of the Estonian election results. This analysis is conducted in several phases, each contributing to a comprehensive understanding of the election process. The first phase involves a comprehensive marginal analysis of the Estonian election results. We compute upper bounds for several margins, providing a detailed statistical overview of the election outcome. This analysis allows us to identify key trends and patterns in the voting data, laying the groundwork for the subsequent phase of our research. We then train multiple binary classifiers to predict whether a voter is likely to verify their vote. This predictive modeling enables an adversary to gain insights into voter behavior and the factors that may influence their decision to verify their vote. With the insights gained from the previous phases, an adversarial classification algorithm for verifying voters is trained. The likelihood of such an adversary is calculated using various machine learning models, providing a more robust assessment of potential threats to the election process

Integrating a usable security protocol for user authentication into the requirements and design process

L'utilisabilité et la sécurité sont des éléments cruciaux dans le processus d'authentification des utilisateurs. L'un des défis majeurs auquel font face les organisations aujourd'hui est d'offrir des systèmes d'accès aux ressources logiques (par exemple, une application informatique) et physiques (par exemple, un bâtiment) qui soient à la fois sécurisées et utilisables. Afin d'atteindre ces objectifs, il faut d'abord mettre en œuvre les trois composantes indispensables que sont l'identification (c.-à-d., définir l'identité d'un utilisateur), l'authentification (c.-à-d., vérifier l'identité d'un utilisateur) et l'autorisation (c.-à-d., accorder des droits d'accès à un utilisateur). Plus particulièrement, la recherche en authentification de l'utilisateur est essentielle. Sans authentification, par exemple, des systèmes informatiques ne sont pas capables de vérifier si un utilisateur demandant l'accès à une ressource possède les droits de le faire. Bien que plusieurs travaux de recherche aient porté sur divers mécanismes de sécurité, très peu de recherches jusqu'à présent ont porté sur l'utilisabilité et la sécurité des méthodes d'authentification des utilisateurs. Pour cette raison, il nous paraît nécessaire de développer un protocole d'utilisabilité et de sécurité pour concevoir les méthodes d'authentification des utilisateurs. La thèse centrale de ce travail de recherche soutient qu'il y a un conflit intrinsèque entre la création de systèmes qui soient sécurisés et celle de systèmes qui soient facile d'utilisation. Cependant, l'utilisabilité et la sécurité peuvent être construites de manière synergique en utilisant des outils d'analyse et de conception qui incluent des principes d'utilisabilité et de sécurité dès l'étape d'Analyse et de Conception de la méthode d'authentification. Dans certaines situations il est possible d'améliorer simultanément l'utilisabilité et la sécurité en revisitant les décisions de conception prises dans le passé. Dans d'autres cas, il est plus avantageux d'aligner l'utilisabilité et la sécurité en changeant l'environnement régulateur dans lequel les ordinateurs opèrent. Pour cette raison, cette thèse a comme objectif principal non pas d'adresser l'utilisabilité et la sécurité postérieurement à la fabrication du produit final, mais de faire de la sécurité un résultat naturel de l'étape d'Analyse et de Conception du cycle de vie de la méthode d'authentification. \ud ______________________________________________________________________________ \ud MOTS-CLÉS DE L’AUTEUR : authentification de l'utilisateur, utilisabilité, sécurité informatique, contrôle d'accès

