Manoj R. Sastry

A contextual attribute-based access control model

The emergence of ubiquitous mobile devices, such as MP3 players, cellular phones, PDAs, and laptops, has sparked the growth of rich, mobile applications Moreover, these applications are increasingly “aware” of the user and her surrounding environment Dynamic mobile environments are generating new requirements – such as allowing users to access real-time, customized services on-demand and with no prior registration – that are not currently addressed by existing approaches to authorization We investigate using contextual information present in the users operating environment, such as a users location, for defining an authorization policy More precisely, we have defined an access control model that uses contextual attributes to capture the dynamic properties of a mobile environment, including attributes associated with users, objects, transactions, and the environment Our Contextual Attribute-Based Access Control model lends itself more naturally to a mobile environment where subjects and objects are dynamic Our authorization model promotes the adoption of many revolutionary mobile applications by allowing for the specification of flexible access control policies.

Challenges in Data Quality Assurance in Pervasive Health Monitoring Systems

Wearable, portable, and implantable medical sensors have ushered in a new paradigm for healthcare in which patients can take greater responsibility and caregivers can make well-informed, timely decisions. Health-monitoring systems built on such sensors have huge potential benefit to the quality of healthcare and quality of life for many people, such as patients with chronic medical conditions (such as blood-sugar sensors for diabetics), people seeking to change unhealthy behavior (such as losing weight or quitting smoking), or athletes wishing to monitor their condition and performance. To be effective, however, these systems must provide assurances about the quality of the sensor data. The sensors must be applied to the patient by a human, and the sensor data may be transported across multiple networks and devices before it is presented to the medical team. While no system can guarantee data quality, we anticipate that it will help for the system to annotate data with some measure of confidence. In this paper, we take a deeper look at potential health-monitoring usage scenarios and highlight research challenges required to ensure and assess quality of sensor data in health-monitoring systems.

Attribute-Based authentication model for dynamic mobile environments

Rich, context-aware applications are emerging for mobile computing environments that provide new and innovative services to consumers. Security is critical for the successful realization of this vision. We propose a new method for authentication that utilizes contextual information to overcome the limitations inherent in traditional approaches. We have defined a model that uses contextual attributes to achieve an approach to authentication that is better suited for dynamic, mobile computing environments. We examine the use of trusted platforms to provide assurances for these contextual attributes. Our model promotes the adoption of many revolutionary mobile applications by providing a seamless and flexible user experience that can protect privacy and reduce administrative overhead.

A New Modeling Paradigm for Dynamic Authorization in Multi-domain Systems

The emergence of powerful, full-featured and small form-factor mobile devices enables rich services to be offered to it’s users. As the mobile user interacts with multiple administrative domains, he acquires various attributes. In such dynamic usage scenarios, attributes from one domain are interpreted and used in another domain. This motivates the need for dynamic authorization at the time of interaction. In this paper, we investigate the requirements of multi-domain interactions and explore a new paradigm for modeling these requirements using the UCON model for Usage Control [5]. We propose extensions to UCON in order to accommodate dynamic authorizations requirements.

Lightweight Block Cipher Circuits for Automotive and IoT Sensor Devices

Modern cars are equipped with hundreds of Electronic Control Units (ECUs) connected in a Controller Area Network (CAN). These ECUs are used to perform driving functionalities like the movements of accelerator, brakes, steering wheel, etc. Car hacking became a real threat in the last couple of years when a remote attacker was able to take control of a car running on a busy highway. Cryptographic functionalities like authentication, integrity and confidentiality can resist these attacks and so can save peoples life. The traditional crypto primitive AES is not an optimal choice in this usage due to its complex operation that leads to long execution latency and big die-area if implemented in HW. To meet real time requirements in this new computing paradigm, a suitable lightweight block cipher is of utmost importance. In this work, we investigate the most suitable lightweight block cipher for automotive platforms. We developed optimized circuits for suitable lightweight block-ciphers. The synthesis and simulation results on Intels 14nm high-K/metal-gate FinFET CMOS technology show that the proposed design can achieve authentication and confidentiality of an 8-byte message in 12 clock cycles latency with 1.2k gates and 7.04pJ energy. AES would need 10-times more silicon-area and 8-times more energy to achieve similar latency. In this respect, this work offers conclusive directions on lightweight block-ciphers suitable for automotive security.

