Secure Mobile Computing Biometric Authentication for Mobile ...

dashingincestuousSecurity

Feb 23, 2014 (3 years and 7 months ago)

74 views

Secure Mobile Computing

using Biotelemetrics

Mahlon Graham

University of Virginia

NSF Research Experience for
Undergraduates

Contents


Motivation


Patch Simulator


State Diagram


State Definitions


Secure Mobile Computing in Action


Future Work


Special Thanks


Motivation


Secure Mobile Computing is a way to
protect data stored on mobile
computing devices, such as

PDA’s,
laptops, as well as specialized Military
equipment.


Use biometric data to authenticate


Heart beat, respiratory, body heat

Motivation


What sort of data should be secured?


Corporation Trade Secrets


Sensitive Financial Information


In
-
the
-
field troop movements, etc


What could happen to the user?


User goes unconscious, device becomes
vulnerable


User taken hostage, forced to access sensitive
data


User becomes deceased, device taken by enemies

How to determine user status


Wearable biometric patch transmits heart
beat data packets to mobile device


Software interprets data and acts according
to set of predefined events


Event triggers


Low heart rate for a given time


Elevated heart rate for a given time


Dramatic elevation of heart rate over short time


Timeout


Disconnection

Patch Simulator


Developed to duplicate heart beat data
in controllable manner


Key features:


Modular communication protocols to allow
for simple addition of proprietary
communication channel if necessary


Displays summary of key information


Scenario
-
based heart rate modification

State Diagram


State Diagram

State Definitions


Locked State


Nothing done to data, but not
currently available to user


multiple authentication required to unlock device



Safe State


Data is secure, cannot be easily
recovered


Delete Data


Encrypt Data


Secure Delete / Wipe Data



Hard Reset


Device totally wiped, returned to
factory settings

Secure Mobile Computing in Action!


Demonstrate functionality of all elements of
the system

Future Work


Implement Secure Mobile software as
background process


Policy Controls in action unbeknownst to user


Integrate additional biometrics


Respiration


Body Temperature


Optimize and increase robustness of
checkHRChange() algorithm

Special Thanks to…


Dr. Alfred C. Weaver


Andrew Jurik


Paul Bui and Joel Coffman