Building RFID Applications with Security and Privacy

Size: px
Start display at page:

Download "Building RFID Applications with Security and Privacy"

Transcription

1 Building RFID Applications with Security and Privacy Kevin Fu Assistant Professor Department of Computer Science University of Massachusetts at Amherst, USA Computer Science 1

2 What s special about security? Computer Science 2

3 Correctness is easy. Computer Science Building Secure RFID Systems 3

4 Correctness is easy. Security is hard. Computer Science Building Secure RFID Systems 3

5 Building RFID with Security & Privacy Privacy in public transportation An RFID toolkit for academics Principles of secure computer systems Computer Science Building Secure RFID Systems 4

6 RFID Security and Public Transportation 5

7 RFID Security and Public Transportation 5

8 What data are vulnerable? Computer Science Building Secure RFID Systems 6

9 Who knows your travel information? Computer Science Building Secure RFID Systems 7

10 Who knows your travel information? Transit Authority Computer Science Building Secure RFID Systems 7

11 Who knows your travel information? Law Enforcement Computer Science Building Secure RFID Systems 7

12 Who knows your travel information? That weird guy sitting across from you!? Computer Science Building Secure RFID Systems 7

13 8

14 9

15 Sony VAIO w/ RFID reader FeliCa Port 10

16 11

17 What data are vulnerable? Computer Science Building Secure RFID Systems 12

18 Unique card ID (not shown) What data are vulnerable? Computer Science Building Secure RFID Systems 12

19 Unique card ID (not shown) Current Balance What data are vulnerable? Computer Science Building Secure RFID Systems 12

20 Unique card ID (not shown) Current Balance What data are vulnerable? Beginning Balance Computer Science Building Secure RFID Systems 12

21 Unique card ID (not shown) Current Balance Entrance and exit date and station What data are vulnerable? Beginning Balance Computer Science Building Secure RFID Systems 12

22 Unique card ID (not shown) Current Balance Entrance and exit date and station Merchandise purchase What data are vulnerable? Beginning Balance Computer Science Building Secure RFID Systems 12

23 An architecture for public transit Computer Science Building Secure RFID Systems 13

24 An architecture for public transit Computer Science Building Secure RFID Systems 13

25 An architecture for public transit Computer Science Building Secure RFID Systems 13

26 An architecture for public transit Computer Science Building Secure RFID Systems 13

27 An architecture for public transit Computer Science Building Secure RFID Systems 13

28 How often does this happen? Computer Science Building Secure RFID Systems 14

29 How often does this happen? I propose a new RFID security protocol! Computer Science Building Secure RFID Systems 14

30 How often does this happen? Here is a Big-O analysis of the running time. Look, it s wonderful. It makes everything taste better. I propose a new RFID security protocol! Computer Science Building Secure RFID Systems 14

31 How often does this happen? Here is a Big-O analysis of the running time. Look, it s wonderful. It makes everything taste better. I propose a new RFID security protocol! Build! Then we can measure. Computer Science Building Secure RFID Systems 14

32 An RFID Software Toolkit 14443B toolkit (13.56Mhz) Trace analysis enables rapid prototyping Interface with oscilloscope allows emulation and debugging Computer Science Building Secure RFID Systems 15

33 The Gumstix Computer Science Building Secure RFID Systems 16

34 Breakout Board for GPIOs Etherstix Board Computer Science Building Secure RFID Systems 17

35 Computer Science Building Secure RFID Systems 18

36 Computer Science Building Secure RFID Systems 19

37 20

38 Principles for Secure Computer Systems Based on: Fredrick Brooks, Jerome Saltzer, Mike Schroeder, Butler Lampson, Frans Kaashoek, and the cumulative wisdom of many others 21

39 Incommensurate Scaling 22

40 Credit: Dawnrazor 23

41 Credit: Colin/Hotbox Designs 24

42 Credit: Colin/Hotbox Designs 24

43 Second System Effect 25

44 Credit: NYTimes 26

45 First system: 1. Put an ID number on a product Credit: RFID Journal 27

46 First system: Second system: 1. Put an ID number on a product Credit: RFID Journal 27

47 First system: 1. Put an ID Second system: 1. Kill function number on a product Credit: RFID Journal 27

48 First system: 1. Put an ID number on a Second system: 1. Kill function 2. Crypto product Credit: RFID Journal 27

49 First system: 1. Put an ID number on a product Second system: 1. Kill function 2. Crypto 3. RW Storage Credit: RFID Journal 27

50 First system: 1. Put an ID number on a product Second system: 1. Kill function 2. Crypto 3. RW Storage 4. Computation Credit: RFID Journal 27

