Enforcing physically restricted access control for remote data

CODASPY'11 - Proceedings of the 1st ACM Conference on Data and Application Security and Privacy

Volumn , Issue , 2011, Pages 203-212

  Kirkpatrick, Michael S ^a   Kerr, Sam ^a  

^a Purdue University   (United States)

Author keywords

Access control; Applied cryptography; Physically unclonable functions

Indexed keywords

APPLIED CRYPTOGRAPHY; DISTRIBUTED COMPUTING ENVIRONMENT; INTRINSIC PROPERTY; PHYSICALLY UNCLONABLE FUNCTIONS; PROTOTYPE IMPLEMENTATIONS; PUBLIC KEY INFRASTRUCTURE; REMOTE DATA; REMOTE DEVICES; SENSITIVE INFORMATIONS;

DATA PRIVACY; PUBLIC KEY CRYPTOGRAPHY; SECURITY SYSTEMS;

ACCESS CONTROL;

EID: 79952807433     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1943513.1943540     Document Type: Conference Paper

References (35)

1. S. Aich, S. Sural, and A. K. Majumdar. STARBAC: Spatiotemporal role based access control. In OTM Conferences, 2007.
2. J. Al-Muhtadi, R. Hill, R. Campbell, and M. D. Mickunas. Context and location-aware encryption for pervasive computing environments. In Proceedings of the 4th IEEE Conference on Security in Pervasive Computing and Communications, March 2006.
3. M. J. Atallah, E. D. Bryant, J. T. Korb, and J. R. Rice. Binding software to specific native hardware in a VM environment: The PUF challenge and opportunity. In VMSEC'08. ACM, 2008.
4. S. Berger, R. Cáceres, K. A. Goldman, R. Perez, R. Sailer, and L. van Doorn. vtpm: virtualizing the trusted platform module. In USENIX-SS'06: Proceedings of the 15th conference on USENIX Security Symposium, Berkeley, CA, USA, 2006. USENIX Association.
5. A. Bhargav-Spantzel, A. C. Squicciarini, and E. Bertino. Establishing and protecting digital identity in federation systems. In Proceedings of the 2005 ACM Workshop on Digital Identity Management, pages 11-19. ACM, 2005.
6. M. L. Damiani, E. Bertino, B. Catania, and P. Perlasca. GEO-RBAC: A spatially aware RBAC. ACM Transactions on Information Systems and Security, 2006.
7. B. Danev, T. S. Heydt-Benjamin, and S. ČCapkun. Physical-layer identification of RFID devices. In Proceedings of the USENIX Security Symposium, 2009.
8. S. Devadas, E. Suh, S. Paral, R. Sowell, T. Ziola, and V. Khandelwal. Design and implementation of PUF-based "unclonable" RFID ICs for anti-counterfeiting and security applications. In 2008 IEEE International Conference on RFID, pages 58-64, 2008.
9. C. Devine. FIPS-180-1 compliant SHA-1 implementation. http://csourcesearch.net/c/fid1A3BFA49A2F9E1FFB3147B7238E287C22E7ED0A3.aspx 2006.
10. Federal Financial Institutions Examination Council. Authentication in an Internet Banking Environment, October 2005.
11. U. Feige, A. Fiat, and A. Shamir. Zero knowledge proofs of identity. In Proceedings of the 19th Annual ACM Symposium on Theory of Computing, pages 210-217, 1987.
12. A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In Proceedings on Advances in Cryptology (CRYPTO'86), pages 186-194. Springer-Verlag, 1987.
13. K. B. Frikken, M. Blanton, and M. J. Atallah. Robust authentication using physically unclonable functions. In Information Security Conference (ISC), September 2009.
14. B. Gassend, D. Clarke, M. van Dijk, and S. Devadas. Controlled physical random functions. In Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC), 2002.
15. B. Gassend, D. Clarke, M. van Dijk, and S. Devadas. Silicon physical random functions. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS'02), 2002.
16. J. Guajardo, S. S. Kumar, G.-J. Schrijen, and P. Tuyls. FPGA intrinsic PUFs and their use for IP protection. In Proceedings of the 9th Cryptographic Hardware and Embedded Systems Workshop (CHES), pages 63-80, 2007.
17. J. Guajardo, S. S. Kumar, G.-J. Schrijen, and P. Tuyls. Physical unclonable functions and public-key crypto for FPGA IP protection. In International Conference on Field Programmable Logic and Applications, pages 189-195, 2007.
18. K. Han and K. Kim. Enhancing privacy and authentication for location based service using trusted authority. In 2nd Joint Workshop on Information Security. Information and Communication System Security, 2007.
19. F. Hao, R. Anderson, and J. Daugman. Combining crypto with biometrics effectively. IEEE Trans. Comput., 55(9):1081-1088, 2006. (Pubitemid 44263808)
20. L. N. Hoang, P. Laitinen, and N. Asokan. Secure roaming with identity metasystems. In IDtrust'08. ACM, March 2008.
21. D. Kulkarni and A. Tripathi. Context-aware role-based access control in pervasive computing systems. In Proceedings of the 14th Symposium on Access Control Models and Technologies (SACMAT), 2008.
22. K. Lofstrom, W. Daasch, and D. Taylor. IC identification circuit using device mismatch. In Solid-State Circuits Conference, 2000. Digest of Technical Papers. ISSCC. 2000 IEEE International, pages 372-373, 2000. (Pubitemid 32864183)
23. S. P. Miller, B. C. Neuman, J. I. Schiller, and J. H. Saltzer. Kerberos authentication and authorization system. In Project Athena Technical Plan, 1987.
24. R. M. Needham and M. D. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM, 21(12):993-999, December 1978.
25. M. O. Rabin. Digitalized signatures and public-key functions as intractable as factorization. Technical Report MIT/LCS/TR-212, MIT Laboratory for Computer Science, January 1979.
26. M. Riley and I. Richardson. Reed-solomon codes. http://www.cs.cmu.edu/ afs/cs.cmu.edu/project/pscico-guyb/realworld/www/reedsolomon/reed-solomon-codes. html, 1998.
27. S. Rockliff. The error correcting codes (ecc) page. http://www.eccpage. com/2008.
28. R. Sailer, T. Jaeger, X. Zhang, and L. van Doorn. Attestation-based policy enforcement for remote access. In Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS'04), pages 308-317. ACM Press, 2004. (Pubitemid 40338212)
29. N. Saparkhojayev and D. R. Thompson. Matching electronic fingerprints of RFID tags using the hotelling's algorithm. In IEEE Sensors Applications Symposium (SAS), February 2009.
30. D. Schellekens, B. Wyseur, and B. Preneel. Remote attestation on legacy operating systems with trusted platform modules. In Science of Computer Programming, pages 13-22, 2008.
31. G. E. Suh and S. Devadas. Physcal unclonable functions for device authentication and secret key generation. In Proceedings of the 44th IEEE Design Automation Conference (DAC), pages 9-14. IEEE Press, 2007. (Pubitemid 47129916)
32. G. E. Suh, C. W. O'Donnell, and S. Devadas. AEGIS: A single-chip secure processor. In Elsevier Information Security Technical Report, volume 10, pages 63-73, 2005. (Pubitemid 41108379)
33. G. E. Suh, C. W. O'Donnell, and S. Devadas. Aegis: A single-chip secure processor. IEEE Design and Test of Computers, 24(6):570-580, 2007. (Pubitemid 350253575)
34. Trusted Computing Group. Trusted Platform Module Main Specification. http://www.trustedcomputinggroup.org/, October 2003.
35. Verizon RISK Team. 2010 data breach investigations report. Technical report, 2010.