Protecting Patient Records from Unwarranted Access

Securing access to medical information is vital to protecting patient privacy. However, Electronic Patient Record (EPR) systems are vulnerable to a number of inside and outside threats. Adversaries can compromise EPR client machines to obtain a variety of highly sensitive information including valid EPR login credentials, without detection. Furthermore, medical staff can covertly view records of their choosing for personal interest or more malicious purposes. In particular, we observe that the lack of integrity measurement and auditability in these systems creates a potential threat to the privacy of patient information. We explore the use of virtualization and trusted computing hardware to address these problems. We identify open problems and encourage further research in the area.

Remote Attestation for Low-End Prover Devices with Post-Quantum Capabilities

Remote attestation is a well-established interactive technique to establish trust in the realm of connected devices. It allows a Prover device to attest its platform integrity to a Verifier device. Existing remote attestation protocols rely on classical asymmetric cryptography, which are too heavy for low-end Prover devices, and vulnerable to quantum attacks (a serious concern due to the long lifespan of IoT devices). Hash-Based Signatures (HBS) offer attractive performance and have capabilities to defeat quantum attacks. This paper presents several contributions in this context. First, we present an efficient remote attestation protocol that requires the Prover to perform only one-time HBS operations, which are very lightweight. Our protocol also proposes robust embedded techniques to refresh one-time keys that allow multiple attestations. Second, we present a simpler construction based on multi-time HBS scheme which does not depend on a trusted-third-party. Third, to demonstrate the feasibility of our protocols, we developed prototypes based on state-of-the-art HBS schemes (XMSS and WOTS+) for highly constrained platforms (Arduino 101) in both classical and post-quantum security settings. Finally, we present a comprehensive comparison between these strategies, including guidance on suitable use cases for each one of them. To summarize, our work demonstrates the feasibility of modern HBS constructions for remote attestation of highly-constrained devices.

POSTER: Intrusion Detection System for In-vehicle Networks using Sensor Correlation and Integration

The increasing utilization of Electronic Control Units (ECUs) and wireless connectivity in modern vehicles has favored the emergence of security issues. Recently, several attacks have been demonstrated against in-vehicle networks therefore drawing significant attention. This paper presents an Intrusion Detection System (IDS) based on a regression learning approach which estimates certain parameters by using correlated/redundant data. The estimated values are compared to observed ones to identify abnormal contexts that would indicate intrusion. Experiments performed with real-world vehicular data have shown that more than 90% of vehicle speed data can be precisely estimated within the error bound of 3 kph. The proposed IDS is capable of detecting and localizing attacks in real-time, which is fundamental to achieve automotive security.

A new modeling paradigm for dynamic authorization in multi-domain systems

The emergence of powerful, full-featured and small formfactor mobile devices enables rich services to be offered to it’s users. As the mobile user interacts with multiple administrative domains, he acquires attributes from these interactions. Service providers can tailor services by interpreting user’s attributes dynamically at runtime. Such dynamic usage scenarios where attributes from one domain are interpreted and used in another domain motivate the need for dynamic authorization at the time of interaction. In this paper, we investigate the multi-domain requirements presented by these usage scenarios and explore a new paradigm for modeling these requirements. We examine and extend the UCON model for Usage Control [5] to address the dynamic aspects of multi-domain interactions. The UCON model for usage control is a new foundation of access control which combines traditional authorization with obligations and conditions, mutability of attributes and continuity of decisions. An important observation we make is that attributes, obligations and conditions in UCON are pre-defined. We argue that our multi-domain interaction requirements motivate us to model every UCON component as a dynamic entity. We outline an extended UCON model to accommodate the identified requirements.