51 First system: 1. Put an ID number on a product Second system: 1. Kill function 2. Crypto 3. RW Storage 4. Computation 5. Operating System Credit: RFID Journal 27

52 First system: 1. Put an ID number on a product Second system: 1. Kill function 2. Crypto 3. RW Storage 4. Computation 5. Operating System 6. Mobile Phone Credit: RFID Journal 27

53 First system: 1. Put an ID number on a product Second system: 1. Kill function 2. Crypto 3. RW Storage 4. Computation 5. Operating System 6. Mobile Phone 7. Shared Tags Credit: RFID Journal 27

54 First system: 1. Put an ID number on a product Second system: 1. Kill function 2. Crypto 3. RW Storage 4. Computation 5. Operating System 6. Mobile Phone 7. Shared Tags 8. Key Management Credit: RFID Journal 27

55 First system: 1. Put an ID number on a product Second system: 1. Kill function 2. Crypto 3. RW Storage 4. Computation 5. Operating System 6. Mobile Phone 7. Shared Tags 8. Key Management Credit: RFID Journal 9. Untrusted Infrastructure 27

56 First system: 1. Put an ID number on a product Second system: 1. Kill function 2. Crypto 3. RW Storage 4. Computation 5. Operating System 6. Mobile Phone 7. Shared Tags 8. Key Management Credit: RFID Journal 9. Untrusted Infrastructure 10. Online Databases 27

57 First system: 1. Put an ID number on a product Second system: 1. Kill function 2. Crypto 3. RW Storage 4. Computation 5. Operating System 6. Mobile Phone 7. Shared Tags 8. Key Management Credit: RFID Journal 9. Untrusted Infrastructure 10. Online Databases... 27

58 First system: 1. Put an ID number on a product Second system: 1. Kill function 2. Crypto 3. RW Storage Danger! 4. Computation 5. Operating System Second System 6. Mobile Phone Effect! 7. Shared Tags 8. Key Management Credit: RFID Journal 9. Untrusted Infrastructure 10. Online Databases... 27

59 Open Design Principle 28

60 Credit: softwar.net 29

61 30

62 Design for the User: Usable Security 31

63 Credit: MGH 32

64 Hospital Bracelet? 33

65 Be Explicit 34

66 How Big is Your Trusted Computing Base? Big Things I Trust: Readers, Tag Bearers, Things within 10cm, the network, operating systems, data on tags, user input, a cryptographic key, an online database, public key infrastructure, revocation lists, data brokers,... 35

67 How Big is Your Trusted Computing Base? Big Things I Trust: Readers, Tag Bearers, Things within 10cm, the network, operating systems, data on tags, user input, a cryptographic key, an online database, public key infrastructure, revocation lists, data brokers,... Manageable Things I Trust: A key 35

68 36

69 End-to-End Argument Saltzer, Reed, Clark (1981) Whenever possible, communications protocol operations should be defined at the end-points of a communication system, or as close as possible to the resource being controlled. Computer Science Building Secure RFID Systems 37

70 End-to-End Argument Saltzer, Reed, Clark (1981) Whenever possible, communications protocol operations should be defined at the end-points of a communication system, or as close as possible to the resource being controlled. Secure tag to reader? Secure tag to database? Secure reader to reader? Find your end points. Or you might implement an expensive approach. Computer Science Building Secure RFID Systems 37

71 Principle of Least Privilege Immediate Feedback End-to-End Incommensurate Scaling Minimize Secrets Simplify Principles for Secure Systems Second System Effect Be Explicit Open Design Principle Design for the User 38

72 Humility If you think you have a completely secure system, you are doomed. 39

73 Expect the Unexpected 40

74 The perfect system is not. 41

75 Computer Science at UMass/Amherst 43 faculty, ~230 graduate students, ~300 undergraduate students Computer Science 42

76 RFID Security at UMass Amherst Graduate Students Faculty and affiliates Computer Science Building Secure RFID Systems 43

CSE598k / CSE545 Advanced Network Security

CSE598k / CSE545 Advanced Network Security CSE598k / CSE545 Advanced Network Security Lecture 1 - Introduction Prof. Patrick McDaniel Systems and Internet Infrastructure Security Laboratory (SIIS) 1 Oops... 2 Network Security No really good definition,

More information

Workshop Highlights: Mass. Integrated Transportation Payments Security and Privacy

Workshop Highlights: Mass. Integrated Transportation Payments Security and Privacy Workshop Highlights: Mass. Integrated Transportation Payments Security and Privacy http://www.ecs.umass.edu/umass_itps_workshop/ UMass President s Science & Technology Initiative UMass Amherst + UMass

