Context-Aware Approach for enhancing security and privacy of RFID

Size: px
Start display at page:

Download "Context-Aware Approach for enhancing security and privacy of RFID"

Transcription

1 Internatinal Jurnal Of Engineering And Cmputer Science ISSN: Vlume 4 Issue 1 January 2015, Page N Cntext-Aware Apprach fr enhancing security and privacy f RFID Lect. Nisha R. Wartha 1, Prf. Vaishali Lndhe 2 1 Lecturer in Infrmatin Technlgy Department Gvernment Plytechnic, Thane, 2 HOD f Cmputer Engineering Department YadavraTasgankar Institute f Engineering and Technlgy Abstract: RFID systems have increasingly impact n bth public and private dmains. Hwever, due t the inherent weaknesses f underlying wireless radi cmmunicatins, RFID systems are plagued with security and privacy threats. Apprach fr enhancing security and privacy in certain RFID applicatins lcatin-related infrmatin can serve as a legitimate access cntext. Examples f these applicatins include access cards, credit cards, and ther payment tkens. T defend against unauthrized reading and relay attacks, such cntext infrmatin can be leveraged in tw ways. First, cntextual infrmatin can be used t design cntext-aware selective unlcking mechanisms s that tags can selectively respnd t reader interrgatins and thus minimize unauthrized reading and ghst-and-leech relay attacks. Secnd, cntextual infrmatin can be used as a basis fr cntext-aware secure transactin verificatin that allws a bank server t decide whether t apprve r deny a payment transactin and detect a specific type f relay attack invlving malicius readers. Keywrds: RFID, relay attacks, cntext recgnitin, security and privacy, unauthrized reading. 1. INTRODUCTION Radi Frequency Identificatin (RFID) is a wireless cmmunicatin technlgy fr autmated identificatin f bject and peple. An RFID tag is a small micrchip designed fr wireless data transmissin. RFID enables identificatin frm a distance withut requiring a line f sight.a typicalrfid system usually cnsists f tags, readers and/r back-end servers. Tags, als called transpnders, are miniaturized wireless radi devices that stre infrmatin abut their crrespnding subject. Such infrmatin is usually sensitive and persnal identifiable. Fr example, a US e-passprt stres the name, natinality, date f birth, digital phtgraph, and (ptinally) fingerprint f its wner [11]. Other examples f these applicatins include access cards, tll cards, credit cards, and ther payment tkens. We shw that lcatin awareness can be used by bth tags and back-end servers fr defending against unauthrized reading and relay attacks n RFID systems. On the tag side, we design a lcatin-aware selective unlcking mechanism using which tags can selectively respnd t reader interrgatins rather than ding s prmiscuusly. On the server side, we design a lcatin-aware secure transactin verificatin scheme that allws a bank server t decide whether t apprve r deny a payment transactin and detect a specific type f relay attack invlving malicius readers. Readers, als knwn as interrgatrs, bradcasts queries t tags in their radi transmissin ranges fr infrmatin cntained in tags and tags reply with such infrmatin. The queried infrmatin is thensent t the server (which may c-exist with the reader) fr further prcessing and the prcessing result is used t perfrm prper actins (such as updating inventry, pening gate, charging tll r apprving payment). Figure. 1.1: RFID system cmpnents. Due t the inherent weaknesses f underlying wireless radi cmmunicatin, RFID systems are plagued with a wide variety f security and privacy threats [12]. A large number f these threats are due t the tag s prmiscuus respnse t any reader requests. This renders sensitive tag infrmatin easily subject t unauthrized reading [13]. Infrmatin (might simply be a plain identifier) gleaned frm a RFID tag can be used t track the wner f the tag, r be utilized t clne the tag s that an adversary can impersnate the tag s wner [12]. Prmiscuus respnse als incites different types f relay attacks. One class f these attacks is referred t as ghst-andleech [14]. In this attack, an adversary, called a ghst, Nisha R. Wartha, IJECS Vlume 4 Issue 1 January, 2015 Page N Page 10078

2 relays the infrmatin surreptitiusly read frm a legitimate RFID tag t a clluding entity knwn as a leech. The leech can then relay the received infrmatin t a crrespnding legitimate reader and vice versa in the ther directin. This way a ghst and leech pair can succeed in impersnating a legitimate RFID tag withut actually pssessing the device. A mre severe frm f relay attacks, usually against payment cards, is called reader-and-leech ; it invlves a malicius reader using which the wner intends t make a transactin [15]. In this attack, the malicius reader, serving the rle f a ghst and clluding with the leech, can fl the wner f the card int apprving a transactin which she did nt intend t make (e.g., paying fr a diamnd purchase made by the adversary while the wner nly intending t pay fr fd). We nte that addressing this prblem requires secure transactin verificatin, i.e., validatin that the tag is indeed authrizing the intended payment amunt. The feasibility f executing relay attacks has been demnstrated n many RFID deplyments, including the Chip-and-PIN credit card system [15], RFID-assisted vting system [16], and keyless entry and start car key system [6]. With the increasingly ubiquitus deplyment f RFID applicatins, there is a pressing need fr the develpment f security primitives and prtcls t defeat unauthrized reading and relay attacks. Hwever, prviding security and privacy services fr RFID tags presents a unique and frmidable set f challenges. The inherent difficulty stems partially frm the cnstraints f RFID tags in terms f cmputatin, memry and pwer, and partially frm the unusual usability requirements impsed by RFID applicatins (riginally geared fr autmatin). Cnsequently, slutins designed fr RFID systems need t satisfy the requirements f the underlying RFID applicatins in terms f efficiency, usability and security. PRIOR WORK :- Due t the inherent weaknesses f underlying wireless radi cmmunicatin, RFID systems are plagued with a wide variety f security and privacy threats. A large number f these threats are due t the tag s prmiscuus respnse t any reader requests. This renders sensitive tag infrmatin easily subject t unauthrized reading. Infrmatin(mightsimplybea plain identifier) gleaned frm a RFID tag can be used t track the wner f the tag, r be utilized t clne the tag s that an adversary can impersnate the tag s wner. 1) Hardware-Based Selective Unlcking These include: Blcker Tag [19], RFID Enhancer Prxy [20] RFID Guardian [29], and Vibrate-t-Unlck [34]. All f these appraches, hwever, require the users t carry an auxiliary device (a blcker tag in [19], a mbile phne in [34], and a PDA like special-purpse RFID-enabled device in [20], [29]). Such an auxiliary device may nt be available at the time f accessing RFID tags, and users may nt be willing t always carry these devices. A Faraday cage can als be used t prevent an RFID tag frm respnding prmiscuusly by shielding its transmissin. Hwever, a special-purpse cage (a fil envelpe r a wallet) wuld be needed and the tag wuld need t be remved frm the cage in rder t be read. 2) Cryptgraphic Prtcls Cryptgraphic reader-t-tag authenticatin prtcls culd als be used t defend against unauthrized reading. Hwever, due t their cmputatinal cmplexity and high bandwidth requirements, many f these prtcls were still unwrkable even n high-end tags as f 2006 [18]. There has been a grwing interest in the research cm-munity t design lightweight cryptgraphic mechanisms (e.g., [10], [21]). Hwever, these prtcls usually require shared key(s) between tags and readers, which is nt an ptin in sme applicatins. 3) Distance Bunding Prtcls These prtcls have been used t stp relay attacks [8]. A distance bunding prtcl is a cryptgraphic challengerespnse authenticatin prtcl which allws the verifier t measure an upper-bund f its distance frm the prver [3]. (We stress that traditinal ``nn-distance-bunding'' cryptgraphic authenticatin prtcls are cmpletely ineffective in defending against relay attacks.) Using this prtcl, a valid RFID reader can verify whether the valid tag is within a clse prximity thereby detecting ghst-and-leech and reader-and-ghst relay attacks [8]. The upper-bund calculated by an RF distance bunding prtcl, hw-ever, is very sensitive t respnse time delay, as even a light delay (a few nansecnds) may result in a significant errr in distance bunding. Therefre, even XOR- r cmparisn-based distance bunding prtcls [3] are nt suitable fr RF distance bunding since simply signal cnversin and mdulatin can lead t significant delays. A recent prtcl eliminated the need fr signal mdulatin and instead utilized signal reflectin and channel selectin, achieving a prcessing time f less than 1 ns at the prver side [28]. Hwever, the prtcl requires specialized hardware at the prver side fr channel selectin. This renders existing prtcls currently infeasible fr even high-end RFID tags. 2. LITERATURE SERVEY In Cntext-Aware Defenses t RFID Unauthrized Reading and Relay Attacks Tzipra Halevi, Hayu Li prpses the use f cyber-physical interfaces, n-bard tag sensrs, t (autmatically) acquire useful cntextual infrmatin abut the tag's envirnment (r its wner, r the tag itself). First, such cntext recgnitin is leveraged fr the purpse f selective tag unlcking the tag will respnd selectively t reader interrgatins. In particular, nvel mechanisms based n an wner's psture recgnitin are presented. Secnd, cntext recgnitin is used as a basis fr transactin verificatin in rder t prvide prtectin against a severe frm f relay attacks invlving malicius RFID readers.a new mechanism is develped that can determine the prximity between a valid tag and a valid reader by crrelating certain (specifically audi) sensr data extracted frm the tw devices. The evaluatin f the prpsed mechanisms demnstrates their feasibility in significantly raising the bar against RFID attacks. Mr. A. Bharath Kumar and O. Anushareprts in Lcatin-Aware and Safer Cards: Enhancing RFID Security and Privacy via Lcatin Sensing n a new apprach fr enhancing security and privacy in certain RFID applicatins whereby lcatin r lcatin-related infrmatin (such as speed) can serve as a legitimate access cntext. They shw that lcatin awareness can be used by bth tags and back-end servers fr defending against unauthrized reading and relay attacks n RFID systems.the premise f their wrk is a current technlgical advancement that can enable RFID tags with lw-cst lcatin (GPS) sensing capabilities. Unlike prir research n this subject, ur defenses d nt rely n auxiliary devices r require any explicit user invlvement. In An Enhanced Digital Campus Security System Using RFID, GPS, GSM A.Ashk Kumar, Nisha R. Wartha, IJECS Vlume 4 Issue 1 January, 2015 Page N Page 10079

