Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Advanced Research on Data Privacy in the ARES Project Kapitel lesen Erstes Kapitel lesen

2015 | OriginalPaper | Buchkapitel

Smart User Authentication for an Improved Data Privacy

verfasst von : Vanesa Daza, Matteo Signorini

Erschienen in: Advanced Research in Data Privacy

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Market analysis predicts that in a few years, companies, universities, government agencies as well as common people in they daily life will increasingly adopt mobile computing systems thus increasingly enjoying the benefits of online, Internet-based services. However, such scenario will also expose user data privacy to severe attacks. This situation has led to the development of authentication approaches aimed at preventing unauthorized access to user data. Many different authentication approaches have been proposed over the last years, starting from basic password to more complex biometric solutions but all of them have proven to suffer from the same weaknesses. This issue drove us to design a solution based upon hardware intrinsic security features and aimed at guaranteeing a high level of data privacy while providing a user friendly authentication process. Our solution shows advanced features of data privacy policies definition making it a good candidate for the construction of future data privacy policies.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Privacy on Mobile Coupons Booklets
Nächstes Kapitel Multi-party Methods for Privacy-Preserving Web Search: Survey and Contributions
Fußnoten
Literatur
1.
2.
3.
4.
Henson, M., Taylor, S.: Memory encryption: a survey of existing techniques. ACM Comput. Surv. (CSUR) 46(4), 53:1–53:26 (2014)
5.
Martin, L.: Key-management infrastructure for protecting stored data. Computer 41(6), 103–104 (2008)
6.
Lei, S., Zishan, D., Jindi, G.: Research on key management infrastructure in cloud computing environment. In: 9th International Conference on Grid and Cooperative Computing (GCC), pp. 404–407, Nov 2010
7.
Ma, Z., Qiao, Y., Lee, B., Fallon, E.: Experimental evaluation of mobile phone sensors. In: 24th IET Irish Signals and Systems Conference (ISSC), pp. 1–8, June 2013
8.
Dass, S.C., Zhu, Y., Jain, A.K.: Validating a biometric authentication system: sample size requirements. IEEE Trans. Pattern Anal. Mach. Intell. 28(12), 1902–1319 (2006)
9.
Maio, D., Maltoni, D., Cappelli, R., Wayman, J.L., Jain, A.K.: FVC2000: fingerprint verification competition. IEEE Trans. Pattern Anal. Mach. Intell. 24(3), 402–412 (2002)
10.
Zhang, Y.-L., Yang, J., Wu, H.-T.: Sweep fingerprint sequence reconstruction for portable devices. Electron Lett 42(4), 204–205 (2006)
11.
Monro, D.M., Rakshit, S., Zhang, D.: DCT-based iris recognition. IEEE Trans. Pattern Anal. Mach. Intell. 29(4), 586–595 (2007)
12.
O’Gorman, L.: Comparing passwords, tokens, and biometrics for user authentication. Proc. IEEE 91(12), 2021–2040 (2003)
13.
Lu, H., Brush, A.J.B., Priyantha, B., Karlson, A.K., Liu, J.: SpeakerSense: energy efficient unobtrusive speaker identification on mobile phones. In: Lyons, K., Hightower, J., Huang, E.M. (eds.) Pervasive Computing, Volume 6696 of Lecture Notes in Computer Science, pp. 188–205. Springer, Berlin Heidelberg (2011)
14.
Clarke, N., Karatzouni, S., Furnell, S.: Flexible and transparent user authentication for mobile devices. In: Gritzalis, D., Lopez, J. (eds.) Emerging Challenges for Security. Privacy and Trust, Volume 297 of IFIP Advances in Information and Communication Technology, pp. 1–12. Springer, Berlin Heidelberg (2009)
15.
