User perception related to identification through biometrics within electronic business

Giesing, Ilse.

January 2003

Thesis (M.Com.)(Informatics)--University of Pretoria, 2003. / Includes bibliographical references.

Mobile agent based attack resistant architecture for distributed intrusion detection system

Selliah, Sentil.

January 2001

Thesis (M.S.)--West Virginia University, 2001. / Title from document title page. Document formatted into pages; contains vii, 61 p. : ill. Includes abstract. Includes bibliographical references (p. 50-52).

Security and efficiency concerns with distributed collaborative networking environments /

Felker, Keith A.

January 2003

Thesis (M.S. in Computer Science)--Naval Postgraduate School, September 2003. / Thesis advisor(s): Geoffrey Xie, John Gibson. Includes bibliographical references (p. 93-99). Also available online.

Hardware implementation of message authentication algorithms for Internet security /

Deepakumara, Janaka T.,

January 2002

Thesis (M.Eng.)--Memorial University of Newfoundland, 2002. / Bibliography: leaves 143-152.

Identity and anonymity in ad hoc networks /

Martucci, Leonardo A.,

January 2009

Diss. Karlstad : Karlstads universitet, 2009. / S. 167-188: References.

Protecting sensitive credential content during trust negotiation /

Jarvis, Ryan D.,

January 2003

Thesis (M.S.)--Brigham Young University. Dept. of Computer Science, 2003. / Includes bibliographical references (p. 51-54).

Device Sensor Fingerprinting : Mobile Device Sensor Fingerprinting With A Biometric Approach / Fingeravtryck i Mobila Enheter

Karlsson, Anna

January 2015

The number of connected devices connected to the Internet is growing rapidly. When talking about devices it also covers the ones not having any contact with humans. This type of devices are the ones that are expected to increase the most. That is why the field of device fingerprinting is an area that requires further investigation. This thesis measures and evaluates the accelerometer, camera and gyroscope sensor of a mobile device to the use as device fingerprinting. The method used is based on previous research in sensor identification together with methods used for designing a biometric system. The combination with long-proven methods in the biometric area with new research of sensor identification is a new approach of looking at device fingerprinting.

device fingerprinting

sensor identification

computer security

M2M

authentication

Reliable SRAM fingerprinting

Kim, Joonsoo, Ph. D.