3 P.Swapnadesigned and implemented a Digital Campus Security System (DCST) base n the RFID, GPS and GSM netwrk. DCST reads the RFID tags and sends infrmatin t lpc2148.prcessr gives alerts thrugh GSM netwrk. If any invalid RFID (Thief) infrmatin cmes int mbile they get the real-time tracking fr valuables. Where the thief arrives anyne access cntrl nde, it wuld be blcked. User can als manage its wn valuables such as lending and recvery peratin thrugh the web manager centre. Di Ma and Nitesh Saxena prpses a nvel research directin in A Cntext-Aware Apprach t Defend Against Unauthrized Reading and Relay Attacks in RFID Systems, that utilizes sensing technlgies, t tackle the prblems f unauthrized reading and relay attacks with a gal f recnciling the requirements f efficiency, security, and usability. The premise f the prpsed wrk is based n a current technlgical advancement that enables many RFID tags with lw-cst sensing capabilities. Zhashun Wang, Hngsng Chen, Xiali Huang investigate the pssible privacy and security threats t RFID systems, and cnsider whether previusly prpsed RFID prtcls address these threats. We have reviewed the privacy, security, and perfrmance requirements fr RFID prtcls. At the same time, we cmpare the security mechanism fr RFID security. It is very useful t design and issue the RFID related prtcl and standard.this survey examines appraches prpsed by scientists fr privacy prtectin and integrity assurance in RFID systems, and treats the scial and technical cntext in Research fr Threats and Security in Rfid Infrmatin System.. 3. PRPOSED SYSTEM In an attempt t address the drawbacks f prir research, this paper prpses a nvel research directin, ne that utilizes sensing technlgies, t address unauthrized reading and relay attacks in RFID systems. The premise f the prpsed wrk is based n a current technlgical advancement that enables many RFID tags with lw-cst sensing capabilities. Varius types f sensrs have been incrprated t many RFID tags. Intel s Wireless Identificatin and Sensing Platfrm (WISP) is a representative example f a sensr-enabled tag which extends RFID beynd simple identificatin t in-depth sensing. This new generatin f RFID devices can facilitate numerus prmising applicatins fr ubiquitus sensing and cmputatin. They als suggest new ways f prviding security and privacy services by leveraging the unique prperties f physical envirnment r physical status f the tag (r its wner). In this paper, we specifically fcus n the design f cntext-aware security primitives and prtcls by utilizing sensing technlgies s as t prvide imprved prtectin against unauthrized reading and relay attacks. The physical envirnment ffers a rich set f attributes that are unique in space, time, and t individual bjects. These attributes such as temperature, sund, light, acceleratin r magnetic field reflect either the current cnditin f a tag s surrunding envirnment r the cnditin f the tag (r its wner) itself. A sensr-enabled RFID tag can acquire useful cntextual infrmatin abut its envirnment (r its wner, r the tag itself). Such cntextual infrmatin can be leveraged in tw ways: First, cntextual infrmatin can be used t design cntext-aware selective unlcking mechanisms s that tags can selectively respnd t reader interrgatins. That is, rather than respnding prmiscuusly t queries frm any readers, a tag can leverage upn cntext recgnitin and will nly cmmunicate when it makes sense t d s, thus raising the bar even fr sphisticated adversaries withut affecting the RFID usage mdel, i.e., withut impsing additinal user burden. Fr example, an ffice building access card, equipped with a lcatin sensr, can remain lcked unless it is near the (fixed) entrance f the building. The fllwing selective unlcking mechanisms will be explred as (i) magnetic-field triggered prximity sensing, (ii) psture recgnitin, and (iii) lcatin sensing and lcatin classificatin. Secnd, cntextual infrmatin can be used as a basis fr cntext-aware secure transactin verificatin t defend against special relay attacks invlving malicius readers. Fr example, a bank server will deny a $2000 transactin when it detects the tag (RFID credit card) is currently lcated in a restaurant where a nrmal transactin is usually less than $200. The fllwing tw cntext-aware secure transactin verificatin schemes will be explred as: (i) numeric digit-based speech recgnitin, and (ii) lcatin sensing and lcatin classificatin. The design f cntext recgnitin fr RFID tags pses several challenges. First, the resurce cnstraints f RFID tags hamper the cmplexity f the algrithms that can be used t judge what activity a tag is currently underging. Anther bstacle is the lack f ways in which users can interact with their tags. RFID tags, being geared fr autmatin, were designed t be astransparent as pssible t their users, and as such lack any input r utput interfaces such as buttns and displays. Mrever, many users are typically nt in direct cntact with their tags because they prefer t keep them inside ther bjects, such as wallets r purses [36]. Fr example, it is a cmmn practice t swipe ne s wallet cntaining the tag against the reader rather than taking the tag ut frm the wallet and directly swiping the tag. We nte the prpsed apprach may nt prvide abslute security due t the pssibility f errrs assciated with cntext recgnitin; hwever, it raises the bar even fr sphisticated adversaries withut affecting the RFID usage mdel. In additin, althugh the prpsed techniques can wrk in a stand-alne fashin, they can als be used with ther security mechanisms, such as cryptgraphic-based schemes, t prvide strnger crss-layer security prtectin accrding t different security needs in varius applicatins. Mrever, many f the prpsed ideas and techniques will be applicable in the realm f ther wireless (r wired) devices equipped with sensrs. Because sensrs serve as a bridge between the physical and the digital wrld, the prpsed sensing-centric mechanisms will be instrumental twards prviding dependability, security and privacy fr cmplex Cyber- Physical Systems. 4.METHDOLOGY CONTEXT-AWARE SELECTIVE UNLOCKING The traditinal selective unlcking techniques require special-purpse hardware and/r explicit user invlvement, bth greatly decrease the usability and acceptability f such slutins. T remedy this, we prpse selective unlcking schemes based n cntext recgnitin, fcusing nt nly n security and privacy, but als n usability. Belw first review tw recent wrks n selective unlcking based n cntext Nisha R. Wartha, IJECS Vlume 4 Issue 1 January, 2015 Page N Page 10080