More information

RFID Payment Card Vulnerabilities Technical Report

RFID Payment Card Vulnerabilities Technical Report RFID Payment Card Vulnerabilities Technical Report Thomas S. Heydt-Benjamin 1, Daniel V. Bailey 2, Kevin Fu 1, Ari Juels 2, and Tom O'Hare 3 Abstract 1: University of Massachusetts at Amherst {tshb, kevinfu}@cs.umass.edu

More information

NFC. Technical Overview. Release r05

NFC. Technical Overview. Release r05 Release r05 Trademarks The Bluetooth word mark and logos are owned by the Bluetooth SIG, Inc. and any use of such marks by Stollmann E+V GmbH is under license. Other trademarks and trade names are those

More information

CNT5410 - Computer and Network Security Review/Wrapup

CNT5410 - Computer and Network Security Review/Wrapup CNT5410 - Computer and Network Security Review/Wrapup Professor Kevin Butler Fall 2015 Review What did we talk about this semester? Cryptography secret vs public-key key exchange (Diffie-Hellman) symmetric

More information

BroadSAFE Enhanced IP Phone Networks

BroadSAFE Enhanced IP Phone Networks White Paper BroadSAFE Enhanced IP Phone Networks Secure VoIP Using the Broadcom BCM11xx IP Phone Technology September 2005 Executive Summary Voice over Internet Protocol (VoIP) enables telephone calls

More information

Security Characteristics of Cryptographic Mobility Solutions

Security Characteristics of Cryptographic Mobility Solutions Security Characteristics of Cryptographic Mobility Solutions Dr. Sarbari Gupta Electrosoft Services Tel: (703)757-9096 sarbari@electrosoft-inc.com http://www.electrosoft-inc.com Agenda What is a Cryptographic

More information

Security within a development lifecycle. Enhancing product security through development process improvement

Security within a development lifecycle. Enhancing product security through development process improvement Security within a development lifecycle Enhancing product security through development process improvement Who I am Working within a QA environment, with a focus on security for 10 years Primarily web

More information

Smokey: A User-Based Distributed Firewall System

Smokey: A User-Based Distributed Firewall System Smokey: A User-Based Distributed Firewall System Rachel Rubin Department of Computer Science University of California, Berkeley Berkeley, CA 94704 rrubin@cs.berkeley.edu Abstract Traditional intranets

More information

CS 4803 Computer and Network Security

CS 4803 Computer and Network Security Access to general objects CS 4803 Computer and Network Security Memory protection is only one example Need a way to protect more general objects Before we begin, some design principles Alexandra (Sasha)

More information

NFC Testing. Near Field Communication Research Lab Hagenberg. Gerald Madlmayr. NFC Research Lab, Hagenberg. E-Smart 2008, Sophia Antipolis

NFC Testing. Near Field Communication Research Lab Hagenberg. Gerald Madlmayr. NFC Research Lab, Hagenberg. E-Smart 2008, Sophia Antipolis NFC Testing Gerald Madlmayr NFC, E-Smart 2008, Sophia Antipolis 1 NFC Research Topics Software: Contactless Applications and Infrastructure Hardware: Testing & Interoperability Security Usability Founded

More information

Kevin Fu Associate Professor Security & Privacy Research Lab UMass Amherst Computer Science http://spqr.cs.umass.edu/

Kevin Fu Associate Professor Security & Privacy Research Lab UMass Amherst Computer Science http://spqr.cs.umass.edu/ Security and Privacy for Implantable Medical Devices Kevin Fu Associate Professor Security & Privacy Research Lab UMass Amherst Computer Science http://spqr.cs.umass.edu/ SRC/NSF/SFI Forum on Integrated

More information

OVAL+TPM. A Case Study in Enterprise Trusted Computing. Ariel Segall. June 21, 2011

OVAL+TPM. A Case Study in Enterprise Trusted Computing. Ariel Segall. June 21, 2011 OVAL+TPM A Case Study in Enterprise Trusted Computing Ariel Segall June 21, 2011 Approved for Public Release: 11-0144. Distribution Unlimited. c 2011. All Rights Reserved. (1/15) Motivation Goal: Demonstrate

More information

Allwin Initiative for Corporate Citizenship Dartmouth Center for the Advancement of Learning Dickey Center Ethics Institute Institute for Security

Allwin Initiative for Corporate Citizenship Dartmouth Center for the Advancement of Learning Dickey Center Ethics Institute Institute for Security Allwin Initiative for Corporate Citizenship Dartmouth Center for the Advancement of Learning Dickey Center Ethics Institute Institute for Security Technology Studies Leslie Center Rockefeller Center Tucker

More information

www.siemens.com / gridsecurity Cyber Security Global solutions for energy automation Answers for infrastructure and cities.

www.siemens.com / gridsecurity Cyber Security Global solutions for energy automation Answers for infrastructure and cities. www.siemens.com / gridsecurity Cyber Security Global solutions for energy automation Answers for infrastructure and cities. Cyber Security: Security from the very start More and more, we are networking

More information

Business through Mobile Phone initiated Near Field Communication

Business through Mobile Phone initiated Near Field Communication Business through Mobile Phone initiated Near Field Communication Josef Noll 1, Juan Carlos Lopez Calvet, Telenor R&D,, N-1331 Fornebu josef@unik.no, juan.calvet@telenor.com 1 from 1.6.2005 Prof. stip.