TEDDI: Tamper Event Detection on Distributed Cyber-Physical Systems

Edge devices, or embedded devices installed along the periphery of a power grid SCADA network, pose a significant threat to the grid, as they give attackers a convenient entry point to access and cause damage to other essential equipment in substations and control centers. Grid defenders would like to protect these edge devices from being accessed and tampered with, but they are hindered by the grid defender\u27s dilemma; more specifically, the range and nature of tamper events faced by the grid (particularly distributed events), the prioritization of grid availability, the high costs of improper responses, and the resource constraints of both grid networks and the defenders that run them makes prior work in the tamper and intrusion protection fields infeasible to apply. In this thesis, we give a detailed description of the grid defender\u27s dilemma, and introduce TEDDI (Tamper Event Detection on Distributed Infrastructure), a distributed, sensor-based tamper protection system built to solve this dilemma. TEDDI\u27s distributed architecture and use of a factor graph fusion algorithm gives grid defenders the power to detect and differentiate between tamper events, and also gives defenders the flexibility to tailor specific responses for each event. We also propose the TEDDI Generation Tool, which allows us to capture the defender\u27s intuition about tamper events, and assists defenders in constructing a custom TEDDI system for their network. To evaluate TEDDI, we collected and constructed twelve different tamper scenarios, and show how TEDDI can detect all of these events and solve the grid defender\u27s dilemma. In our experiments, TEDDI demonstrated an event detection accuracy level of over 99% at both the information and decision point levels, and could process a 99-node factor graph in under 233 microseconds. We also analyzed the time and resources needed to use TEDDI, and show how it requires less up-front configuration effort than current tamper protection solutions

Application of artificial intelligence techniques to the smart control of sheet metal forming processes