4 recgnitin and discuss their merits and demerits. Next utline pssible selective unlcking mechanisms based n cnventinal sensrs such as accelermeter, magnetmeter (cmpass), and lcatin sensrs. Fr each mechanism, discussed assciated design challenges and als suggest specific applicatin(s) that culd benefit frm it Previus Recent Wrk Secret Handshakes is a recently prpsed interesting selective unlcking methd that is based n cntext inference [36]. In rder t unlck an accelermeter-equipped RFID tag [32, 39] using Secret Handshakes, a user must mve r shake the tag (r its cntainer) in a particular pattern. A number f unlcking patterns were studied and shwn t exhibit lw errr rates [36]. A central drawback t Secret Handshakes, hwever, is that a unique mvement pattern is required fr each tag t be unlcked. This requires subtle changes t the expected RFID usage mdelwhile a standard, insecure RFID setup nly requires users t bring their RFID tags within range f a reader.. Figure 4.1: Example f secret handshake/activatin scheme. Bth images shw the alpha (α) mtin per-frmed with the card in frnt f the reader. In the left image, numbers indicate sequence f card psitins acrss reader with time. In the right image, arrws shw hw the card mves acrss the reader with time. Figure 4.2: Example secret handshake/activatin scheme. In this image demnstrates the 1.5-wave gesture. Keeping in mind the gal f nt incrprating any usage mdel changes, Mtin Detectin [40] has been prpsed by us as anther selective unlcking scheme. In Mtin Detectin, a tag wuld respnd nly when it is in mtin, instead f ding s prmiscuusly. In ther wrds, if the device is still, it remains silent. This apprach hinges n the straightfrward bservatin that accessing a persnal mbile RFID tag fundamentally invlves mving it in sme manner (e.g., swiping an access card in frnt f the reader). Althugh Mtin Detectin des nt require any changes t the traditinal usage mdel and raise the bar required fr sme cmmn attacks t succeed, it is nt capable f discerning whether the device in mtin is due t a particular gesture r because its wner is in mtin. Hence, the false unlcking rate f this apprach is high, meaning there is a high chance that a tag gets unlcked when it actually shuld have been lcked. In the fllwing, we utline several new cntext-aware selective unlcking mechanisms which (1) have bth lw false lcking and false unlcking rates, and (2) d nt necessitate any change t the current usage mdel Selective Unlcking based n Prximity Sensing Using this mechanism, a tag gets unlcked whenever it detects it is near a reader. The requirement fr tag and reader being near is cmmn in mst RFID applicatins. Fr example, while making a payment, a user typically needs t bring his/her cntactless credit card (r its cntainer) clser t the reader fr transactin prcessing. This requirement can therefre serve as an effective means t establish a valid cntext. One pssible way f prximity sensing is thrugh scalar magnetmeters that measure the ttal strength f the magnetic field they are subjected t. Mre specifically, a magnet wuld be attached t the reader, and when the tag is brught clse t the reader, the tag s n-bard magnetmeter wuld sense the magnetic field and the tag wuld get unlcked if the strength f the magnetic field is abve sme pre-defined threshld. If an adversary intends t unlck a tag, it cansimply be in very clse prximity f the tag, just like a valid reader. Hwever, being near, increases the chances f the challenger being detected. T remain secret, the challenger is therefre frced t generate a strnger magnetic field frm an undetectable distance. Our preliminary investigatin shws this attack des nt seem feasible. We als nte that irn and steel can cause shielding effects n magnetic fields. Other materials such as wd, Plexiglas, Styrfam, brass, cpper, aluminum, leather r paper have almst n effect n shielding magnetic fields. This means that a magnetmeter can wrk even when encased in many bjects, such as wallets, purses r backpacks. This suggests that a magnetmeter-equipped tag wuld nt need t be remved frm its cntainer while accessing the tag Selective Unlcking based n Psture Recgnitin Secret Handshakes described is based n gesture recgnitin. T unlck an accelermeter-enabled tag, a user has t mve the tag in a special pattern - gesture. Hence Secret Handshakes is btrusive and requires explicit user invlvement, which is nt cnvenient in a frequent use and reduces the usability f such apprach. This mtivates the need fr study psture recgnitin t achieve nn-btrusive selective unlcking that des nt require user invlvement. We liberally use psture t dente activities perfrmed by users withut special intentin but can serve as a valid cntext in certain applicatins. One class f such applicatins invlves implanted medical devices (IMDs). Under legitimate IMD access, we can assume that the patient is lying dwn n his r her back. Thus, access t the IMD will be granted nly when the patient s bdy is such a pre-defined unique psture. This will prevent an attacker frm cntrlling the IMD in many cmmn scenaris, such as while standing just behind the patient in public. Since psture frmatins are human activities perfrmed by users uncnsciusly, psture recgnitin can prvide a finer-grained nn-btrusive unlcking mechanism withut purpseful r cnscius user invlvement. Psture recgnitin is similar t gesture recgnitin t a certain extent. Similar t the gesture recgnitin Schemes Nisha R. Wartha, IJECS Vlume 4 Issue 1 January, 2015 Page N Page 10081