More information

Security and Privacy of Wireless Implantable Medical Devices

Security and Privacy of Wireless Implantable Medical Devices Security and Privacy of Wireless Implantable Medical Devices Security Forum 2013 Hagenberg, 17.04.2013 Dipl.-Ing. Dr. Gregor Koenig Outlook Overview Device Hacking Safety & Utility Goals Security & Privacy

More information

RFID Security: Threats, solutions and open challenges

RFID Security: Threats, solutions and open challenges RFID Security: Threats, solutions and open challenges Bruno Crispo Vrije Universiteit Amsterdam crispo@cs.vu.nl 1 Table of Content RFID technology and applications Security Issues Privacy Proposed (partial)

More information

50 ways to break RFID privacy

50 ways to break RFID privacy 50 ways to break RFID privacy Ton van Deursen 1 University of Luxembourg ton.vandeursen@uni.lu 1 Financial support received from the Fonds National de la Recherche (Luxembourg). RFID privacy 1 / 40 Outline

More information

Cyber Security. Global solutions for energy automation. Benefit from certified products, system solutions. www.siemens.

Cyber Security. Global solutions for energy automation. Benefit from certified products, system solutions. www.siemens. Benefit from certified products, system solutions Cyber Security Global solutions for energy automation WIB Certification www.siemens.com/gridsecurity Cyber Security: Security from the very start More

More information

RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark April 10, 2006 Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark 1 Outline What is RFID RFID usage Security threats Threat examples Protection Schemes for

More information

Using RFID Techniques for a Universal Identification Device

Using RFID Techniques for a Universal Identification Device Using RFID Techniques for a Universal Identification Device Roman Zharinov, Ulia Trifonova, Alexey Gorin Saint-Petersburg State University of Aerospace Instrumentation Saint-Petersburg, Russia {roman,

More information

Time recording with the Terminal B-web 93 00

Time recording with the Terminal B-web 93 00 Time recording with the Terminal B-web 93 00 Elegant design with innovative usability concept In pursuit of perfection «Perfection is achieved, not when there is nothing more to add, but when there is

More information

Advanced Social Media Measurement Tools and Resources List. By Karen Clark

Advanced Social Media Measurement Tools and Resources List. By Karen Clark Advanced Social Media Measurement Tools and Resources List By Karen Clark 2 ADVANCED SOCIAL MEDIA MEASUREMENT TOOLS AND RESOURCES LIST About Your Instructor 3 ADVANCED SOCIAL MEDIA MEASUREMENT TOOLS AND

More information

Peer-to-peer Cooperative Backup System

Peer-to-peer Cooperative Backup System Peer-to-peer Cooperative Backup System Sameh Elnikety Mark Lillibridge Mike Burrows Rice University Compaq SRC Microsoft Research Abstract This paper presents the design and implementation of a novel backup

More information

E L E C T R O N I C V E H I C L E R E G I S T R A T I O N S Y S T E M. data management

E L E C T R O N I C V E H I C L E R E G I S T R A T I O N S Y S T E M. data management E L E C T R O N I C V E H I C L E R E G I S T R A T I O N S Y S T E M data management Information storage mechanism on vehicles registration into data base Various connection options are shown on Pic.1

More information

Criteria for web application security check. Version 2015.1

Criteria for web application security check. Version 2015.1 Criteria for web application security check Version 2015.1 i Content Introduction... iii ISC- P- 001 ISC- P- 001.1 ISC- P- 001.2 ISC- P- 001.3 ISC- P- 001.4 ISC- P- 001.5 ISC- P- 001.6 ISC- P- 001.7 ISC-

More information

Appendix H Software Development Plan Template

Appendix H Software Development Plan Template Appendix H Software Development Plan Template Version 2 March 7, 2005 This page is intentionally left blank. Version 2 March 7, 2005 Title Page Document Control Panel Table of Contents List of Acronyms

More information

What Do We Really Mean By Security for RFID

What Do We Really Mean By Security for RFID What Do We Really Mean By Security for RFID And How Much Is Enough? March 26, 2008 SecureRF at a glance RFID tag and reader security development and consulting to protect Pharmaceutical Supply Chain and

More information

Privacy and Security in library RFID Issues, Practices and Architecture

Privacy and Security in library RFID Issues, Practices and Architecture Privacy and Security in library RFID Issues, Practices and Architecture David Molnar and David Wagner University of California, Berkeley CCS '04 October 2004 Overview Motivation RFID Background Library

More information

RFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project

RFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project RFID Security and Privacy: A Research Survey Vincent Naessens Studiedag Rabbit project RFID Security and Privacy: A Research Survey 1. Introduction 2. Security and privacy problems 3. Basic RFID tags 4.

