260 likes | 399 Views
Secure Identity Solutions. Craig Thompson, Dale R. Thompson, Jia Di University of Arkansas, Fayetteville February 21, 2007 {cwt, drt, jdi}@uark.edu Computer Science and Computer Engineering Dept., University of Arkansas 311 Engineering Hall, Fayetteville, Arkansas 72701. Everything is Alive.
E N D
Secure Identity Solutions Craig Thompson, Dale R. Thompson, Jia Di University of Arkansas, Fayetteville February 21, 2007 {cwt, drt, jdi}@uark.edu Computer Science and Computer Engineering Dept., University of Arkansas 311 Engineering Hall, Fayetteville, Arkansas 72701
Everything is Alive Craig W. Thompson University of Arkansas
Craig Thompson’s story • SSN at birth, developed a personality, passport at 10, collected coins, CA DL at 17, TX DL at 21, member of CACM & IEEE, married, got credit cards, TN DL at 27, bought car for daughter, wrote autobiographies for family members • worked on DBMS, middleware & architectures, agents, policy languages, digital rights, RFID, threats, privacy, synthetic data generation, participated in this conference • Records of my life include birth certificates, transcripts, photos, diary, job records, phone bills, … DBMS(me)/mylifebits, … models of myself
orders & subscriptions observations & recommendations Any threats? Need fuel! I see a tank! Everything is Alive a world where everything is alive (EiA) and can sense, act, think, feel, communicate, and maybe even move and reproduce. This might include equipment, vehicles, robots, toys, clothing, pets, and objects such as trees and walls.
… Reader1 Reader2 Tag Printer Motion Sensor Camera Device Wrappers XML messages sent between “agents” … DBMS GUI Dashboard TagCentric RFID Middleware Architecture • Developed TagCentric RFID application: • 4 reader types supported: Alien, Symbol, Thingmagic, and “Fake”. • 1 Tag printer supported: Zebra • 5 databases supported: DB2, Derby, MySQL, Oracle, PostgreSQL • Open Source Toolkit available
Smart devices + Supply chains • Humans now manage 10 network devices and will need to manage 100s to 1000s • Many kinds of sensors • Item level RFID • Data synchronization networks • Download plugins from the web • Simple and complex user interfaces • Scheduler • Log History • Natural language I/F and/or GUI • …
Menu Based Natural Language I/F Plugin • Predictive menu to guide user to correct sentence
Many Puzzles Remain • Technical – we don’t yet have all the puzzle pieces • Universal plug and play, composability & MDE • Querying collections of agents & Policy languages & … • Social – extrapolate today’s direction to tomorrow • Humans are increasingly connected – cell phones, instant messaging, chat, blogs, social networks, role playing games, … • 1000 closest friends, borgs, precision communication, Internet people, anonymity • Information aggregation – DBMS[me] • Human augmentation • Better hearing, seeing, memory, … • Transferring your identity to your smart card, memory stick, personal agents, models • Safe information sharing
Publications • C. Thompson, “Everything is Alive,” Architectural Perspective Column, IEEE Internet Computing, Jan-Feb 2004. • C. Thompson, P. Parkerson, “DBMS[me],” Architectural Perspective Column, IEEE Internet Computing, May-June 2004. • C. Thompson, “Smart Devices and Soft Controllers,” Architectural Perspective Column, IEEE Internet Computing, Jan-Feb 2005. • C. Thompson, P. Pazandak, H. Tennant, “Talk to your Semantic Web,” Architectural Perspective Column, IEEE Internet Computing, Nov-Dec 2005. • J. Hoag, C. Thompson, “Architecting RFID Middleware,” Architectural Perspectives column, IEEE Internet Computing, September-October, 2006.
Security and Privacy Threats to Identity Dale R. Thompson University of Arkansas
Security Threats to Identity *M. Howard and D. LeBlanc, Writing Secure Code, 2nd ed., Redmond, Washington: Microsoft Press, 2003.
STRIDE Categories and Mitigation Techniques* *M. Howard and D. LeBlanc, Writing Secure Code, 2nd ed., Redmond, Washington: Microsoft Press, 2003.
What is Privacy? • “The right to be let alone” [1] • “The right of individuals to determine when, how, and how much information about themselves is released to others.” [2] • Privacy includes the right to make decisions about one’s own life, to keep personal secrets, and to keep secrets about where we come and go. [3] • It is the right to make decisions without interference from the government or economic pressures from commercial entities. [3] [1] S. Warren and L. Brandeis, “The Right to Privacy,” Harvard Law Review, vol. 4, pp. 193-220, 1890. [2] A. F. Westin, Privacy and Freedom, Atheneum, NY, 1967. [3] R. E. Smith and M. Zolikoff, “Citizens: Getting at our Real concerns,” in RFID: Applications, Security, and Privacy, S. Garfinkel and B. Rosenberg, Eds. Upper Saddle River, New Jersey: Addison-Wesley, 2006, pp. 413-429.