5 (like the Secret Handshakes scheme [36] we discussed previusly), in a psture recgnitin scheme, user mvement can be recrded by mtin sensrs such as accelermeters and the captured mtin data is then cmpared with a reference psture template which has been recrded by perfrming the crrespnding mvement in a reference crdinate system. A match between the captured data and the reference template implies that the user has exhibited a certain psture transitin defined by the reference template. Hwever, there is ne primary difference between gesture recgnitin and psture transitin recgnitin, i.e., device tilt. In (hand) gesture recgnitin systems, users are assumed t be aware f their hand activities. S gestures are perfrmed in a mre-r-less cntrlled way withut tilting the tag s that the effect f tilt can be greatly minimized r ignred. Hwever, in psture transitin recgnitin, as we d nt require any explicit user invlvement, the tag, placed inside a human bdy in the frm f an IMD r int the pckets in the frm f a car key, can be tilted due t the mvement f human bdy r the device psitining itself. The reference template is usually cllected in a reference crdinatesystem. Hwever, nce a device is tilted, mvement data cllected frm the device is n lnger in the reference crdinate system and the crrespnding psture will nt be detected crrectly. It is therefre critical t detect the tag s rientatin in rder t rtate the data vectr back t the reference crdinate system fr crrect recgnitin.in rder t ptimize ur algrithms (due t RFID resurce cnstraints), we classify pstures int tw primary types: psture and psture transitin. Psture means a static bdily psitin that a user can maintain fr certain duratin, such as lying, sitting, standing and walking. Psture transitin subsumes different human mvements, such as ``stand-t-sit,'' ``sit-t-stand,'' ``sit-t-lie,'' ``lie-t-sit,'' and s n. Psture transitins capture the dynamics f human mvement and usually nly last fr a shrt duratin. We analyze the features f these tw psture types and realize that mst f the pstures and sme f the psture transitins can be simply detected by measuring directin changes r status changes in sagittal and transverse planes. In case f psture recgnitin, cnsider, fr example, an IMD such as a pacemaker implanted int the patient's chest area equipped with a 3-axes accelermeter. As the IMD is fixed t the human bdy, it remains static relative t the bdy system but has different rientatins in the earth crdinate system (magnetic nrth and gravity) due t human bdy mvement. Thus, we can detect such mvements by simply mnitring its relative rientatin change in the earth crdinate system. Fr example, when the patient is in the ``sitting'' psitin, the Z axis f the accelermeter pints t the sky and the X-Y plane is parallel t the earth surface. When the patient lies dwn, the Z axis nw shuld be parallel t the earth surface while ne f the X r Y axis shuld pint t the sky. Thus, by simply mnitring the change f directins f axes, we can tell whether a patient is lying r nt. We nte that mbile devices als cmmnly use such detectin techniques based n accelermeter axis directin change t perfrm screen rtatin functins. Similarly, the wrk f tracks directin changes f magnetmeter axes during walking. Current systems fr full rientatin estimatin, such as the ne in Apple ipad2, usually use a set f sensr mdalities typically including gyrscpes, accelermeters and magnetmeters t estimate device rientatin. Gyrscpes are used t determine accurately angular changes while the ther sensrs are used t cmpensate the integratin drift f the gyrscpes and keep this estimate drift free. Hwever, a typical gyrscpe requires abut 5 10 times mre pwer than magnetmeter and accelermeter tgether. Mrever, its cmparably larger frm factr als makes gyrscpe nt cmmnly available in a tiny single package MEMS chip. Cnsidering the resurce cnstrained RFID platfrms, it might be necessary t restrict frm using gyrscpes, and instead fcus n using accelermeters and/r magnetmeters fr device rientatin and psture estimatin. As integrated accelermeters and magnetmeters are cmmercially available in tiny packages, an RFID tag with such sensrs can be flat and less btrusive fr the user, which makes them very attractive t be used in IMDs r smart car keys. There exist several attempts t use either accelermeters r magnetmeters; hwever, it has been shwn that neither f the tw sensrs is gd enugh alne t estimate full rientatin. On the ther hand, rientatin estimatin schemes that usebth accelermeters and magnetmeters shw very prmising results Selective Unlcking based n Lcatin Sensing and Lcatin Classificatin Figure 4.3. Lcatin-aware selective unlcking where Lcking is legitimate lcatin (r speed) inf stred n the tag side and Lc GPS is the lcatin inf btained frm nbard GPS upn a reader request. We ntice in quite sme applicatins, (under nrmal circumstances,) tags nly cmmunicate t readers at sme specific lcatins. Fr example, an access card t an ffice building needs t nly respnd t reader queries when it is near the entrance f the building; a credit card shuld nly wrk in authrized retail stres (which may be lcated all ver the wrld); tll cards usually nly cmmunicate with tll readers in certain fixed lcatins and when the car travels at certain speed. Hence, lcatin can serve as a gd means t establish a valid cntext. That is, a tag is unlcked nly when it is in an apprpriate (pre-specified) lcatin. It is suitable fr applicatins where reader lcatin is fixed and well-knwn in advance. Lcatin infrmatin can be easily btained thrugh GPS sensrs. A new tag frm Numerex and Savi Technlgy has been equipped with GPS sensrs and has the ability t cnduct satellite cmmunicatins. Researchers in Oak Ridge Natinal Labratry als wrked with RFID system suppliers in develping new tags by cmbining GPS and envirnmental sensrs. These tags are designed t track gds anywhere within a glbal supply chain. A prerequisite in a lcatin-aware Nisha R. Wartha, IJECS Vlume 4 Issue 1 January, 2015 Page N Page 10082