More information

Office of the Provost

Office of the Provost Office of the Provost Change to an Existing Degree Program Form Proposed Change to an Existing Degree: Academic Components Please answer all relevant questions below. Consultation with the appropriate

More information

WebEx Security Overview Security Documentation

WebEx Security Overview Security Documentation WebEx Security Overview Security Documentation 8/1/2003: WebEx Communications Inc. WebEx Security Overview WebEx Security Overview Introduction WebEx Communications, Inc. provides real-time communication

More information

Enabling the secure use of RFID

Enabling the secure use of RFID Enabling the secure use of RFID BLACK ME/FOTOLIA.com Enhancing security of radio frequency identification to connect safely to the Internet of Things UHF radio frequency identification (RFID) promises

More information

Strengthen RFID Tags Security Using New Data Structure

Strengthen RFID Tags Security Using New Data Structure International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University

More information

Information Security Group Active-client based identity management

Information Security Group Active-client based identity management Active-client based identity management Chris Mitchell Royal Holloway, University of London www.chrismitchell.net 1 Acknowledgements This is joint work with Haitham Al-Sinani, also of Royal Holloway. 2

More information

UNCLASSIFIED Version 1.0 May 2012

UNCLASSIFIED Version 1.0 May 2012 Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice

More information

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Module 8. Network Security. Version 2 CSE IIT, Kharagpur Module 8 Network Security Lesson 3 Firewalls Specific Instructional Objectives On completion of this lesson, the students will be able to answer: What a firewall is? What are the design goals of Firewalls

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Aurélien Francillon, Boris Danev, Srdjan Čapkun 1 Modern Cars Evolution Increasing amount of electronics in cars For convenience

More information

Fleet Management Solutions

Fleet Management Solutions RFID FOR FLEET MANAGEMENT TagItalia is main solution provider for Fleet Management services and devices for public and private transport companies. High level automation in procedures can be obtained using

More information

Certified Secure Web Application Secure Development Checklist

Certified Secure Web Application Secure Development Checklist www.certifiedsecure.com info@certifiedsecure.com Tel.: +31 (0)70 310 13 40 Loire 128-A 2491 AJ The Hague The Netherlands About Certified Secure Checklist Certified Secure exists to encourage and fulfill

More information

Principles of Computer Security. Dr George Danezis (g.danezis@ucl.ac.uk)

Principles of Computer Security. Dr George Danezis (g.danezis@ucl.ac.uk) Principles of Computer Security Dr George Danezis (g.danezis@ucl.ac.uk) Why SecAppDev? Learning security on the job is necessary. However, Foundations: Principles. (Today) Access control. Advances: Privacy-friendly

More information

A Secure RFID Ticket System For Public Transport

A Secure RFID Ticket System For Public Transport A Secure RFID Ticket System For Public Transport Kun Peng and Feng Bao Institute for Infocomm Research, Singapore Abstract. A secure RFID ticket system for public transport is proposed in this paper. It

More information

That Point of Sale is a PoS

That Point of Sale is a PoS SESSION ID: HTA-W02 That Point of Sale is a PoS Charles Henderson Vice President Managed Security Testing Trustwave @angus_tx David Byrne Senior Security Associate Bishop Fox Agenda POS Architecture Breach

More information

Towards Trustworthy Clouds

Towards Trustworthy Clouds IBM Research Zurich Christian Cachin 12 September 2013 Towards Trustworthy Clouds 2009 IBM Corporation Cloud computing? 2 Cloud services are convenient No investment cost Pay only for consumption Scalable

More information

RFID Penetration Tests when the truth is stranger than fiction

RFID Penetration Tests when the truth is stranger than fiction RFID Penetration Tests when the truth is stranger than fiction Dr. Tomáš Rosa, tomas.rosa@rb.cz Raiffeisenbank, a.s. Agenda Technology overview Physical layer of LF and HF bands The Unique ID phenomenon

More information

CS 6262 - Network Security: Public Key Infrastructure

CS 6262 - Network Security: Public Key Infrastructure CS 6262 - Network Security: Public Key Infrastructure Professor Patrick Traynor 1/30/13 Meeting Someone New 2 What is a certificate? A certificate makes an association between a user identity/job/ attribute

