ITU K ALEIDOSCOPE 2013 October 18, 2012 G RIFFIN – A PRIL 2013 IEEE Global Communications 2015 Conference IoTAAL Workshop - Sunday, December 6, 2015 Security.

Slides:

Advertisements

Similar presentations

Use of Public-Key Infrastructure (PKI) Erik Andersen Association for the Directory Information and Related Search Industry (EIDQ -

Advertisements

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Frank Stajano Presented by Patrick Davis 1.  Ubiquitous Computing ◦ Exact concept inception date is unknown ◦ Basically background computing in life.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.

Increased Security, while protecting Privacy ? True or False ? Christer Bergman, President and CEO, Precise Biometrics.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Introduction to PKI, Certificates & Public Key Cryptography Erwan Lemonnier.

The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.

Implementation of LSI for Privacy Enhancing Computation Kazue Sako, Sumio Morioka

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Principles of Information Security, 2nd edition1 Cryptography.

User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.

FIT3105 Smart card based authentication and identity management Lecture 4.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

Authentication. Terminology  Authentication التثبت من الهوية  Access Control (authorization) التحكم في الوصول  Note the difference between the two.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.

Applied Cryptography for Network Security

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.

Computer Science Public Key Management Lecture 5.

RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.

Chapter 10: Authentication Guide to Computer Network Security.

Author of Record Digital Identity Management Sub-Workgroup October 24, 2012.

Information Security for Managers (Master MIS)

Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

CS 736 A methodology for Analyzing the Performance of Authentication Protocol by Laseinde Olaoluwa Peter Department of Computer Science West Virginia.

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

Cryptography and Network Security (CS435) Part One (Introduction)

28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.

1 Using GSM/UMTS for Single Sign-On 28 th October 2003 SympoTIC 2003 Andreas Pashalidis and Chris J. Mitchell.

CIST/ETRI/ISIT/KDDI/Kyusyu Univ./NICT Joint Research Workshop on Ubiquitous Network Security 2005 Verifier-Based Password-Authenticated Key Exchange Jeong.

CSCE 522 Identification and Authentication. CSCE Farkas2Reading Reading for this lecture: Required: – Pfleeger: Ch. 4.5, Ch. 4.3 Kerberos – An Introduction.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.

06/02/06 Workshop on knowledge sharing using the new WWW tools May 30 – June 2, 2006 GROUP Presentation Group 5 Group Members Ambrose Ruyooka Emmanuel.

ICC Module 3 Lesson 5 – IT Security 1 / 4 © 2015 Ph. Janson Information, Computing & Communication Security – Clip 0 – Introduction School of Computer.

Chapter 19 Manager of Information Systems. Defining Informatics Process of using cognitive skills and computers to manage information.

Authenticated Key Exchange I. Definitions I. MAP I. matching conversations II. oracles II. (I)KA II. AKEP2 III. AKEP2 Security I. Session Keys II. Perfect.

Azam Supervisor : Prof. Raj Jain

Hoda Jannati School of Computer Science

Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.

Meeting Reports  A new delegation-based authentication protocol for use in portable communication systems IEEE Transactions on Wireless Communications,

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Security of the Internet of Things: perspectives and challenges

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Dr. Nermin Hamza.  Attacks:  Traffic Analysis : traffic analysis occurs when an eavesdroppers observes message traffic on network. Not understand the.

A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.

Digital Identity and My Data as Business Enablers 1 My Pekka Turpeinen, Business Architect.

Understand User Authentication LESSON 2.1A Security Fundamentals.

CSCE 522 Identification and Authentication

Microsoft Passport and Windows Hello Developer’s Guide to Windows 10 Build SDK Update Andy Wigley

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

Private and Secure Biometric User Authentication in the Web Master Thesis Defense Zaki Alsubhi Department of Computer Science University of Colorado.

Authentication.

draft-ietf-dmm-4283mnids Charlie Perkins

Presentation transcript:

ITU K ALEIDOSCOPE 2013 October 18, 2012 G RIFFIN – A PRIL 2013 IEEE Global Communications 2015 Conference IoTAAL Workshop - Sunday, December 6, 2015 Security for Ambient Assisted Living Phillip H. Griffin Griffin Information Security

State of Things IoTAAL Workshop IoT Ambient Assisted Living Landscape G RIFFIN – December — Assisted home care needs: growing populations of elderly, disabled — Few AAL research projects consider security and privacy aspects — Universal Access through user choice of authentication method — Biometric options can enable access for elderly and disabled users — Mutual and multifactor authentication using biometrics IEEE GLOBECOM 2015

Something More IoTAAL Workshop Biometric authentication: Something-You-Are G RIFFIN – December — Sensor collects sample to enroll user in biometric system — Data extracted from sample to create biometric reference template — Uniquely Identifiable template stored for later user matching — Sensor can collect knowledge and biometric data — Extracted biometric knowledge: a shared “weak secret” — Secret drives Authenticated Key Exchange (AKE) protocol Biometric sensor data can also contain Something-You-Know IEEE GLOBECOM 2015 Tagged IoT objects can be Something-You-Have — People can be associated with physical objects — RFID tags can be bound to biometric reference templates

Something You Know IoTAAL Workshop Biometric-AKE | Password Authenticated Key Exchange AKE - Strong cryptographic protection of communications G RIFFIN – December — Mutual authentication using shared knowledge (No PKI overhead) — Key Establishment, not Key Exchange (Diffie-Hellman key agreement) — Defeats Man-In-The-Middle, Phishing (Weak secret not revealed) — Perfect Forward Secrecy (Key compromise contained) IEEE GLOBECOM 2015

Something You Have IoTAAL Workshop A physical object: Something-You-Have authentication factor G RIFFIN – December — Traditionally, these objects have been issued by an authority: drivers license, payment card, passport, ID badge,... — In the Internet of Things (IoT) objects might be a door, car, appliance, … — An object with an embedded RFID can be uniquely identified — IoT objects can be ‘possessed’ by more than one person (shared objects) — Individuals can be associated with physical objects by cryptographically binding object’s tag ID to their biometric template using a digital signature IEEE GLOBECOM 2015

Deeper Dive IoTAAL Workshop Griffin, P. (2015). Security for Ambient Assisted Living. IEEE Global Communications (GLOBECOM) IoT Ambient Assisted Living (IoTAAL) Workshop. Retrieved November 11, 2015, from Griffin, P. (2014). Telebiometric authentication objects. Complex Adaptive Systems 2014 Proceedings. Procedia Computer Science, 36, Retrieved November 11, 2015, from 6 G RIFFIN – December 2015 IEEE GLOBECOM 2015 Griffin, P. (2015). Biometric Knowledge Extraction for Multi-Factor Authentication and Key Exchange. Complex Adaptive Systems 2015 Proceedings. Procedia Computer Science, 61, Retrieved November 11, 2015, from ITU-T X.1035: Password-authenticated key exchange (PAK) protocol (2007). Retrieved November 11, 2015, from X9.73 Cryptographic Message Syntax – ASN.1 and XML. American National Standards Institute. X9.84 Biometric Information Management and Security. American National Standards Institute. ISO/IEC | ITU-T X.cms (Draft)

G RIFFIN – A PRIL 2013 Questions? IoTAAL Workshop Skype: phil.griffin