6 selective unlcking scheme is that a tag needs t stre a list f legitimate lcatins befrehand. Upn each interrgatin frm a reader, the tag gets its current lcatin infrmatin frm its n-bard GPS sensr and cmpares it with the list f legitimate lcatins and decides whether t switch t the unlcked state r nt. Due t limited n-bard strage (WISP has a 8KB f flash memry) and passive nature f tags, the list f legitimate lcatins shuld be kept shrt. Otherwise, testing whether the current lcatin is within the legitimate list may cause unbearable delay and affect the perfrmance f the underlying access system. Mrever, the list f legitimate lcatins shuld nt change a lt since therwise users have t d extra wrk t securely update the list n their tags. S selective unlcking based n pure lcatin infrmatin is mre suitable t be used in applicatins where tags nly need t talk with ne r a few readers, such as building access cards. It may nt be suitable fr credit card applicatins as there is a lng list f legitimate retailer stres, stre clsing and new stre pening happen n a frequent basis. Selective unlcking based n pure lcatin infrmatin presents similar prblems when it is applied t RFID tll systems since a tll card needs t stre a lng list f tll bth lcatins. We ntice vehicles munted with RFID tll tags are usually required t travel at a certain speed when they apprach a tll bth. Fr example, three ut f eight tll lanes n the Prt Authrity s New Jersey-Staten Island Outer Bridge Crssing permit 25 mph speeds fr E-ZPass drivers; the Tappan Zee Bridge tll plaza and New Rchelle plaza, NY has 20mph rll-thrugh speed; Dallas Nrth Tll way has rllthrugh lanes allwing speeds up t 30 mph. Hence speed can be used as a valid cntext t design selective unlcking mechanisms fr tll cards. That is, a tll card remains in a lcked state except when the vehicle is traveling at a designated speed near a tll bth (such as mph in the Dallas Nrth Tll Way case). GPS sensrs can be used t estimate speed either directly frm the instantaneus Dpplerspeed r directly frm psitinal data differences and the crrespnding time differences. One disadvantage with the GPS-based apprach is the reliance n the GPS infrastructure. Thus, selective unlcking wuld require the cnstant accessibility f this infrastructure. Anther disadvantage is ptential delay due t initializatin prcess f GPS receivers. A GPS receiver can have either a cld start r ht start. The ht start ccurs when the GPS device remembers its last calculated psitin and the satellites in view, the almanac (i.e., the infrmatin abut all the satellites in the cnstellatin) used, the UTC Time, and makes an attempt t lck nt the same satellites and calculate a new psitin based upn the previus infrmatin. This is the quickest GPS lck but it nly wrks if the receiver is generally in the same lcatin as it was when the GPS was last turned ff. The cld start is when the GPS device dumps all the infrmatin, attempts t lcate satellites and then calculates a GPS lck. This takes lnger time because there is n knwn r pre-existing infrmatin. The GPS mdule we are currently experimenting with can nrmally acquire a fix frm a cld start in 35 secnds, and acquire a ht-start fix in less than 2 secnds. Fr applicatins which have extremely lw delay tlerance, a strage capacitr can be added t the tag in rder t help the GPS receiver keep running t avid cld start [37]. Anther disadvantage f the GPS-based apprach is that multiple entities may share the same lcatin infrmatin, which might nt be desirable in sme cases. Fr example, the stres at the same place, but n different levels f a shpping mall, can share the same altitude and latitude infrmatin. This mtivates the need t design a lcalized apprach t lcatin sensing,that des nt require any additinal infrastructure besides the RFID. One idea is t make use f (multiple) envirnmental sensrs (such as micrphne, thermmeter, r magnetmeter, and perhaps dr and gas sensrs) as a means t derive the lcatin-specific infrmatin. The intuitin is that the lcalized data gathered by these sensrs is unique per lcatin (r type f lcatin, such as an ffice r a hspital), and thus ne can build a classifier that can assciate this data with a particular lcatin. T justify this, we can cnsider the example f an access card applicatin. The nise, temperature and dr levels, fr instance, and their variatins within a certain timeframe, at the ffice entrance, and at a nearby cafeteria r utside the ffice building are likely t be quite different. Thus, a classifier can be trained t acquire unique features frm sensr data gathered at the ffice entrance building. On every read request (malicius r therwise), the card will test the classifier n current sensr data and get unlcked nly n a psitive classificatin instance. Anther example is that f an implanted medical tag [38], which will nly get unlcked when the classifier detects it t be inside a hspital r a dctr s ffice, which may pssess sme unique sensr extracted features. There exists sme prir research which demnstrates the ptential fr sensr-based lcatin classificatin. Other prir wrk als cnsiders wireless radi receivers t address a similar prblem. A number f challenges need t be addressed in rder t realize the RFID lcatin classificatin apprach, hwever. First, distinct features f envirnmental data (a lcatin fingerprint ) need t be identified, that remains cnstant acrss time, but can be used t uniquely identify a given lcatin (r a lcatin type). Secnd, a simplistic classifier needs t be develped that can be accmmdated within the cnstraints f an RFID tag; traditinal machine learning classifiers may nt be feasible due t their high cmputatinal requirements. Third, the classifier needs t be rbust enugh t be used in practice, with lw classificatin errrs. The lcatin estimatin based apprach may nt be as fine-grained as the GPS apprach. Hwever, we view it as a much simpler alternative, and believe that it can be emplyed t prvide imprved security in the face f many cmmn attacks. CONTEXT-AWARE TRANSACTION VERIFICATION A highly difficult prblem arises in situatins when the reader, with which the tag (r its user) engages in a transactin, itself, is malicius. Fr example, in the cntext f an RFID credit card, a malicius reader can fl the user int apprving fr a transactin whse cst is much mre than what he/she intended t pay. That is, the reader terminal wuld still display the actual (intended) amunt t the user, while the tag will be sent a request fr a higher amunt. Perhaps mre seriusly, such a malicius reader can als cllude with a leech and can succeed in purchasing an item much cstlier than what the user intended t buy [15]. As addressing this prblem requires secure transactin verificatin, i.e., validatin that the tag is indeed authrizing the intended payment amunt. Nte that selective unlcking is ineffective fr this purpse because the tag will anyway be unlcked in the presence f a valid (payment) cntext A display-equipped RFID tag can easily enable secure transactin verificatin. This, hwever, necessitates user invlvement because (1) the tag must be taken ut f ne s wallet r purse, and (2) the amunt displayed n the tag needs t be validated by the user. Distance bunding prtcls have als been suggested as a Nisha R. Wartha, IJECS Vlume 4 Issue 1 January, 2015 Page N Page 10083

Trends and Considerations in Currency Recycle Devices. What is a Currency Recycle Device? November 2003

Trends and Considerations in Currency Recycle Devices. What is a Currency Recycle Device? November 2003 Trends and Cnsideratins in Currency Recycle Devices Nvember 2003 This white paper prvides basic backgrund n currency recycle devices as cmpared t the cmbined features f a currency acceptr device and a

More information

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021 Multi-Year Accessibility Plicy and Plan fr NSF Canada and NSF Internatinal Strategic Registratins Canada Cmpany, 2014-2021 This 2014-21 accessibility plan utlines the plicies and actins that NSF Canada

More information

Flash Padlock. Self-Secured and Host-Independent USB Flash Drive White Paper. April 2007 Prepared by ClevX, LLC for Corsair Memory

Flash Padlock. Self-Secured and Host-Independent USB Flash Drive White Paper. April 2007 Prepared by ClevX, LLC for Corsair Memory Flash Padlck - White Paper Flash Padlck Self-Secured and Hst-Independent USB Flash Drive White Paper April 2007 Prepared by ClevX, LLC fr Crsair Memry 1 INTRODUCTION Millins f USB Flash Drives (UFDs) are

More information

Wireless Light-Level Monitoring

Wireless Light-Level Monitoring Wireless Light-Level Mnitring ILT1000 ILT1000 Applicatin Nte Wireless Light-Level Mnitring 1 Wireless Light-Level Mnitring ILT1000 The affrdability, accessibility, and ease f use f wireless technlgy cmbined

More information

Key Steps for Organizations in Responding to Privacy Breaches

Key Steps for Organizations in Responding to Privacy Breaches Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins

More information

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future The Imprtance Advanced Data Cllectin System Maintenance Berry Drijsen Glbal Service Business Manager WHITE PAPER knwledge t shape yur future The Imprtance Advanced Data Cllectin System Maintenance Cntents

More information

Disk Redundancy (RAID)

Disk Redundancy (RAID) A Primer fr Business Dvana s Primers fr Business series are a set f shrt papers r guides intended fr business decisin makers, wh feel they are being bmbarded with terms and want t understand a cmplex tpic.

More information

Change Management Process

Change Management Process Change Management Prcess B1.10 Change Management Prcess 1. Intrductin This plicy utlines [Yur Cmpany] s apprach t managing change within the rganisatin. All changes in strategy, activities and prcesses

More information

How do I evaluate the quality of my wireless connection?

How do I evaluate the quality of my wireless connection? Hw d I evaluate the quality f my wireless cnnectin? Enterprise Cmputing & Service Management A number f factrs can affect the quality f wireless cnnectins at UCB. These include signal strength, pssible

More information

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the

More information

System Business Continuity Classification

System Business Continuity Classification Business Cntinuity Prcedures Business Impact Analysis (BIA) System Recvery Prcedures (SRP) System Business Cntinuity Classificatin Cre Infrastructure Criticality Levels Critical High Medium Lw Required

More information

Data Protection Act Data security breach management

Data Protection Act Data security breach management Data Prtectin Act Data security breach management The seventh data prtectin principle requires that rganisatins prcessing persnal data take apprpriate measures against unauthrised r unlawful prcessing

More information

Using PayPal Website Payments Pro UK with ProductCart

Using PayPal Website Payments Pro UK with ProductCart Using PayPal Website Payments Pr UK with PrductCart Overview... 2 Abut PayPal Website Payments Pr & Express Checkut... 2 What is Website Payments Pr?... 2 Website Payments Pr and Website Payments Standard...

