Recent cyber attacks have shown that the leakage/stealing of big data may result in enormous monetary loss and damage to organizational reputation, and increased identity theft risks for individuals. Furthermore, in the age of big data, protecting the security and privacy of stored data is paramount for maintaining public trust, and getting the full value from the collected data. In this talk, we first discuss the unique security and privacy challenges arise due to big data and the NoSQL systems designed to analyze big data. Also we discuss our proposed SecureDL system that is built on top of existing NoSQL databases such as Hadoop and Spark and designed as a data access broker where each request submitted by a user app is automatically captured. These captured requests are logged, analyzed and then modified (if needed) to conform with security and privacy policies (e.g.,[5]), and submitted to underlying NoSQL database. Furthermore, SecureDL can allow organizations to audit their big data usage to prevent data misuse and comply with various privacy regulations[2]. SecureDL is totally transparent from the user point of view and does not require any change to the user's code and/or the underlying NoSQL database systems. Therefore, it can be deployed on existing NoSQL databases. Later on, we discuss how to add additional security layer for protecting big data using encryption techniques (e.g., [1, 3, 4]). Especially, we discuss our work on leveraging the modern hardware based trusted execution environments (TEEs) such as Intel SGX for secure encrypted data processing. We also discuss how to provide a simple, secure and high level language based framework that is suitable for enabling generic data analytics for non-security experts who do not have security concepts such as "oblivious execution''. Our proposed framework allows data scientists to perform the data analytic tasks with TEEs using a Python/Matlab like high level language; and automatically compiles programs written in our language to optimal execution code by managing issues such as optimal data block sizes for I/O, vectorized computations to simplify much of the data processing, and optimal ordering of operations for certain tasks. Using these design choices, we show how to provide guarantees for efficient and secure big data analytics over encrypted data.
{"title":"Securing Big Data: New Access Control Challenges and Approaches","authors":"Murat Kantarcioglu","doi":"10.1145/3322431.3326330","DOIUrl":"https://doi.org/10.1145/3322431.3326330","url":null,"abstract":"Recent cyber attacks have shown that the leakage/stealing of big data may result in enormous monetary loss and damage to organizational reputation, and increased identity theft risks for individuals. Furthermore, in the age of big data, protecting the security and privacy of stored data is paramount for maintaining public trust, and getting the full value from the collected data. In this talk, we first discuss the unique security and privacy challenges arise due to big data and the NoSQL systems designed to analyze big data. Also we discuss our proposed SecureDL system that is built on top of existing NoSQL databases such as Hadoop and Spark and designed as a data access broker where each request submitted by a user app is automatically captured. These captured requests are logged, analyzed and then modified (if needed) to conform with security and privacy policies (e.g.,[5]), and submitted to underlying NoSQL database. Furthermore, SecureDL can allow organizations to audit their big data usage to prevent data misuse and comply with various privacy regulations[2]. SecureDL is totally transparent from the user point of view and does not require any change to the user's code and/or the underlying NoSQL database systems. Therefore, it can be deployed on existing NoSQL databases. Later on, we discuss how to add additional security layer for protecting big data using encryption techniques (e.g., [1, 3, 4]). Especially, we discuss our work on leveraging the modern hardware based trusted execution environments (TEEs) such as Intel SGX for secure encrypted data processing. We also discuss how to provide a simple, secure and high level language based framework that is suitable for enabling generic data analytics for non-security experts who do not have security concepts such as \"oblivious execution''. Our proposed framework allows data scientists to perform the data analytic tasks with TEEs using a Python/Matlab like high level language; and automatically compiles programs written in our language to optimal execution code by managing issues such as optimal data block sizes for I/O, vectorized computations to simplify much of the data processing, and optimal ordering of operations for certain tasks. Using these design choices, we show how to provide guarantees for efficient and secure big data analytics over encrypted data.","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125495944","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.
{"title":"HITC","authors":"Ahmed Khalil Abdulla, S. Bakiras","doi":"10.1145/3322431.3325104","DOIUrl":"https://doi.org/10.1145/3322431.3325104","url":null,"abstract":"Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"140 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116451460","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Relationship-based access control (ReBAC) provides a flexible approach to specify policies based on relationships between system entities, which makes them a natural fit for many modern information systems, beyond online social networks. In this paper we are concerned with the problem of mining ReBAC policies from lower-level authorization information. Mining ReBAC policies can address transforming access control paradigms to ReBAC, reformulating existing ReBAC policies as more information becomes available, as well as inferring potentially unknown policies. Particularly, we propose a systematic algorithm for mining ReBAC authorization policies, and a first of its kind approach to mine graph transition policies that govern the evolution of ReBAC systems. Experimental evaluation manifests efficiency of the proposed approaches.