The present research work aims at evaluating the economical feasibility and the technological viability of implementing intelligent control systems in complex industrial manufacturing processes; in this case forming processes. Forming processes are manufacturing processes that use force and pressure in order to modify the shape of a material part until getting the final product. The wide range of non-linear factors (material properties, tool geometry, machine parameters and lubrication variables) that determine the final quality of the parts manufactured by these processes makes them to be inherently quite unstable. Thus, the control made by human operators is still essential nowadays. On the other hand, although human operators have demonstrated to be a very successful strategy when controlling this type of processes, the actual market evolution towards the fabrication of more complex parts, made of lower formability materials at higher production rates is decreasing their capacity of reaction when solving the daily problems. Therefore, the development of new automatic and global control systems based, not on traditional control techniques and mathematical models but on the control strategy that has been successfully used for many years, the control through the experience and knowledge, is now even more necessary. In the present research work, two intelligent control systems based on AI techniques have been developed and evaluated. The main purpose of these intelligent control systems is to identify the process failures at forming processes and to propose the right solutions that should lead to their solution, all this in a quick and reliable way. Following this strategy, the solution of the process failures is considerably simplified because, after any process failure of defective part detection, human operators find a report where an explanation of the incidence, as well as its causes and the way to solve it, are displayed. This has the inherent advantage of decreasing the length of the downtimes at the manufacturing facilities and thus increasing the number of parts produced. Together with the previously described core of the global control systems, two monitoring systems have been developed and implemented in a forming facility too. The purpose of these monitoring systems is to work as the senses of the intelligent control systems. The first one, an artificial vision system, is aimed at evaluating the quality of the produced parts by carrying out a 100% quality control at the end of the forming process. This will assure the right quality of all the products shipped to the customer. The second one, a sensors based process monitoring system, is aimed at detecting any process failure at the forming facility by means of force and acoustic emissions measurements. This will reduce the internal defective and will assure the security of the forming facility. Both systems are in charge of detecting any process failure and defective part and of reporting about them to the intelligent control system. Since the aim of the research work was to evaluate the feasibility of implementing global intelligent control systems in the industry, all the developments and results achieved through the present research work have been carried out in an industrial environment. The research work is principally divided into three main parts; 1) the development and implementation of the sensors based process monitoring system, 2) the development and implementation of the AV monitoring system and 3) the development of the intelligent control systems. At the end, a summary of all the results and conclusions achieved through the development of the previous mentioned systems is given too.Ikerkuntza lan honen helburua sistema adimendunak fabrikazio prozesu konplexuak kontrolatzeko erabiltzearen bideragarritasuna aztertzea da, bai ekonomikoki eta teknologikoki. Kasu honetan, konformazio prozesuetan inplementatutako sistema adimenduak ikertu dira. Konformazio prozesuak, amaierako produktua lortzeko, hasierako materialari esfortzu edo presioen bidez forma geometrikoa aldatzean datzate. Konformaturiko piezen amaierako kalitatea finkatzen duten aldagai ez-linealen ugaritasun zabalak (materialen propietateak, lanabesen geometriak, makinen parametroak eta/edo lubrifikazioa) prozesu hauek ezegonkorrak izatea ondorioztatzen du. Hori dela medio, gaur egun ere, prozesu hauen kontrola giza-langile bidez egiten da. Langileak prozesu hauek modu eraginkorrean kontrolatzeko gai direla erakutsi du esperientziak. Dena den, deformagarritasun txikiagoko materialez eginiko pieza konplexuagoak kadentzia altuagoetan fabrikatzeko gaur egungo joerak, langileek ezustekoen aurrean erantzuteko duten gaitasuna gutxitu du. Ondorioz, prozesua gainbegiratu eta kontrolatzen duten sistema automatiko eta adimendu berrien garapena beharrezkoa bihurtu da. Sistema hauek ez daude kontrol teknika tradizional edo eredu matematikoetan oinarrituak. Sistema hauen kontrola ezagutza eta esperientzian oinarriturik dago, zeinak azken urteetan emaitza onak eman dituen. Ikerkuntza lan honetan adimen artifizial tekniketan oinarrituriko bi kontrol sistema adimendun garatu eta baloratu dira. Sistema hauen helburu nagusia konformazio prozesuetan emaniko akatsak identifikatu eta automatikoki ebazpenproposamenak aurkeztea da, modu azkar eta sendoan. Estrategia hau jarraituz, prozesuko akatsen ebazpena errazten da, pieza akastunak atzematean edo makinaren geldialdi baten aurrean, sistemak langilea eman beharreko pausuak azaltzen dizkion txosten batez hornituko baitu. Makinaren geldialdiaren murriztea eta ondorioz, produktibitatea igotzea da honen abantaila nagusia, akatsen identifikazioa berehalakoa baita. Kontrol sistema garatzeaz gain, puntzonaketa instalakuntza batean bi monitorizazio sistema martxan jarri dira. Bi monitorizazio sistema hauen helburua prozesuaren informazioa jaso eta kontrol sistemari bidaltzea da. Lehenengoa ikuspen artifizialeko sistema bat da, zeinaren helburua ekoiztutako piezen %100aren kalitatea aztertzea den. Honenbestez, bezeroei bidalitako piezen kalitate egokia bermatzen da. Bigarrena sentsoreetan oinarrituriko prozesuen monitorizazio sistema bat da. Bere helburua prozesuan emaniko edozein akats antzematea da. Honek akastun piezen kantitatea gutxitzen du eta instalakuntzak prozesuen ezegonkortasunetatik babesten ditu. Ondorioz, bi sistemen helburua prozesuan izandako arazo edo pieza akastunak antzematea eta kontrol sistemari hauen berri ematea da. Lan honen helburua aurrez aipaturiko sistemen gaitasuna industri ingurunean ebaluatzea denez, aurkezturiko garapen eta emaitzak enpresa batean burutu dira. Hiru atal nagusi bereiz daitezke lan honetan: 1) sentsoreetan oinarrituriko monitorizazio sistema baten garapen eta inplementazioa; 2) ikuskapen artifizialeko sistemaren garapen eta inplementazioa; eta 3) adimendun kontrolean oinarrituriko sistemen garapena.El presente trabajo de investigación tiene como objetivo evaluar en qué condiciones es económicamente viable y tecnológicamente factible la implementación de sistemas inteligentes de control en procesos de fabricación complejos; en este caso procesos de conformado. Los procesos de conformado son procesos de fabricación basados en la aplicación de esfuerzos o presiones sobre componentes con el objetivo de modificar su forma geométrica hasta conseguir un producto final. El gran abanico de variables no lineales (propiedades de materiales, geometría de herramientas, parámetros de máquinas y/o lubricación) que determinan la calidad final de las piezas conformadas hacen que estos procesos sean inherentemente inestables. Por ello, aun hoy en día, el control de estos procesos se realiza mediante operarios humanos. Por otro lado, aunque la experiencia ha demostrado que los operarios son capaces de controlar estos procesos de manera eficiente, la actual tendencia hacia la fabricación de piezas más complejas, fabricadas en materiales menos deformables y todo ello a cadencias de fabricación mayores, ha hecho que la capacidad de los operarios para reaccionar ante imprevistos se haya visto mermada. Por lo tanto, el desarrollo de nuevos sistemas automáticos e inteligentes de supervisión y control basados, no en técnicas tradicionales de control o en modelos matemáticos, sino en la estrategia de control que ha dado buenos resultados a lo largo de los años, el control basado en la experiencia y el conocimiento, es cada vez más necesario. En el presente trabajo de investigación, se han desarrollado y evaluado dos sistemas inteligentes de control basados en técnicas de inteligencia artificial. El principal objetivo de estos sistemas es ser capaces de identificar los fallos de proceso en procesos de conformado así como de plantear, automáticamente, las instrucciones para su resolución, todo ello de una manera rápida y robusta. Siguiendo esta estrategia, la resolución de los fallos de proceso se simplifica ya que, tras una parada de máquina o la detección de piezas defectuosas, el sistema proporciona al operario un informe donde se detallan las acciones a llevar a cabo. Esto tiene como ventaja una reducción en los tiempos de parada de máquina (y por lo tanto aumento en la cantidad de piezas producidas) ya que la identificación de los fallos es inmediata. Junto con el núcleo del sistema global de control, se han desarrollado e implementando en una instalación de corte progresivo dos sistemas de monitorización. El objetivo de estos dos sistemas de monitorización es recoger información sobre el proceso y enviársela al sistema de control. El primero, un sistema de visión artificial, tiene como objetivo analizar la calidad del 100% de las piezas fabricadas. Esto asegura la correcta calidad de todas las piezas enviadas a los clientes. El segundo, un sistema de monitorización de procesos basado en sensores, tiene como objetivo la detección de cualquier fallo de proceso. Esto reduce el defectivo interno y protege a las instalaciones frente a anomalías de proceso. Por lo tanto, ambos sistemas tienen como misión la detección de cualquier anomalía de proceso o pieza defectiva así como informar al sistema de control sobre las mismas. Puesto que el objetivo de este trabajo es evaluar la capacidad de los sistemas anteriormente citados en el entorno industrial, todos los desarrollos y resultados obtenidos a lo largo del mismo se han llevado a cabo en una empresa. El trabajo se puede dividir en tres partes: 1) el desarrollo e implementación del sistema de monitorización basado en sensores, 2) el desarrollo e implementación del sistema de visión artificial y 3) el desarrollo de los sistemas de control inteligentes