More information

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1 Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues

More information

First Global Data Corp.

First Global Data Corp. First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First

More information

HEAL-Link Federation Higher Education & Research. Exhibit 2. Technical Specifications & Attribute Specifications

HEAL-Link Federation Higher Education & Research. Exhibit 2. Technical Specifications & Attribute Specifications HEAL-Link Federatin Higher Educatin & Research Exhibit 2 Technical Specificatins & Attribute Specificatins Trust Relatinship Trust relatinship amng the federatin, federatin members and federatin partners

More information

UNIVERSITY OF CALIFORNIA MERCED PERFORMANCE MANAGEMENT GUIDELINES

UNIVERSITY OF CALIFORNIA MERCED PERFORMANCE MANAGEMENT GUIDELINES UNIVERSITY OF CALIFORNIA MERCED PERFORMANCE MANAGEMENT GUIDELINES REFERENCES AND RELATED POLICIES A. UC PPSM 2 -Definitin f Terms B. UC PPSM 12 -Nndiscriminatin in Emplyment C. UC PPSM 14 -Affirmative

More information

Licensing Windows Server 2012 R2 for use with virtualization technologies

Licensing Windows Server 2012 R2 for use with virtualization technologies Vlume Licensing brief Licensing Windws Server 2012 R2 fr use with virtualizatin technlgies (VMware ESX/ESXi, Micrsft System Center 2012 R2 Virtual Machine Manager, and Parallels Virtuzz) Table f Cntents

More information

Licensing Windows Server 2012 for use with virtualization technologies

Licensing Windows Server 2012 for use with virtualization technologies Vlume Licensing brief Licensing Windws Server 2012 fr use with virtualizatin technlgies (VMware ESX/ESXi, Micrsft System Center 2012 Virtual Machine Manager, and Parallels Virtuzz) Table f Cntents This

More information

WHITE PAPER. Vendor Managed Inventory (VMI) is Not Just for A Items

WHITE PAPER. Vendor Managed Inventory (VMI) is Not Just for A Items WHITE PAPER Vendr Managed Inventry (VMI) is Nt Just fr A Items Why it s Critical fr Plumbing Manufacturers t als Manage Whlesalers B & C Items Executive Summary Prven Results fr VMI-managed SKUs*: Stck-uts

More information

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

Rugged RFID. RFID FAQs

Rugged RFID. RFID FAQs Rugged RFID RFID FAQs What is RFID? Radi frequency identificatin, r RFID, is a generic term fr technlgies that use radi waves t autmatically identify peple r bjects. There are several methds f identificatin,

More information

Implementing an electronic document and records management system using SharePoint 7

Implementing an electronic document and records management system using SharePoint 7 Reprt title Agenda item Implementing an electrnic dcument and recrds management system using SharePint 7 Meeting Finance, Prcurement & Prperty Cmmittee 16 June 2008 Date Reprt by Dcument Number Head f

More information

FundingEdge. Guide to Business Cash Advance & Bank Statement Loan Programs

FundingEdge. Guide to Business Cash Advance & Bank Statement Loan Programs Guide t Business Cash Advance & Bank Statement Lan Prgrams Cash Advances: $2,500 - $1,000,000 Business Bank Statement Lans: $5,000 - $500,000 Canada Cash Advances: $5,000 - $500,000 (must have 9 mnths

More information

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department

More information

Personal Data Security Breach Management Policy

Personal Data Security Breach Management Policy Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner

More information

The Importance of Market Research

The Importance of Market Research The Imprtance f Market Research 1. What is market research? Successful businesses have extensive knwledge f their custmers and their cmpetitrs. Market research is the prcess f gathering infrmatin which

More information

WEB APPLICATION SECURITY TESTING

WEB APPLICATION SECURITY TESTING WEB APPLICATION SECURITY TESTING Cpyright 2012 ps_testware 1/7 Intrductin Nwadays every rganizatin faces the threat f attacks n web applicatins. Research shws that mre than half f all data breaches are

More information

Plus500CY Ltd. Statement on Privacy and Cookie Policy

Plus500CY Ltd. Statement on Privacy and Cookie Policy Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and

More information

2. When logging is used, which severity level indicates that a device is unusable?

2. When logging is used, which severity level indicates that a device is unusable? Last updated by Admin at March 3, 2015. 1. What are the mst cmmn syslg messages? thse that ccur when a packet matches a parameter cnditin in an access cntrl list link up and link dwn messages utput messages

More information

Using PayPal Website Payments Pro with ProductCart

Using PayPal Website Payments Pro with ProductCart Using PayPal Website Payments Pr with PrductCart Overview... 2 Abut PayPal Website Payments Pr & Express Checkut... 3 What is Website Payments Pr?... 3 Website Payments Pr and Website Payments Standard...

More information

White Paper for Mobile Workforce Management and Monitoring Copyright 2014 by Patrol-IT Inc. www.patrol-it.com

White Paper for Mobile Workforce Management and Monitoring Copyright 2014 by Patrol-IT Inc. www.patrol-it.com White Paper fr Mbile Wrkfrce Management and Mnitring Cpyright 2014 by Patrl-IT Inc. www.patrl-it.cm White Paper fr Mbile Wrkfrce Management and Mnitring Cpyright 2014 by Patrl-IT Inc. www.patrl-it.cm 2

More information

Ensuring end-to-end protection of video integrity

Ensuring end-to-end protection of video integrity White paper Ensuring end-t-end prtectin f vide integrity Prepared by: Jhn Rasmussen, Senir Technical Prduct Manager, Crprate Business Unit, Milestne Systems Date: May 22, 2015 Milestne Systems Ensuring

More information

System Business Continuity Classification

System Business Continuity Classification System Business Cntinuity Classificatin Business Cntinuity Prcedures Infrmatin System Cntingency Plan (ISCP) Business Impact Analysis (BIA) System Recvery Prcedures (SRP) Cre Infrastructure Criticality

More information

Durango Merchant Services QuickBooks SyncPay

Durango Merchant Services QuickBooks SyncPay Durang Merchant Services QuickBks SyncPay Gateway Plug-In Dcumentatin April 2011 Durang-Direct.cm 866-415-2636-1 - QuickBks Gateway Plug-In Dcumentatin... - 3 - Installatin... - 3 - Initial Setup... -

More information

Mobile Workforce. Improving Productivity, Improving Profitability

Mobile Workforce. Improving Productivity, Improving Profitability Mbile Wrkfrce Imprving Prductivity, Imprving Prfitability White Paper The Business Challenge Between increasing peratinal cst, staff turnver, budget cnstraints and pressure t deliver prducts and services

More information

Data Abstraction Best Practices with Cisco Data Virtualization

Data Abstraction Best Practices with Cisco Data Virtualization White Paper Data Abstractin Best Practices with Cisc Data Virtualizatin Executive Summary Enterprises are seeking ways t imprve their verall prfitability, cut csts, and reduce risk by prviding better access