Lin, C.-C., Liang, D., Chang, C.-C., Yang, C.-H.: A new non-intrusive authentication method based on the orientation sensor for smartphone users. In: IEEE Sixth International Conference on Software Security and Reliability (SERE), pp. 245–252, June 2012
16.
Lin, C.-C., Chang, C.-C., Liang, D.: A new non-intrusive authentication approach for data protection based on mouse dynamics. In: International Symposium on Biometrics and Security Technologies (ISBAST), pp. 9–14, March 2012
17.
Derawi, M.O., Bours, P., Holien, K.: Improved cycle detection for accelerometer based gait authentication. In: Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), pp. 312–317, Oct 2010
18.
Gafurov, D., Helkala, K., Søndrol, T.: Biometric gait authentication using accelerometer sensor. J. Comput. 1(7), 9 (2006)
19.
Mazhelis, O., Markkula, J., Veijalainen, J.: An integrated identity verification system for mobile terminals. Inf. Manage. Comput. Secur. 13(5), 367–378 (2005)CrossRef
20.
Conti, M., Zachia-Zlatea, I., Crispo, B.: Mind how you answer me!: transparently authenticating the user of a smartphone when answering or placing a call. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS’11, pp. 249–259. ACM, New York, NY, USA (2011)
21.
Shi, W., Yang, J., Jiang, Y., Yang, F., Xiong, Y.: SenGuard: passive user identification on smartphones using multiple sensors. In: IEEE 7th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 141–148, Oct 2011
22.
Riva, O., Qin, C., Strauss, K., Lymberopoulos, D.: Progressive authentication: deciding when to authenticate on mobile phones. In: Proceedings of 21st USENIX Security Symposium, 2012
23.
Zargarzadeh, M., Maghooli, K.: A behavioral biometric authentication system based on memory game. Biosci. Biotechnol. Res. Asia 10(2), 781–787 (2013)
24.
Misra, S.: A very simple user access control technique through smart device authentication using bluetooth communication. In: International Conference on Electronics, Communication and Instrumentation (ICECI), pp. 1–4. IEEE (2014)
25.
Kang, J., Nyang, D., Lee, K.: Two-factor face authentication using matrix permutation transformation and a user password. Inf. Sci. 269, 1–20 (2014)
26.
Luo, S., Hu, J., Chen, Z.: An identity-based one-time password scheme with anonymous authentication. In: International Conference on Networks Security, Wireless Communications and Trusted Computing, (NSWCTC), vol. 2, pp. 864–867, April 2009
27.
R.G.M.M., Jayamaha, Senadheera, M.R.R., Gamage, T.N.C., Weerasekara, K.D.P.B., Dissanayaka, G.A., Nuwan Kodagoda, G.: VoizLock—human voice authentication system using hidden markov model. In: 4th International Conference on Information and Automation for Sustainability (ICIAFS), pp. 330–335, Dec 2008
28.
Moore, C., King, B.M., Vieta, W.M., Tu, X., Piemonte, P.: Calibrating sensor measurements on mobile devices, Jan 2014. US Patent 8,626,465 (2014)
29.
Charoen, D.: Password security. Int. J. Secur. (IJS) 8(1), 1 (2014)
30.
Clair, L.S., Johansen, L., Enck, W., Pirretti, M., Traynor, P., McDaniel, P., Jaeger, T.: Password exhaustion: predicting the end of password usefulness. In: Proceedings of the Second International Conference on Information Systems Security, ICISS’06, pp. 37–55. Springer, Berlin, Heidelberg (2006)
31.
32.
Vishwakarma, D., Veni Madhavan, C.E.: Efficient dictionary for salted password analysis. In: IEEE International Conference on Electronics, Computing and Communication Technologies (IEEE CONECCT), pp. 1–6. IEEE (2014)
33.
Sharma, N., Rathi, R., Jain, V., Waseem Saifi, M.: A novel technique for secure information transmission in videos using salt cryptography. In: Nirma University International Conference on Engineering (NUiCONE), pp. 1–6, Dec 2012
34.