More information

NFC Near Field Communication

NFC Near Field Communication NFC Near Field Communication Gregor Hohpe 2010 Google, Inc. All rights reserved, Core Technology Passive card powered by radio field 212kbps, 100ms read/write cycle Authentication, data integrity protection

More information

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion By Kerry Maletsky, Business Unit Director Crypto Products Summary There is a growing need for strong hardware security devices

More information

Applying the NFC Secure Element in Mobile Identity Apps. RANDY VANDERHOOF Executive Director Smart Card Alliance

Applying the NFC Secure Element in Mobile Identity Apps. RANDY VANDERHOOF Executive Director Smart Card Alliance Applying the NFC Secure Element in Mobile Identity Apps RANDY VANDERHOOF Executive Director Smart Card Alliance Session ID: MBS - 403 Session Classification: Mobile Security Agenda Agenda topics NFC basics:

More information

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data White Paper PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data Using credit cards to pay for goods and services is a common practice. Credit cards enable easy and

More information

Secure recharge of disposable RFID tickets

Secure recharge of disposable RFID tickets Secure recharge of disposable RFID tickets Riccardo Focardi Flaminia Luccio Università Ca Foscari, Venezia {focardi,luccio}@unive.it FAST 2011 15-16 September 2011, Leuven FAST 2011 ()Secure recharge of

More information

NFC Test Challenges for Mobile Device Developers Presented by: Miguel Angel Guijarro miguel-angel_guijarro@agilent.com

NFC Test Challenges for Mobile Device Developers Presented by: Miguel Angel Guijarro miguel-angel_guijarro@agilent.com NFC Test Challenges for Mobile Device Developers Presented by: Miguel Angel Guijarro miguel-angel_guijarro@agilent.com 1 Outlook About NFC Developing a NFC Device Test Challenges Test Solutions Q&A 2 What

More information

Design Principles for Protection Mechanisms. Security Principles. Economy of Mechanism. Least Privilege. Complete Mediation. Economy of Mechanism (2)

Design Principles for Protection Mechanisms. Security Principles. Economy of Mechanism. Least Privilege. Complete Mediation. Economy of Mechanism (2) Security Principles Design Principles for Protection Mechanisms Security is a system requirement just like performance, capability, cost, etc. Therefore, it may be necessary to trade off certain security

More information

Hacking Crisis Highlights Crypto Chaos

Hacking Crisis Highlights Crypto Chaos TREND ADVISOR: Hacking Crisis Highlights Crypto Chaos Four Data Traffic Security Challenges Exposing Enterprises to Hack Attacks IT departments were battered by a cybersecurity perfect storm in 2014. While

More information

Introduction of Information Security Research Division

Introduction of Information Security Research Division Introduction of Information Security Research Division 2005. 5. 13. Kyo-il Chung, Ph. D. Information Security Infrastructure Research Group Contents Overview - Secure u-it KOREA - Organization of ETRI

More information

Outline. 15-744: Computer Networking. Narrow Waist of the Internet Key to its Success. NSF Future Internet Architecture

Outline. 15-744: Computer Networking. Narrow Waist of the Internet Key to its Success. NSF Future Internet Architecture Outline 15-744: Computer Networking L-15 Future Internet Architecture 2 Motivation and discussion Some proposals: CCN Nebula Mobility First XIA XIA overview AIP Scion 2 NSF Future Internet Architecture

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

TETRA Security for Poland

TETRA Security for Poland TETRA ASSOCIATION TETRA Security for Poland Brian Murgatroyd TETRA ASSOCIATION former Chairman Security and Fraud Prevention Group Warren Systems (SFPG) Independent Security Consultant brian@warrensystems.co.uk

More information

Wireless Security Architecture

Wireless Security Architecture Wireless Security Architecture Saeed Rajput Dept. of Computer Science and Eng. Florida Atlantic University http://www.cse.fau.edu/~saeed Saeed Rajput, 2005 1 Which Security? Link Layer Network Layer Transport

More information

UMHLABUYALINGANA MUNICIPALITY FIREWALL MANAGEMENT POLICY

UMHLABUYALINGANA MUNICIPALITY FIREWALL MANAGEMENT POLICY UMHLABUYALINGANA MUNICIPALITY FIREWALL MANAGEMENT POLICY Firewall Management Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Originator: Recommended by Director

More information

Mandatory Access Control in Linux

Mandatory Access Control in Linux Mandatory Access Control in Linux CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12/ In the early 2000s Root and administrator Many

More information

Firewall Security. Presented by: Daminda Perera

Firewall Security. Presented by: Daminda Perera Firewall Security Presented by: Daminda Perera 1 Firewalls Improve network security Cannot completely eliminate threats and a=acks Responsible for screening traffic entering and/or leaving a computer network