More information

ONGOING FEEDBACK AND PERFORMANCE MANAGEMENT. A. Principles and Benefits of Ongoing Feedback

ONGOING FEEDBACK AND PERFORMANCE MANAGEMENT. A. Principles and Benefits of Ongoing Feedback ONGOING FEEDBACK AND PERFORMANCE MANAGEMENT A. Principles and Benefits f Onging Feedback While it may seem like an added respnsibility t managers already "full plate," managers that prvide nging feedback

More information

A. Early Case Assessment

A. Early Case Assessment Electrnic Discvery Reference Mdel Standards fr the identificatin f electrnically stred infrmatin in discvery http://www.edrm.net/resurces/standards/identificatin A. Early Case Assessment Once a triggering

More information

Time is Money Profiting from Reduced Cycle Time

Time is Money Profiting from Reduced Cycle Time Time is Mney Prfiting frm Reduced Cycle Time Yur retail custmers are demanding smaller, mre frequent shipments, which increases yur cst-t-serve them. While this makes their inventry mre predictable and

More information

UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. Statement of Thomas F. O Brien. Vice President & Chief Information Officer

UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. Statement of Thomas F. O Brien. Vice President & Chief Information Officer UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Revised Critical Infrastructure Prtectin Reliability Standards Dcket N. RM15-14-000 Statement f Thmas F. O Brien Vice President & Chief Infrmatin

More information

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries Revisin 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries TABLE OF CONTENTS TABLE OF CONTENTS... 1 CALA POLICY

More information

IMT Standards. Standard number A000014. GoA IMT Standards. Effective Date: 2010-09-30 Scheduled Review: 2011-03-30 Last Reviewed: Type: Technical

IMT Standards. Standard number A000014. GoA IMT Standards. Effective Date: 2010-09-30 Scheduled Review: 2011-03-30 Last Reviewed: Type: Technical IMT Standards IMT Standards Oversight Cmmittee Gvernment f Alberta Effective Date: 2010-09-30 Scheduled Review: 2011-03-30 Last Reviewed: Type: Technical Standard number A000014 Electrnic Signature Metadata

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

Licensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite

Licensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite Vlume Licensing brief Licensing the Cre Client Access License (CAL) Suite and Enterprise CAL Suite Table f Cntents This brief applies t all Micrsft Vlume Licensing prgrams. Summary... 1 What s New in This

More information

Knowledge Base Article

Knowledge Base Article Knwledge Base Article Crystal Matrix Interface Cmparisn TCP/IP vs. SDK Cpyright 2008-2012, ISONAS Security Systems All rights reserved Table f Cntents 1: INTRODUCTION... 3 1.1: TCP/IP INTERFACE OVERVIEW:...

More information

Business Intelligence represents a fundamental shift in the purpose, objective and use of information

Business Intelligence represents a fundamental shift in the purpose, objective and use of information Overview f BI and rle f DW in BI Business Intelligence & Why is it ppular? Business Intelligence Steps Business Intelligence Cycle Example Scenaris State f Business Intelligence Business Intelligence Tls

More information

Best Practices for Optimizing Performance and Availability in Virtual Infrastructures

Best Practices for Optimizing Performance and Availability in Virtual Infrastructures Best Practices fr Optimizing Perfrmance and Availability in Virtual Infrastructures www.nimsft.cm Best Practices fr Optimizing Perfrmance and Availability in Virtual Infrastructures PAGE 2 Table f Cntents

More information

IT Account and Access Procedure

IT Account and Access Procedure IT Accunt and Access Prcedure Revisin Histry Versin Date Editr Nature f Change 1.0 3/23/06 Kelly Matt Initial Release Table f Cntents 1.0 Overview... 1 2.0 Purpse... 1 3.0 Scpe... 1 4.0 Passwrds... 1 4.1

More information

expertise hp services valupack consulting description security review service for Linux

expertise hp services valupack consulting description security review service for Linux expertise hp services valupack cnsulting descriptin security review service fr Linux Cpyright services prvided, infrmatin is prtected under cpyright by Hewlett-Packard Cmpany Unpublished Wrk -- ALL RIGHTS

More information

RECONCILIATION OF FUNDS

RECONCILIATION OF FUNDS RECONCILIATION OF FUNDS ROLES Departmental Staff f Interest Accuntants Office Managers Business Managers Prgram Assistants OVERVIEW S why d we need t recncile? Gd general business practices determine that

More information

edoc Lite Recruitment Guidelines

edoc Lite Recruitment Guidelines edc Lite Recruitment Guidelines Intrductin OneStart & the Academic Psitin Search Channel edc Lite Ruting and Wrkgrups Ruting Actin List Ruting Cntrls Wrkgrups Dcument Search edc Lite Dcuments Vacancy Ntice

More information

Defining Sales Campaign Automation How e-mail, the Killer App, is best applied to marketing

Defining Sales Campaign Automation How e-mail, the Killer App, is best applied to marketing Defining Sales Campaign Autmatin Hw e-mail, the Killer App, is best applied t marketing Summary: Cmpanies tday are steadily adpting strategies and technlgies t reach prspects, custmers, and partners thrugh

More information

Accident Investigation

Accident Investigation Accident Investigatin APPLICABLE STANDARD: 1960.29 EMPLOYEES AFFECTED: All emplyees WHAT IS IT? Accident investigatin is the prcess f determining the rt causes f accidents, n-the-jb injuries, prperty damage,

More information

This report provides Members with an update on of the financial performance of the Corporation s managed IS service contract with Agilisys Ltd.

This report provides Members with an update on of the financial performance of the Corporation s managed IS service contract with Agilisys Ltd. Cmmittee: Date(s): Infrmatin Systems Sub Cmmittee 11 th March 2015 Subject: Agilisys Managed Service Financial Reprt Reprt f: Chamberlain Summary Public Fr Infrmatin This reprt prvides Members with an

More information

Service Desk Self Service Overview

Service Desk Self Service Overview Tday s Date: 08/28/2008 Effective Date: 09/01/2008 Systems Invlved: Audience: Tpics in this Jb Aid: Backgrund: Service Desk Service Desk Self Service Overview All Service Desk Self Service Overview Service

More information

CMS Eligibility Requirements Checklist for MSSP ACO Participation

CMS Eligibility Requirements Checklist for MSSP ACO Participation ATTACHMENT 1 CMS Eligibility Requirements Checklist fr MSSP ACO Participatin 1. General Eligibility Requirements ACO participants wrk tgether t manage and crdinate care fr Medicare fee-fr-service beneficiaries.

