TY - GEN
T1 - Secure and resilient proximity-based access control
AU - Choi, Sunoh
AU - Gutierrez, Christopher
AU - Lim, Hyo Sang
AU - Bagchi, Saurabh
AU - Bertino, Elisa
PY - 2013
Y1 - 2013
N2 - The ubiquity of mobile devices has increased the convenience of communication but it has also introduced personal privacy concerns. In the domain of portable medical records, it is vital to provide authentication which protects personal information from unauthorized users who are located out of legitimate regions. To support such location-based authentication, one possible approach in medical systems is exploiting distance-bounding protocols which allow detecting a user's current location to determine whether the user is in trusted physical locations such as a doctor's office. However, sensors that enable distance-bounding protocols are expensive and not widely deployed yet since the required protocols typically need special devices such as devices utilizing ultrasound. To overcome the lack of device deployment, we propose a secure proximity-based access control scheme based on the use of multiple location based service (LBS) devices utilizing Bluetooth which is cheap and already widely used. Furthermore, we provide several ways to prevent various attacks. We report experimental performance results which indicate that access control is executed within 100 ms on Intel i7 processor and in about two seconds on the Android platform. Furthermore, our proposed system achieves communication overhead in 0(1) as opposed to digital signatures which grow in O(n).
AB - The ubiquity of mobile devices has increased the convenience of communication but it has also introduced personal privacy concerns. In the domain of portable medical records, it is vital to provide authentication which protects personal information from unauthorized users who are located out of legitimate regions. To support such location-based authentication, one possible approach in medical systems is exploiting distance-bounding protocols which allow detecting a user's current location to determine whether the user is in trusted physical locations such as a doctor's office. However, sensors that enable distance-bounding protocols are expensive and not widely deployed yet since the required protocols typically need special devices such as devices utilizing ultrasound. To overcome the lack of device deployment, we propose a secure proximity-based access control scheme based on the use of multiple location based service (LBS) devices utilizing Bluetooth which is cheap and already widely used. Furthermore, we provide several ways to prevent various attacks. We report experimental performance results which indicate that access control is executed within 100 ms on Intel i7 processor and in about two seconds on the Android platform. Furthermore, our proposed system achieves communication overhead in 0(1) as opposed to digital signatures which grow in O(n).
KW - Access control
KW - Proximity
KW - Security
UR - https://www.scopus.com/pages/publications/84889574641
U2 - 10.1145/2512410.2512425
DO - 10.1145/2512410.2512425
M3 - Conference paper
AN - SCOPUS:84889574641
SN - 9781450324250
T3 - International Conference on Information and Knowledge Management, Proceedings
SP - 15
EP - 20
BT - 2013 International Workshop on Data Management and Analytics for HealthcaRE, DARE 2013 - Co-located with the 22nd ACM International Conference on Information and Knowledge Management, CIKM 2013
T2 - 2013 International Workshop on Data Management and Analytics for HealthcaRE, DARE 2013 - Co-located with the 22nd ACM International Conference on Information and Knowledge Management, CIKM 2013
Y2 - 1 November 2013 through 1 November 2013
ER -