More information

Chapter 2 Addendum (More on Virtualization)

Chapter 2 Addendum (More on Virtualization) Chapter 2 Addendum (More on Virtualization) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ More on Systems Virtualization Type I (bare metal)

More information

advant advanced contactless smart card system

advant advanced contactless smart card system LA-11-001l-en [08.2012] advant advanced contactless smart card system power Fully scalable fully flexible Key applications & standards 2 1 5 The LEGIC advant product line ideally supports the design and

More information

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS Security Engineering Part III Network Security Security Protocols (I): SSL/TLS Juan E. Tapiador jestevez@inf.uc3m.es Department of Computer Science, UC3M Security Engineering 4th year BSc in Computer Science,

More information

ISM/ISC Middleware Module

ISM/ISC Middleware Module ISM/ISC Middleware Module Lecture 13: Security for Middleware Applications Dr Geoff Sharman Visiting Professor in Computer Science Birkbeck College Geoff Sharman Sept 07 Lecture 13 Aims to: 2 Show why

More information

Securing Data on Microsoft SQL Server 2012

Securing Data on Microsoft SQL Server 2012 Securing Data on Microsoft SQL Server 2012 Course 55096 The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary to

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Srdjan Čapkun (joint work with Aurélien Francillon, Boris Danev) 1 Agenda 1. Overview of Car Key Systems 2. Previous Attacks: In

More information

Identity and Access Management: Access Management Survey 1

Identity and Access Management: Access Management Survey 1 Access Management Survey s The Identity and Access Management (IAM) Technical Architect Group (TAG) was formed by Kevin Morooney, the vice provost for information technology at Penn State, in July 2009.

More information

Transport Layer Security Protocols

Transport Layer Security Protocols SSL/TLS 1 Transport Layer Security Protocols Secure Socket Layer (SSL) Originally designed to by Netscape to secure HTTP Version 2 is being replaced by version 3 Subsequently became Internet Standard known

More information

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications 7 th escar Embedded Security in Cars Conference November 24 25, 2009, Düsseldorf Dr.-Ing. Olaf Henniger, Fraunhofer SIT Darmstadt Hervé

More information

Administrative Improvements. Administrative Improvements. Scoping Guidance. Clarifications for Segmentation

Administrative Improvements. Administrative Improvements. Scoping Guidance. Clarifications for Segmentation The PCI DSS Lifecycle 1 The PCI DSS follows a three-year lifecycle PCI DSS 3.0 will be released in November 2013 Optional (but recommended) in 2014; Required in 2015 PCI SSC Community Meeting Update: PCI

More information

Tenable for CyberArk

Tenable for CyberArk HOW-TO GUIDE Tenable for CyberArk Introduction This document describes how to deploy Tenable SecurityCenter and Nessus for integration with CyberArk Enterprise Password Vault. Please email any comments

More information

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions July, 2006 Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked

More information

Certified Secure Web Application Security Test Checklist

Certified Secure Web Application Security Test Checklist www.certifiedsecure.com info@certifiedsecure.com Tel.: +31 (0)70 310 13 40 Loire 128-A 2491 AJ The Hague The Netherlands Certified Secure Checklist About Certified Secure exists to encourage and fulfill

More information

School Management System

School Management System School Management System Company name and address RFIC Technologies 401, green castle, ASM Road Ulsoor,Bangalore, India Contact person : suchitav khadanga suchitav@rficdesign.com, phone: 91-80-25300747

More information

Distributed System Monitoring and Failure Diagnosis using Cooperative Virtual Backdoors

Distributed System Monitoring and Failure Diagnosis using Cooperative Virtual Backdoors Distributed System Monitoring and Failure Diagnosis using Cooperative Virtual Backdoors Benoit Boissinot E.N.S Lyon directed by Christine Morin IRISA/INRIA Rennes Liviu Iftode Rutgers University Phenix

More information

Office of the Provost. Substantive Academic Change to an Existing Degree Program Form

Office of the Provost. Substantive Academic Change to an Existing Degree Program Form Office of the Provost Substantive Academic Change to an Existing Degree Program Form Proposed Substantive Change to an Existing Degree: Academic Components 1. Please describe and provide a rationale for

More information

Privacy Enhanced Active RFID Tag

Privacy Enhanced Active RFID Tag Privacy Enhanced Active RFID Tag Shingo Kinoshita, Miyako Ohkubo, Fumitaka Hoshino, Gembu Morohashi, Osamu Shionoiri, and Atsushi Kanai NTT Information Sharing Platform Laboratories, NTT Corporation 1-1