{"title":"Generalized Mining of Relationship-Based Access Control Policies in Evolving Systems","authors":"Padmavathi Iyer, A. Masoumzadeh","doi":"10.1145/3322431.3325419","DOIUrl":"https://doi.org/10.1145/3322431.3325419","url":null,"abstract":"Relationship-based access control (ReBAC) provides a flexible approach to specify policies based on relationships between system entities, which makes them a natural fit for many modern information systems, beyond online social networks. In this paper we are concerned with the problem of mining ReBAC policies from lower-level authorization information. Mining ReBAC policies can address transforming access control paradigms to ReBAC, reformulating existing ReBAC policies as more information becomes available, as well as inferring potentially unknown policies. Particularly, we propose a systematic algorithm for mining ReBAC authorization policies, and a first of its kind approach to mine graph transition policies that govern the evolution of ReBAC systems. Experimental evaluation manifests efficiency of the proposed approaches.","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"322 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123477053","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sultan Alsarra, I. Yen, Yongtao Huang, F. Bastani, B. Thuraisingham
Inter-vehicle communication has the potential to significantly improve driving safety, but also raises security concerns. The fundamental mechanism to govern information sharing behaviors is access control. Since vehicular networks have a highly dynamic and open nature, access control becomes very challenging. Existing works are not applicable to the vehicular world. In this paper, we develop a new access control model, openRBAC, and the corresponding mechanisms for access control in vehicular systems. Our approach lets the accessee define a relative role hierarchy, specifying all potential accessor roles in terms of their relative perception to the accessees. Access control policies are defined for the relative roles in the hierarchy. Since the accessee has a clear understanding of the relative roles defined by itself, the policy definitions can be precise and less flawed.
{"title":"An OpenRBAC Semantic Model for Access Control in Vehicular Networks","authors":"Sultan Alsarra, I. Yen, Yongtao Huang, F. Bastani, B. Thuraisingham","doi":"10.1145/3322431.3326328","DOIUrl":"https://doi.org/10.1145/3322431.3326328","url":null,"abstract":"Inter-vehicle communication has the potential to significantly improve driving safety, but also raises security concerns. The fundamental mechanism to govern information sharing behaviors is access control. Since vehicular networks have a highly dynamic and open nature, access control becomes very challenging. Existing works are not applicable to the vehicular world. In this paper, we develop a new access control model, openRBAC, and the corresponding mechanisms for access control in vehicular systems. Our approach lets the accessee define a relative role hierarchy, specifying all potential accessor roles in terms of their relative perception to the accessees. Access control policies are defined for the relative roles in the hierarchy. Since the accessee has a clear understanding of the relative roles defined by itself, the policy definitions can be precise and less flawed.","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125003003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Bernhard J. Berger, Christian Maeder, Rodrigue Wete Nguempnang, K. Sohr, Carlos E. Rubio-Medrano
Many existing software systems like logistics systems or enterprise applications employ data security in a more or less ad hoc fashion. Our approach focuses on access control such as permission-based discretionary access control (DAC), variants of role-based access control (RBAC) with delegation, and attribute-based access control (ABAC). Typically, software systems implement hybrid access control making an effective security analysis and assessment rather difficult. We propose an analysis methodology to reconstruct access control using a novel modular access control model. Our modular approach allows us to flexibly model exactly those access properties that are relevant for a given system. As formalism we use the Object Constraint Language (OCL) with Ecore from the Eclipse Modeling Framework (EMF). We demonstrate the suitability of our access control model for three software systems: a port community system (PCS), a clinical information system (CIS), and an identity management system (IdMS). For the PCS and CIS we model concrete roles and policies. For the IdMS we evaluate our analysis methodology in-depth by reconstructing access control policies from byte code using the Soot analysis framework as well as model transformation techniques (QVTo). The resulting model helped us to identify design deficiencies. Violated OCL invariants such as for mutually exclusive roles or cardinality constraints revealed non-trivial security vulnerabilities.