05 October 2012

Device identification, as human identification has been, has become critical to mitigate growing security problems. In the era of ubiquitous computing, it is important to ensure universal device identities that are versatile in number of ways, for example, to enhance computer security or to enable large-scale data capture, management and analysis. For device identities, simple labeling works only if they are properly managed under a highly controlled environment. We can also impose hard-coded serial numbers into non-volatile memories but it is well known that this is expensive and vulnerable to security attacks. Hence, it is desirable to develop reliable and secure device identification methods using fingerprint-like characteristics of the electronic devices. As technology scales, process variation has become the most critical barrier to overcome for modern chip development. Ironically, there are some research works to exploit the aggressive process variation for the identification of individual devices. They find measurable physical characteristics that are unique to each integrated circuit. Among them, device identification using initial power-up values of SRAM cells, called SRAM fingerprints, has been emphasized lately in part due to the abundant availability of SRAM cells in modern microprocessors. More importantly, since the cross-coupled inverter structure of each SRAM cell amplifies even the small mismatches between two inverter nodes, it is thus very sensitive to and maximizes the effect of random process variation, making SRAM fingerprints to acquire great features as a naturally inherent device ID. Therefore, this work focuses on achieving reliable device identification using SRAM fingerprints. As of date, this dissertation shows the most comprehensive feature characterization of SRAM fingerprints based on the large datasets measured from the real devices under various environmental conditions. SRAM fingerprints in three different process technologies - IBM 32nm SOI technology, IBM 65nm bulk technology, and TSMC 90nm low-k dielectric technology - have been investigated across different temperatures or voltages. By using formal statistical tools, the required features for SRAM fingerprints necessary to be usable as device IDs - uniqueness, randomness, independence, reproducibility, etc. - have been empirically proven. As some of the previous works mentioned, there is an inherent unreliability of the initial states of SRAM cells so that there is always some chance of errors during identification process. It is observed that, under environmental variations, the instability aggravates even more. Most of the previous work, however, ignores the temperature dependence of the SRAM power-up values, which turns out to be critical against our past speculations and becomes a real challenge in realizing a reliable SRAM-based device identification. Note that temperature variation will not be negligible in many situations, for example, authentication of widely distributed sensors. We show that it is possible to achieve SRAM-based device identification system that reliably operates under a wide range of temperatures. The proposed system is composed of three major steps: enrollment, system evaluation, and matching. During the enrollment process, power-up samples of SRAM fingerprints are captured from each manufactured device and the feature information or characterization identifier (CID) is characterized to generate a representative fingerprint value associated with the product device. By collecting the samples and the CIDs, system database gets constructed before distributing devices to the field. During the matching process, we take a single sample fingerprint of a power-cycle experiment, the field identifier (FID), and perform a match against a repository of CID's of all manufactured devices. There is an additional monitoring subsystem, called system evaluation, that estimates the system accuracy with the system database. It controls the system parameters while maintaining the system accuracy requirement. This work delivers a total-package statistical framework that raises design issues of each step and provides systematic solutions to deal with these inter-related issues. We provide statistical methods to determine sample size for the enrollment of chip identities, to generate the representative fingerprint features with the limited number of test samples, and to estimate the system performance along with the proposed system parameter values and the confidence interval of the estimation. A novel matching scheme is proposed to improve the system accuracy and increase population coverage under environmental variations, especially temperature variation. Several advanced mechanisms to exploit the instability for our benefit is also discussed along with supporting state-of-the-art circuit technologies. All these pioneering theoretical frameworks have been validated by the comprehensive empirical analysis based on the real SRAM fingerprint datasets introduced earlier. This dissertation covers a wide range of multidisciplinary research areas including solid-state device physics, computer security, biometrics, statistics, and pattern matching. The main contribution here is that this work provides a comprehensive interdisciplinary framework to enable reliable SRAM fingerprinting, even if the fingerprint, depending on ambient conditions, exhibits nondeterministic behaviors. Furthermore, the interdisciplinary bases introduced in our work are expected to provide generic fundamental methodologies that apply to device fingerprints in general, not just to SRAM fingerprints. / text

SRAM fingerprinting

SRAM PUF

Device identification

Computer security

Data privacy : the non-interactive setting

Narayanan, Arvind, 1981-

16 October 2012

The Internet has enabled the collection, aggregation and analysis of personal data on a massive scale. It has also enabled the sharing of collected data in various ways: wholesale outsourcing of data warehousing, partnering with advertisers for targeted advertising, data publishing for exploratory research, etc. This has led to complex privacy questions related to the leakage of sensitive user data and mass harvesting of information by unscrupulous parties. These questions have information-theoretic, sociological and legal aspects and are often poorly understood. There are two fundamental paradigms for how the data is released: in the interactive setting, the data collector holds the data while third parties interact with the data collector to compute some function on the database. In the non-interactive setting, the database is somehow \sanitized" and then published. In this thesis, we conduct a thorough theoretical and empirical investigation of privacy issues involved in non-interactive data release. Both settings have been well analyzed in the academic literature, but simplicity of the non-interactive paradigm has resulted in its being used almost exclusively in actual data releases. We analyze several common applications including electronic directories, collaborative ltering and recommender systems, and social networks. Our investigation has two main foci. First, we present frameworks for privacy and anonymity in these dierent settings within which one might dene exactly when a privacy breach has occurred. Second, we use these frameworks to experimentally analyze actual large datasets and quantify privacy issues. The picture that has emerged from this research is a bleak one for noninteractivity. While a surprising level of privacy control is possible in a limited number of applications, the general sense is that protecting privacy in the non-interactive setting is not as easy as intuitively assumed in the absence of rigorous privacy denitions. While some applications can be salvaged either by moving to an interactive setting or by other means, in others a rethinking of the tradeos between utility and privacy that are currently taken for granted appears to be necessary. / text

Internet--Security measures

Data protection

Electronic data interchange

Computer security

Long term preservation of electronic documents

Yu, Kin-ying., 余見英.

January 2004

published_or_final_version / abstract / toc / Computer Science and Information Systems / Master / Master of Philosophy

Digital signatures.

Electronic records.