Fujioka, A., Okamoto, Y., Saito, T.: Security of sequential multiple encryption. In: Proceedings of the First International Conference on Progress in Cryptology: Cryptology and Information Security in Latin America, LATINCRYPT’10, pp. 20–39. Springer, Berlin, Heidelberg (2010)
35.
Kemshall, A.: Feature: why mobile two-factor authentication makes sense. Netw. Secur. 2011(4), 9–12 (2011)
36.
Lu, H.K., Ali, A.: Communication security between a computer and a hardware token. In: Third International Conference on Systems (ICONS), pp. 220–225, April 2008
37.
Li, N., Sharif Mansouri, S., Dubrova, E.: Secure key storage using state machines. In: IEEE 43rd International Symposium on Multiple-Valued Logic (ISMVL), pp. 290–295, May 2013
38.
Kalman, G., Noll, J.: SIM as secure key storage in communication networks. In: Third International Conference on Wireless and Mobile Communications (ICWMC), pp. 55–55, March 2007
39.
Gallo, R., Kawakami, H., Dahab, R.: Case study: on the security of key storage on PCs. In: 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1645–1651, July 2013
40.
Seok, M., Hanson, S., Seo, J.-S., Sylvester, D., Blaauw, D.: Robust ultra-low voltage ROM design. In: IEEE Custom Integrated Circuits Conference (CICC), pp. 423–426 (2008)
41.
Ebrard, E., Allard, B., Candelier, P., Waltz, P.: Review of fuse and antifuse solutions for advanced standard CMOS technologies. Microelectron. J. 40(12), 1755–1765 (2009)
42.
Yoon, J.-H.: Memory properties of AI-based nanoparticle floating gate for nonvolatile memory applications. J. Korean Phys. Soc. 61(5), 799–802 (2012)CrossRef
43.
Wu, M., Willy, Z.: eNVy: a non-volatile, main memory storage system. SIGPLAN Not. 29(11), 86–97 (1994)
44.
Prochnow, D.: Experiments with EPROMS. McGraw-Hill Professional, New York (1988)
45.
Kratochvil, B.E., Dong, L., Nelson, B.J.: Real-time rigid-body visual tracking in a scanning electron microscope. In: 7th IEEE Conference on Nanotechnology (IEEE-NANO), vol. 28(4), pp. 498–511, April 2009
46.
Korosec, M., Duhovnik, J., Vukasinovic, N.: Identification and optimization of key process parameters in noncontact laser scanning for reverse engineering. Comput. Aided Des. 42(8), 744–748 (2010)
47.
Murthy, M.S.N., Jones, M.G., Kulka, J., Davies, J.D., Halliwell, M., Jackson, P.C., Bull, D.R., Wells, P.N.T.: Infrared confocal microscope. In: IEEE Colloquium on New Microscopies in Medicine and Biology, pp. 1–2 (1994)
48.
Melngailis, J.: Focused ion beam technology and applications. J. Vac. Sci. Technol. B Microelectron. Nanometer Struct. 5(2), 469–495 (1987)CrossRef
49.
Sadeghi, A.-R., Naccache, D.: Towards Hardware-Intrinsic Security: Foundations and Practice, 1st edn. Springer-Verlag New York Inc, New York (2010)
50.
Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297(5589), 2026–2030 (2002)CrossRef
51.
Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Silicon physical random functions. In: Proceedings of the 9th ACM conference on Computer and communications security, CCS’02, pp. 148–160. ACM, New York, NY, USA (2002)
52.
Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: 44th ACM/IEEE, Design Automation Conference 2007 DAC’07, pp. 9–14, June 2007
53.
van der Leest, V., Tuyls, P.: Anti-counterfeiting with hardware intrinsic security. In: Design, Automation Test in Europe Conference Exhibition (DATE), pp. 1137–1142 (2013)
54.
Handschuh, H.: Hardware intrinsic security based on SRAM PUFs: tales from the industry. In: IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 127–127 (2011)
55.
Rose, G.S., Rajendran, J., McDonald, N., Karri, R., Potkonjak, M., Wysocki, B.: Hardware security strategies exploiting nanoelectronic circuits. In: 18th Asia and South Pacific Design Automation Conference (ASP-DAC), pp. 368–372 (2013)
56.