{"title":"Towards Effective Verification of Multi-Model Access Control Properties","authors":"Bernhard J. Berger, Christian Maeder, Rodrigue Wete Nguempnang, K. Sohr, Carlos E. Rubio-Medrano","doi":"10.1145/3322431.3325105","DOIUrl":"https://doi.org/10.1145/3322431.3325105","url":null,"abstract":"Many existing software systems like logistics systems or enterprise applications employ data security in a more or less ad hoc fashion. Our approach focuses on access control such as permission-based discretionary access control (DAC), variants of role-based access control (RBAC) with delegation, and attribute-based access control (ABAC). Typically, software systems implement hybrid access control making an effective security analysis and assessment rather difficult. We propose an analysis methodology to reconstruct access control using a novel modular access control model. Our modular approach allows us to flexibly model exactly those access properties that are relevant for a given system. As formalism we use the Object Constraint Language (OCL) with Ecore from the Eclipse Modeling Framework (EMF). We demonstrate the suitability of our access control model for three software systems: a port community system (PCS), a clinical information system (CIS), and an identity management system (IdMS). For the PCS and CIS we model concrete roles and policies. For the IdMS we evaluate our analysis methodology in-depth by reconstructing access control policies from byte code using the Soot analysis framework as well as model transformation techniques (QVTo). The resulting model helped us to identify design deficiencies. Violated OCL invariants such as for mutually exclusive roles or cardinality constraints revealed non-trivial security vulnerabilities.","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"128 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123243395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Session details: Keynote Address I","authors":"Jianwei Niu","doi":"10.1145/3338673","DOIUrl":"https://doi.org/10.1145/3338673","url":null,"abstract":"","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115092292","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Protecting software from illegal access, intentional modification or reverse engineering is an inherently difficult practical problem involving code obfuscation techniques and real-time cryptographic protection of code. In traditional systems a secure element (the "dongle") is used to protect software. However, this approach suffers from several technical and economical drawbacks such as the dongle being lost or broken. We present a system that provides such dongles as a cloud service, and more importantly, provides the required cryptographic material to control access to software functionality in real-time. This system is developed as part of an ongoing nationally funded research project and is now entering a first trial stage with stakeholders from different industrial sectors.
{"title":"CloudProtect - A Cloud-based Software Protection Service","authors":"A. Schaad, Björn Grohmann, Oliver Winzenried","doi":"10.1145/3322431.3326447","DOIUrl":"https://doi.org/10.1145/3322431.3326447","url":null,"abstract":"Protecting software from illegal access, intentional modification or reverse engineering is an inherently difficult practical problem involving code obfuscation techniques and real-time cryptographic protection of code. In traditional systems a secure element (the \"dongle\") is used to protect software. However, this approach suffers from several technical and economical drawbacks such as the dongle being lost or broken. We present a system that provides such dongles as a cloud service, and more importantly, provides the required cryptographic material to control access to software functionality in real-time. This system is developed as part of an ongoing nationally funded research project and is now entering a first trial stage with stakeholders from different industrial sectors.","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128729762","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Bo Tang, Hongjuan Kang, Jingwen Fan, Qi Li, R. Sandhu
Internet-of-Things (IoT) is a rapidly-growing transformative expansion of the Internet with increasing influence on our daily life. Since the number of "things" is expected to soon surpass human population, control and automation of IoT devices has received considerable attention from academia and industry. Cross-platform collaboration is highly desirable for better user experience due to fragmentation of user needs and vendor products with time. Centralized approaches have been used to build federated trust among platforms and devices, but limit diversity and scalability. We propose a decentralized trust framework, called IoT Passport, for cross-platform collaborations using blockchain technology. IoT Passport is motivated by the familiar use of passports for international travel but with greater dynamism. It enables platforms to establish arbitrary trust relations with each other containing specific rules for intended collaborations, enforced by a combination of smart contracts. Each interaction among devices is signed by the participants and recorded on the blockchain. The records are utilized as attributes for authorization and as proofs of incentive plans. This approach incorporates the preferences of participating platforms and end users, and opens new avenues for collaborative edge computing as well as research on blockchain-based access control mechanism for IoT environments.
{"title":"IoT Passport: A Blockchain-Based Trust Framework for Collaborative Internet-of-Things","authors":"Bo Tang, Hongjuan Kang, Jingwen Fan, Qi Li, R. Sandhu","doi":"10.1145/3322431.3326327","DOIUrl":"https://doi.org/10.1145/3322431.3326327","url":null,"abstract":"Internet-of-Things (IoT) is a rapidly-growing transformative expansion of the Internet with increasing influence on our daily life. Since the number of \"things\" is expected to soon surpass human population, control and automation of IoT devices has received considerable attention from academia and industry. Cross-platform collaboration is highly desirable for better user experience due to fragmentation of user needs and vendor products with time. Centralized approaches have been used to build federated trust among platforms and devices, but limit diversity and scalability. We propose a decentralized trust framework, called IoT Passport, for cross-platform collaborations using blockchain technology. IoT Passport is motivated by the familiar use of passports for international travel but with greater dynamism. It enables platforms to establish arbitrary trust relations with each other containing specific rules for intended collaborations, enforced by a combination of smart contracts. Each interaction among devices is signed by the participants and recorded on the blockchain. The records are utilized as attributes for authorization and as proofs of incentive plans. This approach incorporates the preferences of participating platforms and end users, and opens new avenues for collaborative edge computing as well as research on blockchain-based access control mechanism for IoT environments.","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116922175","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In recent years, developers have used the proliferation of biometric sensors in smart devices, along with recent advances in deep learning, to implement an array of biometrics-based authentication systems. Though these systems demonstrate remarkable performance and have seen wide acceptance, they present unique and pressing security and privacy concerns. One proposed method which addresses these concerns is the elegant, fusion-based BioCapsule method. The BioCapsule method is provably secure, privacy-preserving, cancellable and flexible in its secure feature fusion design. In this work, we extend BioCapsule to face-based recognition. Moreover, we incorporate state-of-art deep learning techniques into a BioCapsule-based facial authentication system to further enhance secure recognition accuracy. We compare the performance of an underlying recognition system to the performance of the BioCapsule-embedded system in order to demonstrate the minimal effects of the BioCapsule scheme on underlying system performance. We also demonstrate that the BioCapsule scheme outperforms or performs as well as many other proposed secure biometric techniques.