Innovative Wireless Localization Techniques and Applications

Innovative methodologies for the wireless localization of users and related applications are addressed in this thesis. In last years, the widespread diffusion of pervasive wireless communication (e.g., Wi-Fi) and global localization services (e.g., GPS) has boosted the interest and the research on location information and services. Location-aware applications are becoming fundamental to a growing number of consumers (e.g., navigation, advertising, seamless user interaction with smart places), private and public institutions in the fields of energy efficiency, security, safety, fleet management, emergency response. In this context, the position of the user - where is often more valuable for deploying services of interest than the identity of the user itself - who. In detail, opportunistic approaches based on the analysis of electromagnetic field indicators (i.e., received signal strength and channel state information) for the presence detection, the localization, the tracking and the posture recognition of cooperative and non-cooperative (device-free) users in indoor environments are proposed and validated in real world test sites. The methodologies are designed to exploit existing wireless infrastructures and commodity devices without any hardware modification. In outdoor environments, global positioning technologies are already available in commodity devices and vehicles, the research and knowledge transfer activities are actually focused on the design and validation of algorithms and systems devoted to support decision makers and operators for increasing efficiency, operations security, and management of large fleets as well as localized sensed information in order to gain situation awareness. In this field, a decision support system for emergency response and Civil Defense assets management (i.e., personnel and vehicles equipped with TETRA mobile radio) is described in terms of architecture and results of two-years of experimental validation