More information

Large Scale Cloud Forensics

Large Scale Cloud Forensics Large Scale Cloud Forensics Edward L. Haletky AstroArch Consulting, Inc. Sam Curry RSA, The Security Division of EMC Session ID: STAR-302 Session Classification: Advanced Happenstance Lo and Behold Sam

More information

Frequently Asked Questions

Frequently Asked Questions Frequently Asked Questions NFC for Consumers What is NFC? Near Field Communication (NFC) is a short-range wireless connectivity technology standard designed for intuitive, simple, and safe communication

More information

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials. Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials. CHAPTER 5 OBJECTIVES Configure a router with an initial configuration. Use the

More information

INTERNATIONAL JOURNAL OF ADVANCES IN COMPUTING AND INFORMATION TECHNOLOGY An International online open access peer reviewed journal

INTERNATIONAL JOURNAL OF ADVANCES IN COMPUTING AND INFORMATION TECHNOLOGY An International online open access peer reviewed journal INTERNATIONAL JOURNAL OF ADVANCES IN COMPUTING AND INFORMATION TECHNOLOGY An International online open access peer reviewed journal Research Article ISSN 2277 9140 ABSTRACT An e-college Time table Retrieval

More information

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks Decryption Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us

More information

PRETTY EASY PRIVACY 05-2014

PRETTY EASY PRIVACY 05-2014 PRETTY EASY PRIVACY 05-2014 It is called kinko Overview introduction spot the problem building good crypto tools challenges more than tools get involved Snowden 2013......rekindled interest in privacy.

More information

A Secure Email Infrastructure for Computationally Weak Clients

A Secure Email Infrastructure for Computationally Weak Clients A Secure Email Infrastructure for Computationally Weak Clients J. Robert von Behren jrvb@cs.berkeley.edu and ByungHoon Kang hoon@cs.berkeley.edu Abstract: Security in email systems involves computationally

More information

RFID based Bill Generation and Payment through Mobile

RFID based Bill Generation and Payment through Mobile RFID based Bill Generation and Payment through Mobile 1 Swati R.Zope, 2 Prof. Maruti Limkar 1 EXTC Department, Mumbai University Terna college of Engineering,India Abstract Emerging electronic commerce

More information

Sectra Communications ensuring security with flexibility

Sectra Communications ensuring security with flexibility Panthon Sectra Communications ensuring security with flexibility Sectra has more than 30 years of experience in developing secure communications. We know what is required to meet the toughest demands.

More information

PTAC Toolkit for LEAs: Staff Policies and Teacher Access March 24, 2014

PTAC Toolkit for LEAs: Staff Policies and Teacher Access March 24, 2014 PTAC Toolkit for LEAs: Staff Policies and Teacher Access March 24, 2014 Baron Rodriguez, PTAC Director Mike Tassey, PTAC Security Consultant Today s Presentation Toolkit for the school districts overview

More information

MS-55096: Securing Data on Microsoft SQL Server 2012

MS-55096: Securing Data on Microsoft SQL Server 2012 MS-55096: Securing Data on Microsoft SQL Server 2012 Description The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary

More information

TETRA BS Load Generator

TETRA BS Load Generator modern engineering & design The TETRA BS Load Generator developedby fjord-e-design is designed to carry outload tests for TETRA base stations. Thesoftware simulates the traffic caused bythousands of mobile

More information

Context-Aware Role Based Access Control Using User Relationship

Context-Aware Role Based Access Control Using User Relationship International Journal of Computer Theory and Engineering, Vol. 5, No. 3, June 2013 Context-Aware Role Based Access Control Using User Relationship Kangsoo Jung and Seog Park We suggest relationship-based

More information

Kerberos-Based Authentication for OpenStack Cloud Infrastructure as a Service

Kerberos-Based Authentication for OpenStack Cloud Infrastructure as a Service Kerberos-Based Authentication for OpenStack Cloud Infrastructure as a Service Sazzad Masud and Ram Krishnan University of Texas at San Antonio Sazzad.Masud@gmail.com, Ram.Krishnan@utsa.edu Abstract Cloud

More information

Pursue the Possibilities

Pursue the Possibilities Emerging Trends in Retail Technology, Big Data Chad Mead Chief Operating Officer Acuative cmead@acutive.com International Retail User Group Conference May 18-21 2014 Orlando, FL The Definition of Insanity

More information

Build (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation)

Build (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation) It is a well-known fact in computer security that security problems are very often a direct result of software bugs. That leads security researches to pay lots of attention to software engineering. The

More information

AN2866 Application note

AN2866 Application note Application note How to design a 13.56 MHz customized tag antenna Introduction RFID (radio-frequency identification) tags extract all of their power from the reader s field. The tags and reader s antennas

More information