{"title":"Enhancing Biometric-Capsule-based Authentication and Facial Recognition via Deep Learning","authors":"Tyler Phillips, X. Zou, Feng Li, Ninghui Li","doi":"10.1145/3322431.3325417","DOIUrl":"https://doi.org/10.1145/3322431.3325417","url":null,"abstract":"In recent years, developers have used the proliferation of biometric sensors in smart devices, along with recent advances in deep learning, to implement an array of biometrics-based authentication systems. Though these systems demonstrate remarkable performance and have seen wide acceptance, they present unique and pressing security and privacy concerns. One proposed method which addresses these concerns is the elegant, fusion-based BioCapsule method. The BioCapsule method is provably secure, privacy-preserving, cancellable and flexible in its secure feature fusion design. In this work, we extend BioCapsule to face-based recognition. Moreover, we incorporate state-of-art deep learning techniques into a BioCapsule-based facial authentication system to further enhance secure recognition accuracy. We compare the performance of an underlying recognition system to the performance of the BioCapsule-embedded system in order to demonstrate the minimal effects of the BioCapsule scheme on underlying system performance. We also demonstrate that the BioCapsule scheme outperforms or performs as well as many other proposed secure biometric techniques.","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125569055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Eduard Marin, Enrique Argones-Rúa, Dave Singelée, B. Preneel
With the increasing capabilities of wearable sensors and implantable medical devices, new opportunities arise to diagnose, control and treat several chronic conditions. Unfortunately, these advancements also open new attack vectors, making security an essential requirement for the further adoption of these devices. Researchers have already developed security solutions tailored to their unique requirements and constraints. However, a fundamental yet unsolved problem is how to securely and efficiently establish and manage cryptographic keys. One of the most promising approaches is the use of patient's physiological signals for key establishment. This paper aims at identifying common pitfalls in physiological-signal-based cryptographic protocols. These solutions are very fragile because errors can be introduced at different stages, including the choice of the physiological signal, the design of the protocol or its implementation. We start by reviewing previous work that has succeeded in measuring various physiological signals remotely. Subsequently, we conduct a thorough security analysis of two cryptographic solutions well-accepted by the security community, namely the H2H protocol (Rostami et al. - CCS 2013) and the Biosec protocol (Cherukuri et al. - ICISIP 2006). Our evaluation reveals that these protocols have serious design and implementation security weaknesses. Driven by our findings, we then describe how to use fuzzy extractors for designing secure and efficient cryptographic solutions based on the patients' physiological signals. Finally, we discuss research directions for future work.
{"title":"On the Difficulty of Using Patient's Physiological Signals in Cryptographic Protocols","authors":"Eduard Marin, Enrique Argones-Rúa, Dave Singelée, B. Preneel","doi":"10.1145/3322431.3325099","DOIUrl":"https://doi.org/10.1145/3322431.3325099","url":null,"abstract":"With the increasing capabilities of wearable sensors and implantable medical devices, new opportunities arise to diagnose, control and treat several chronic conditions. Unfortunately, these advancements also open new attack vectors, making security an essential requirement for the further adoption of these devices. Researchers have already developed security solutions tailored to their unique requirements and constraints. However, a fundamental yet unsolved problem is how to securely and efficiently establish and manage cryptographic keys. One of the most promising approaches is the use of patient's physiological signals for key establishment. This paper aims at identifying common pitfalls in physiological-signal-based cryptographic protocols. These solutions are very fragile because errors can be introduced at different stages, including the choice of the physiological signal, the design of the protocol or its implementation. We start by reviewing previous work that has succeeded in measuring various physiological signals remotely. Subsequently, we conduct a thorough security analysis of two cryptographic solutions well-accepted by the security community, namely the H2H protocol (Rostami et al. - CCS 2013) and the Biosec protocol (Cherukuri et al. - ICISIP 2006). Our evaluation reveals that these protocols have serious design and implementation security weaknesses. Driven by our findings, we then describe how to use fuzzy extractors for designing secure and efficient cryptographic solutions based on the patients' physiological signals. Finally, we discuss research directions for future work.","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"46 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131784786","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: