TOWARDS SELF-AUTHENTICABLE WEARABLE DEVICES
Download as PPTX, PDF2 likes298 views
This document proposes a protocol for authenticating wearable devices. It involves using imprinting to securely associate a wearable device with an intermediate device like a mobile phone. The wearable would then authenticate to a remote server through the intermediate device using an authentication method based on digital signatures. The protocol is designed to provide different security levels depending on the sensitivity of the information and fits within the limited capabilities of wearable devices.
TOWARDS SELF-AUTHENTICABLE WEARABLE DEVICES
- 1. TOWARDS SELF-AUTHENTICABLE WEARABLE DEVICES PRESENTED BY, RASHA KAMAL 1
- 2. CONTENTS Abstract Introduction Related works and Technologies Protocols Requirements Application scenarios Authentications method Security evaluation Conclusion References 2
- 3. ABSTRACT • communicate among themselves, but need to communicate with other entities. • Authentication is needed • Existing system – limited to scenarios • Authentication protocols – secure mutual end-to-end authentication. • Design uses point-to-point authentication protocols • Finally – present Security evaluation 3
- 4. INTRODUTION Research estimates – continue growth in the near futures wearable devices can hold a lot of useful information Due to wearable devices’ limited range of connectivity The use of other personal devices , to share this information over longer distances must be possible. Because of the sensitive information wearable devices may handle, information be protected from unauthorized access or modification. Example - Pacemaker 4
- 5. INTRODUTION CONT... At present, solution exist for the problem of a secure authentication service for wearable devices In the later case, end-to-end authentication between the wearable device and the remote entity is not provided. First, the wearable device authenticates itself with an intermediate device; Afterward the intermediate device authenticates itself with the remote entity Our design is based on a point-to-point protocol 5
- 6. RELATD WORK AND TECHNOLOGIES The most important Technologies used in our proposed authentications • Wearable Devices • NFC • Smart Cards 6
- 7. Wearable Devices • Idea – Add technology in everyday life • Support short range connectivity • Research – Focused on improving connectivity range NFC • Near field communication • Technology, currently integrated in many mobile devices • simplify life’s common tasks such as making transactions, exchanging digital content, or connecting electronic devices. • NFC operates – Radio frequency – 13.56MHz , Data transmission between – 106 to 424 kb/s 7
- 8. 8
- 9. Smart Cards • Smart cards are hardware devices • To protect sensitive operations • They can store sensitive information securely and have cryptographic capabilities. • However, more recent works have proposed using a smart card • Card is able to take part in the authentication process by itself. • Functionality is based on the JavaCard technology 9
- 10. PROTOCOLS POINT-TO-POINTPROTOCOL • Data link protocol • Provides - services (e.g., encapsulating multiprotocol datagram's) • PPP allows Extensible Authentication Protocol (EAP) 10
- 11. EAP • The Extensible Authentication Protocol is an authentication framework • It provides some common functions and negotiation options of authentication methods called EAP methods. • Methods are based on the use of regular passwords (EAP-MD5), the use of one-time passwords (EAP-OTP), or the use of certificates (EAP-TLS) • Extended with new authentication mechanisms. 11
- 12. IMPRINTING • This mechanism attempts to solve the problem of establishing trust between two devices. • It is based on the duckling imprinting phase, that is, the process by which a newborn duck establishes a pattern of recognition for its parents. • Imprinting consists of a secure association established • During this phase both devices share something that allows identification between these devices in the future. 12
- 13. PROPOSED AUTHENTICATION PROTOCOL • A secure protocol for the mutual authentication of wearable devices and any other network . This protocol can work directly over a short-range connection • Secure imprinting mechanism , allows to differentiate between trusted and untrusted intermediate devices. • Storage of different authentication credentials (password, certificates, etc.) within the wearable device. • Inclusion of cryptographic and logical capabilities within the wearable device, allowing it to make decisions according to the sensitivity of information 13
- 14. REQUIREMENTS Limited size - proposed solution should fit inside a wearable device Necessity of providing the wearable device with strong authentication capabilities- cryptographic and logic operations. Credentials used to perform the authentication - have storage capabilities. Use a short-range communication technology 14
- 15. APPLICATION SCENARIOS 15 WD-NFC-JCard wants to authenticate itself to a remote server using a personal device with Internet connectivity (e.g., a mobile phone) as an intermediate device. Figure 2- System elements
- 16. Modes Of Operation • Low security level • Intermediate security level • High security level 16Figure 3- Security level
- 17. ARCHITECTURE Wearable device needs to communicate with a remote server over the Internet communication channel should be established between the wearable device and the intermediate device using the NFC protocol. forwarding the packets in both directions between the wearable device and the remote server This communication method is based on a standalone supplicant 17
- 18. ARCHITECTURE CONT.. Our proposed authentication protocol is based on the EAP authentication protocol. EAP is an authentication framework EAP will be running within the WD-NFC- JCard implies that the mobile device does not need to understand the authentication messages Only to forward the messages received in both directions. 18
- 19. 19 Figure – Proposed authentication architecture
- 20. AUTHENTICATION METHODS We used two different authentication methods First, a method to authenticate the intermediate device and the WD-NFC- JCard is defined. Then a method to authenticate the WD-NFC-JCard and the remote server is defined. 20
- 21. Intermediate Device — WD-NFC-Jcard Authentication 21
- 22. 22
- 23. 23 WD-NFC-JCard — Remote Server Authentication
- 24. SECURITY EVALUATION The imprinting of the WD-NFC-JCard and the intermediate device. Once imprinting process executed, devices will share unique identifiable data between them, allow - mutually authenticate WDAS – related to mutual authentication of WD – NFC – Jcard and remote server 24
- 25. CONCLUSION we have presented an authentication protocol for wearable devices Our proposed protocol is based on a digital signature scheme Our proposed authentication protocol is not only secure, but flexible enough to provide different levels of protection based on the sensitivity of the information handled. 25
- 26. REFERENCES ABI Research, “Body Area Networks for Sports and Healthcare,” ABI Research, Sci. Rep., 2012. Z. Zhang et al., “ECG-Cryptography and Authentication in Body Area Networks,” IEEE Trans. Info. Tech. In Biomedicine, vol. 16, no. 6, Nov. 2012. M. Shin, “Secure Remote Health Monitoring with Unreliable Mobile Devices,” J. Biomed. and Biotech., 2012. P. Urien and G. Pujolle, “EAP Smart Card Protocol,” IETF Internet Draft 26, 2014. J. Torres, A. Izquierdo, and J. M. Sierra, “Advances in Network Smart Cards Authentication,Computer Networks,” Computer Networks: The Int’l. J. Computer and Telecommun. Networking, vol. 51, no. 9, 2007, pp. 2249–61 26