Majzoobi, M., Koushanfar, F., Potkonjak, M.: Testing techniques for hardware security. In: IEEE International Test Conference (ITC), pp. 1–10 (2008)
57.
Lee, J.W., Lim, D., Gassend, B., Suh, G.E., van Dijk, M., Devadas, S.: A technique to build a secret key in integrated circuits for identification and authentication applications. In: Symposium on VLSI Circuits, Digest of Technical Papers, pp. 176–179, June 2004
58.
Ozturk, E., Hammouri, G., Sunar, B.: Towards robust low cost authentication for pervasive devices. In: Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom), pp. 170–178, March 2008
59.
Lin, L., Holcomb, D., Krishnappa, D.K., Shabadi, P., Burleson, W.: Low-power sub-threshold design of secure physical unclonable functions. In: ACM/IEEE International Symposium on Low-Power Electronics and Design (ISLPED), pp. 43–48, Aug 2010
60.
Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Proceedings of the 9th International Workshop on Cryptographic Hardware and Embedded Systems, CHES’07, pp. 63–80. Springer-Verlag, Berlin, Heidelberg (2007)
61.
Holcomb, D.E., Burleson, W.P., Kevin, F.: Power-up SRAM state as an identifying fingerprint and source of true random numbers. IEEE Trans. Comput. 58(9), 1198–1210 (2009)
62.
van der Leest, V., Schrijen, G.-J., Handschuh, H., Tuyls, P.: Hardware intrinsic security from D flip-flops. In: Proceedings of the Fifth ACM Workshop on Scalable Trusted Computing, STC’10, pp. 53–62. ACM, New York, NY, USA (2010)
63.
Su, Y., Holleman, J., Otis, B.P.: A 1.6pJ/bit 96 variations. In: IEEE International Solid-State Circuits Conference (ISSCC), pp. 406–611, Feb 2007
64.
Kumar, S.S., Guajardo, J., Maes, R., Schrijen, G.-J., Tuyls, P.: Extended abstract: the butterfly PUF protecting IP on every FPGA. In: IEEE International Workshop on Hardware-Oriented Security and Trust (HOST), pp. 67–70, June 2008
65.
Katzenbeisser, S., Koçabas, Ü., van der Leest, V., Sadeghi, A.-R., Schrijen, G.-J., Schröder, H., Wachsmann, C.: Recyclable PUFs: logically reconfigurable PUFs. In: Proceedings of the 13th International Conference on Cryptographic Hardware and Embedded Systems, CHES’11, pp. 374–389. Springer-Verlag, Berlin, Heidelberg (2011)
66.
Kursawe, K., Sadeghi, A.-R., Schellekens, D., Skoric, B., Tuyls, P.: Reconfigurable physical unclonable functions—enabling technology for tamper-resistant storage. In: Proceedings of the 2009 IEEE International Workshop on Hardware-Oriented Security and Trust, HST’09, pp. 22–29. IEEE Computer Society, Washington, DC, USA (2009)
67.
Lim, D., Lee, J.W., Gassend, B., Suh, G.E., van Dijk, M., Devadas, S.: Extracting secret keys from integrated circuits. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 13(10), 1200–1205 (2005)
68.
Daza, V., Di Pietro, R., Lombardi, F., Signorini, M.: Fully off-line secure credits for mobile micro payments. Internal report
69.
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008)
70.
Maes, R., Tuyls, P., Verbauwhede, I.: Low-overhead implementation of a soft decision helper data algorithm for SRAM PUFs. In: Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems, CHES’09, pp. 332–347. Springer-Verlag, Berlin, Heidelberg (2009)
71.
Yu, M.-D.M, M’Raihi, D., Sowell, R., Devadas, S.: Lightweight and secure PUF key storage using limits of machine learning. In: Proceedings of the 13th International Conference on Cryptographic Hardware and Embedded Systems, CHES’11, pp. 358–373. Springer-Verlag, Berlin, Heidelberg (2011)
Metadaten
Titel
Smart User Authentication for an Improved Data Privacy
verfasst von
Vanesa Daza
Matteo Signorini
Copyright-Jahr
2015
Buch
Advanced Research in Data Privacy

Print ISBN: 978-3-319-09884-5

Electronic ISBN: 978-3-319-09885-2

Copyright-Jahr: 2015

DOI
https://doi.org/10.1007/978-3-319-09885-2_19