Jason F. Reid

Detecting relay attacks with timing-based protocols

Distance-bounding protocols have been proposed as a means of detecting relay attacks, also known as mafia fraud. In this paper we present the first symmetric key based distance-bounding protocol that is also resistant to so-called terrorist fraud, a variant of mafia fraud. Distance-bounding protocols require a communication channel that can exchange single bits with extremely low latency. This unconventional communication requirement has prompted Hancke and Kuhn to assert in a recent publication that ultra wide band (UWB) radio is necessary to achieve a useful distance-bounding resolution for RF security devices (contactless smart cards, RFID tags and the like). We analyse this assertion and present an alternative, novel communication approach that leverages the phenomena of side channel leakage to deliver a low latency channel. Our proposal is capable of detecting sophisticated relay attacks without resorting to the considerable expense and complexity of UWB radio. We present experimental results to support our arguments.

A novel use of RBAC to protect privacy in distributed health care information systems

This paper examines the access control requirements of distributed health care information networks. Since the electronic sharing of an individuals personal health information requires their informed consent, health care information networks need an access control framework that can capture and enforce individual access policies tailored to the specific circumstances of each consumer. Role Based Access Control (RBAC) is examined as a candidate access control framework. While it is well suited to the task in many regards, we identify a number of shortcomings, particularly in the range of access policy expression types that it can support. For efficiency and comprehensibility, access policies that grant access to a broad range of entities whilst explicitly denying it to subgroups of those entities need to be supported in health information networks. We argue that RBAC does not support policies of this type with sufficient flexibility and propose a novel adaptation of RBAC principles to address this shortcoming. We also describe a prototype distributed medical information system that embodies the improved RBAC model.

Privacy and trusted computing

This paper examines a model of trusted computing wherein a computing platform is able to make assertions about its current software configuration that may be trusted by the user and remote third parties. The privacy implications of this approach are investigated in the context of the Trusted Computing Platform Alliance (TCPA) specification. The trust relationships of the TCPA architecture are examined in detail. An analysis of the revocation requirements inherent in the TCPA design is presented, which highlights the challenges that revocation presents in the context of a large scale deployment of TCPA platforms. Finally, a modification to the specification is suggested that reduces the level of trust that need to be placed on the Privacy CA.

On a taxonomy of delegation

Delegation, from a technical point of view, is widely considered as a potential approach in addressing the problem of providing dynamic access control decisions in activities with a high level of collaboration, either within a single security domain or across multiple security domains. Although delegation continues to attract significant attention from the research community, presently, there is no published work that presents a taxonomy of delegation concepts and models. This article intends to address this gap by presenting a set of taxonomic criteria relevant to the concept of delegation. This article also applies the taxonomy to a selection of significant delegation models published in the literature.

Linkability in Practical Electronic Cash Design

Designing a practical and complete electronic cash scheme has proved difficult. Designs must seek to optimise often conflicting metrics such as efficiency, anonymity, the ability to make exact payments. Gains in one area often result in a loss in one or more other areas. Several schemes have accepted linkability of some payments as a concession to getting the balance right. A point that has not been highlighted is the problem of preventing linking between payments made with different linkable coins. This paper reviews several electronic cash schemes which have the linkability property and concludes that linking across coins is of significant practical concern. Design improvements are suggested along with observations regarding the users active role in preserving anonymity.

An Authorization Framework using Building Information Models

A building information model (BIM) is an electronic repository of structured, three-dimensional data that captures both the physical and dynamic functional characteristics of a facility. In addition to its more traditional function as a tool to aid design and construction, a BIM can be used throughout the life cycle of a facility, functioning as a living database that places resources contained within the building in their spatial and temporal context. Through its comprehension of spatial relationships, a BIM can meaningfully represent and integrate previously isolated control and management systems and processes, and thereby provide a more intuitive interface to users. By placing processes in a spatial context, decision-making can be improved, with positive flow-on effects for security and efficiency. In this article, we systematically analyse the authorization requirements involved in the use of BIMs. We introduce the concept of using a BIM as a graphical tool to support spatial access control configuration and management (including physical access control). We also consider authorization requirements for regulating access to the structured data that exists within a BIM as well as to external systems and data repositories that can be accessed via the BIM interface. With a view to addressing these requirements we present a survey of relevant spatiotemporal access control models, focusing on features applicable to BIMs and highlighting capability gaps. Finally, we present a conceptual authorization framework that utilizes BIMs.

Physical access control administration using building information models

Physical access control systems play a central role in the protection of critical infrastructures, where both the provision of timely access and preserving the security of sensitive areas are paramount. In this paper we discuss the shortcomings of existing approaches to the administration of physical access control in complex environments. At the heart of the problem is the current dependency on human administrators to reason about the implications of the provision or the revocation of staff access to an area within these facilities. We demonstrate how utilising Building Information Models (BIMs) and the capabilities they provide, including 3D representation of a facility and path-finding can reduce possible intentional or accidental errors made by security administrators.

Making sense of smart card security certifications

Manufacturers and producers of smart card systems are all beginning to climb on the certification bandwagon. In this paper, we analyse the current state of smart card certifications and present arguments as to why smart card certifications may not be all they seem. We discuss certifications issued under the ITSEC and Common Criteria and analyse shortcomings and inconsistencies that appear to exist in the certifications. Specific examples are presented to justify our arguments.

Digital Rights Management (DRM): Managing Digital Rights for Open Access

When one mentions the term digital rights management (DRM), the immediate perception is of a copyright owner seeking to further exploit their product for economic reward. This article explains the nonrivalrous nature of information and how intellectual property rights can also be used to manage digital content for open access. In short DRM should be seen as being capable of facilitating not only restricted access but also facilitating open access. The paradigm shift proposed is for us to conceptualise DRM as being about the management of intellectual propert rights either for an open or restrictive purpose.

BP-XACML an Authorisation Policy Language for Business Processes

XACML has become the defacto standard for enterprise-wide, policy-based access control. It is a structured, extensible language that can express and enforce complex access control policies. There have been several efforts to extend XACML to support specific authorisation models, such as the OASIS RBAC profile to support Role Based Access Control. A number of proposals for authorisation models that support business processes and workflow systems have also appeared in the literature. However, there is no published work describing an extension to allow XACML to be used as a policy language with these models. This paper analyses the specific requirements of a policy language to express and enforce business process authorisation policies. It then introduces BP-XACML, a new profile that extends the RBAC profile for XACML so it can support business process authorisation policies. In particular, BP-XACML supports the notion of tasks, and constraints at the level of a task instance, which are important requirements in enforcing business process authorisation policies.