Fair Information Practices (FIPs) Principles of Information Privacy* • Notice. There must be no personal-data, record-keeping systems whose very existence is a secret. • Access. There must be a way for a person to find out what information about the person is in a record and how it is used. • Choice. There must be a way to prevent personal information that was obtained for one purpose from being used or made available for other purposes without the person’s consent. • Recourse. There must be a way for a person to correct or amend a record of identifiable information about the person. • Security. Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take reasonable precautions to prevent misuse of the data. *The Code of Fair Information Practices, U.S. Department of Health, Education and Welfare, Secretary’s Advisory Committee on Automated Personal Data Systems, Records, Computers, and the Rights of Citizens, VIII. (1973). [Online]. Available: http://www.epic.org/privacy/consumer/code_fair_info.html
Privacy Threats by National ID • Enables tracking, profiling, and surveillance of individuals on a large scale.
Alan F. Westin’s Privacy Classifications • Privacy Fundamentalist (11%) • Very concerned • Unwilling to provide data • Privacy Unconcerned (13%) • Mild concern • Willing to provide data • Privacy Pragmatists (75%) • Somewhat concerned • Willing to provide data if they are notified and get a benefit
Publications • M. Byers, A. Lofton, A. K. Vangari-Balraj, and D. R. Thompson, “Brute force attack of EPCglobal UHF class-1 generation-2 RFID tag,” in Proc. IEEE Region 5 Technical Conf., Fayetteville, Arkansas, April 20-21, 2007, to appear. • D. R. Thompson, J. Di, H. Sunkara, and C. Thompson, “Categorizing RFID privacy threats with STRIDE,” in Proc. ACM Symposium on Usable Privacy and Security (SOUPS), Carnegie Mellon University, Pittsburgh, Pennsylvania, July 12-14, 2006. • D. R. Thompson, N. Chaudhry, and C. W. Thompson, “RFID security threat model,” in Proc. Acxiom Laboratory for Applied Research (ALAR) Conf. on Applied Research in Information Technology, Conway, Arkansas, Mar. 3, 2006. • N. Chaudhry, D. R. Thompson, and C. Thompson, RFID Technical Tutorial and Threat Modeling, ver. 1.0, tech. report, Dept. of Computer Science and Computer Engineering, University of Arkansas, Fayetteville, Arkansas, Dec. 8, 2005. Available: http://csce.uark.edu/~drt/rfid
Mitigating Side-Channel Attacks to RFID Hardware Jia Di University of Arkansas
Known Attacks to Integrated Circuits (ICs) • Invasive attacks • De-packaging • Layout reconstruction • Microprobing • Non-invasive attacks • Simple power analysis (SPA) • Differential power analysis (DPA) • High-order differential power analysis (HO-DPA) • Timing analysis (TA) • Fault analysis • Glitch attacks
Power Fluctuation in Synchronous Circuits The power and timing parameters need to be made independent of data pattern
Delay-Insensitive Asynchronous Logic • High energy efficiency • No clock skew • High modularity (plug-n-play) • Stable power dissipation • Average case performance • Robust input timing handling • Low noise and emission • … Data-spacer sequence
Publications • J. Di and F. Yang, “D3L – A Framework on Fighting against Non-invasive Attacks to Integrated Circuits for Security Applications,” the IASTED International Conference on Circuits, Signals, and Systems (CSS 2005). • D. R. Thompson, J. Di, H. Sunkara, and C. Thompson, “Categorizing RFID privacy threats with STRIDE,” in Proc. ACM Symposium on Usable Privacy and Security (SOUPS), Carnegie Mellon University, Pittsburgh, Pennsylvania, July 12-14, 2006. • J. Di and S. Smith, “A Hardware Threat Modeling Concept for Trustable Integrated Circuits,” in Proc. IEEE Region 5 Technical Conf., Fayetteville, Arkansas, April 20-21, 2007, to appear. • J. Di and S. Smith, “Detecting Malicious Logic through Structural Checking,” in Proc. IEEE Region 5 Technical Conf., Fayetteville, Arkansas, April 20-21, 2007, to appear.
Building a Secure Federal Real ID System Today at 4:15 p.m.