Presentation is loading. Please wait.

Presentation is loading. Please wait.

Many personal devices have rich set of capabilities: sensors, communication, computing power and data storage, and they are personal. Potentially they.

Similar presentations


Presentation on theme: "Many personal devices have rich set of capabilities: sensors, communication, computing power and data storage, and they are personal. Potentially they."— Presentation transcript:

1 Many personal devices have rich set of capabilities: sensors, communication, computing power and data storage, and they are personal. Potentially they can aid the owners in performing authentication and securing communication. (User friendliness) + (Security) + ?

2 Server Terminal User smartcard (password, key) password, biometric Key, location info.

3 1.Personal device is trusted. Terminal untrusted. (Public Kiosk) 2.2-Factor Authentication. 3.Personal device is honest but it can be lost. (cant store sensitive data). Server Terminal User smartcard (password, key) password biometric Key, location info

4 TPM S. Garriss, R. Caceres, S. Berger, R Sailer, L. Doorn, X. Zhang. Trustworthy and Personalized Computing on Public kiosk, MobiSys08 Server Terminal User Personal device to verify that the kiosk has only loaded trustworthy software.

5 A. Oprea, D. Balfanz, G. Durfee and K.K. Smetters, Remote Terminal Application with a Mobile Trusted Device, ACSAC04 Server Terminal User tunnel connection

6 Personal device as OTP token. Oct 1, 2010 Server Terminal User (password, key) password Key Monetary Authority of Singapore expects banks to implement two-factor authentication at login in Internet Banking.

7 Using an out-of-band channel. Mobile authentication Oct 1, 2010 Server Terminal User sms (text message) password (password, OTP) OTP Can be made secure, but difficult to use.

8 Oct 1, 2010 Server Internet Terminal User key D.E. Clarke, B. Gassend, T. Kotwal, M. Burnside, M. Dijk, S. Devadas, and R.L. Rivest. The untrusted computer problem and camera-based authentication. International Conf. on Pervasive Computing, 2002 visual channel Using OCR to verify the messages and their signature

9 Oct 1, 2010 Server Internet Terminal User Image from [Sharp2006] Sharp et al, Secure Mobile Computing Via Public Terminal. key R. Sharp, J. Scott, A. Beresford, Secure Mobile Computing via Public Terminals. International Conference on Pervasive Computing, 2006

10 Oct 1, 2010 Server Internet Terminal User key, password key C. Fang, E.C.Chang, Securing Interactive Sessions Using Mobile Device through Visual Channel and Visual Inspection, ACSAC visual channel password Dat e acc oun t rem ark amo unt

11 Server User smartcard key Key Terminal

12 Server User key, password Key Terminal password

13 Server User ( k ) biometric k= H(Key, biometric) Terminal the biometric data are not stored in the server

14 Technical challenges in using biometric data: They are noisy. The key extracted by the cryptographic secure hash has to be consistent even under noise! – Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data, EUROCRYPT – Linnartz, J.-P.M.G., Tuyls, P., New shielding functions to enhance privacy and prevent misuse of biometric templates. AVBPA 2003

15 We can use the computing power of personal device to enhance security. Can location information help?


Download ppt "Many personal devices have rich set of capabilities: sensors, communication, computing power and data storage, and they are personal. Potentially they."

Similar presentations


Ads by Google