More information

HarePoint HelpDesk for SharePoint. For SharePoint Server 2010, SharePoint Foundation 2010. User Guide

HarePoint HelpDesk for SharePoint. For SharePoint Server 2010, SharePoint Foundation 2010. User Guide HarePint HelpDesk fr SharePint Fr SharePint Server 2010, SharePint Fundatin 2010 User Guide Prduct versin: 14.1.0 04/10/2013 2 Intrductin HarePint.Cm (This Page Intentinally Left Blank ) Table f Cntents

More information

TRAINING GUIDE. Crystal Reports for Work

TRAINING GUIDE. Crystal Reports for Work TRAINING GUIDE Crystal Reprts fr Wrk Crystal Reprts fr Wrk Orders This guide ges ver particular steps and challenges in created reprts fr wrk rders. Mst f the fllwing items can be issues fund in creating

More information

Avaya Business Continuity Plan Overview

Avaya Business Continuity Plan Overview Avaya Business Cntinuity Plan Overview 1 Crprate Business Cntinuity Prgram Mdel at Avaya At Avaya the versight f the Business Cntinuity Prgram belngs t the Crprate Business Cntinuity Management Team. This

More information

Copyrights and Trademarks

Copyrights and Trademarks Cpyrights and Trademarks Sage One Accunting Cnversin Manual 1 Cpyrights and Trademarks Cpyrights and Trademarks Cpyrights and Trademarks Cpyright 2002-2014 by Us. We hereby acknwledge the cpyrights and

More information

In addition to assisting with the disaster planning process, it is hoped this document will also::

In addition to assisting with the disaster planning process, it is hoped this document will also:: First Step f a Disaster Recver Analysis: Knwing What Yu Have and Hw t Get t it Ntes abut using this dcument: This free tl is ffered as a guide and starting pint. It is des nt cver all pssible business

More information

Why Can t Johnny Encrypt? A Usability Evaluation of PGP 5.0 Alma Whitten and J.D. Tygar

Why Can t Johnny Encrypt? A Usability Evaluation of PGP 5.0 Alma Whitten and J.D. Tygar Class Ntes: February 2, 2006 Tpic: User Testing II Lecturer: Jeremy Hyland Scribe: Rachel Shipman Why Can t Jhnny Encrypt? A Usability Evaluatin f PGP 5.0 Alma Whitten and J.D. Tygar This article has three

More information

Montana Acquisition & Contracting System (emacs) emacs Handbook. Vendor Registration and Data Management

Montana Acquisition & Contracting System (emacs) emacs Handbook. Vendor Registration and Data Management Mntana Acquisitin & Cntracting System (emacs) emacs Handbk Vendr Registratin and Data Management Welcme The purpse f this emacs Handbk fr Vendr Registratin and Data Management is t prvide vendrs with the

More information

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin

More information

POLISH STANDARDS ON HEALTH AND SAFETY AS A TOOL FOR IMPLEMENTING REQUIREMENTS OF THE EUROPEAN DIRECTIVES INTO THE PRACTICE OF ENTERPRISES

POLISH STANDARDS ON HEALTH AND SAFETY AS A TOOL FOR IMPLEMENTING REQUIREMENTS OF THE EUROPEAN DIRECTIVES INTO THE PRACTICE OF ENTERPRISES POLISH STANDARDS ON HEALTH AND SAFETY AS A TOOL FOR IMPLEMENTING REQUIREMENTS OF THE EUROPEAN DIRECTIVES INTO THE PRACTICE OF ENTERPRISES M. PĘCIŁŁO Central Institute fr Labur Prtectin ul. Czerniakwska

More information

BYOD Strategies: Chapter 2

BYOD Strategies: Chapter 2 Limitatins f the Walled Garden This is the secnd part in a series designed t help rganizatins develp their BYOD (bring-yur-wn-device) strategies fr persnally-wned smartphnes and tablets in the enterprise.

More information

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant

More information

PRIVACY POLICY Last revised: April 2015

PRIVACY POLICY Last revised: April 2015 PRIVACY POLICY Last revised: April 2015 ACD, LLC, and its affiliates (cllectively, we, us, ur ) understand that privacy is imprtant t ur cnsumers and want yu t make knwledgeable decisins abut the infrmatin

More information

Completing the CMDB Circle: Asset Management with Barcode Scanning

Completing the CMDB Circle: Asset Management with Barcode Scanning Cmpleting the CMDB Circle: Asset Management with Barcde Scanning WHITE PAPER The Value f Barcding Tday, barcdes are n just abut everything manufactured and are used fr asset tracking and identificatin

More information

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy. Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive

More information

Integrate Marketing Automation, Lead Management and CRM

Integrate Marketing Automation, Lead Management and CRM Clsing the Lp: Integrate Marketing Autmatin, Lead Management and CRM Circular thinking fr marketers 1 (866) 372-9431 www.clickpintsftware.cm Clsing the Lp: Integrate Marketing Autmatin, Lead Management

More information

Serv-U Distributed Architecture Guide

Serv-U Distributed Architecture Guide Serv-U Distributed Architecture Guide Hrizntal Scaling and Applicatin Tiering fr High Availability, Security, and Perfrmance Serv-U Distributed Architecture Guide v14.0.1.0 Page 1 f 16 Intrductin Serv-U

More information

Succession Planning & Leadership Development: Your Utility s Bridge to the Future

Succession Planning & Leadership Development: Your Utility s Bridge to the Future Successin Planning & Leadership Develpment: Yur Utility s Bridge t the Future Richard L. Gerstberger, P.E. TAP Resurce Develpment Grup, Inc. 4625 West 32 nd Ave Denver, CO 80212 ABSTRACT A few years ag,

More information

Data Protection Policy & Procedure

Data Protection Policy & Procedure Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015

More information

In connection with the SEC's Money Market Reform proposal, DST Systems, Inc. respectfully submits our comments for your consideration.

In connection with the SEC's Money Market Reform proposal, DST Systems, Inc. respectfully submits our comments for your consideration. DST September 18, 2013 Ms. Elizabeth M. Murphy Secretary Securities and Exchange Cmmissin 100 F. Street, NE Washingtn, DC 20549-1090 Subject: Mney Market Fund Refrm, File# 57-03-13 Dear Ms. Murphy: In

More information

HIPAA HITECH ACT Compliance, Review and Training Services

HIPAA HITECH ACT Compliance, Review and Training Services Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical

More information

PAYMENT GATEWAY ACCOUNT SETUP FORM

PAYMENT GATEWAY ACCOUNT SETUP FORM PAYMENT GATEWAY ACCOUNT SETUP FORM Thank yu fr chsing us fr yur e-cmmerce transactin needs. CyberSurce develps, perates and markets payment transactin prcessing services, as well as a hst f value-adding

More information

Dec. 2012. Transportation Management System. An Alternative Traffic Solution for the Logistics Professionals

Dec. 2012. Transportation Management System. An Alternative Traffic Solution for the Logistics Professionals Dec. 2012 Transprtatin Management System An Alternative Traffic Slutin fr the Lgistics Prfessinals What is a TMS-Lite system? What are the features and capabilities f a TMS-Lite system? Why chse a TMS-Lite

More information

Electronic Signatures Overview

Electronic Signatures Overview White Paper Electrnic Signatures Overview Versin 1.0 Last Updated: 20-09-2010 www.sutisft.cm Histry f Electrnic Signatures Over 100 years ag, peple were using Mrse cde and the telegraph t electrnically

More information

Internet and E-Mail Policy User s Guide

Internet and E-Mail Policy User s Guide Internet and E-Mail Plicy User s Guide Versin 2.2 supprting partnership in mental health Internet and E-Mail Plicy User s Guide Ver. 2.2-1/5 Intrductin Health and Scial Care requires a great deal f cmmunicatin

More information

QBT - Making business travel simple

QBT - Making business travel simple QBT - Making business travel simple In business travel, cmplexity csts. S, we ffer less f it. We adpt the latest technlgy and make it simple, transparent and highly persnal. S yu get mre f what yu need

More information

Mobilizing Healthcare Staff with Cloud Services

Mobilizing Healthcare Staff with Cloud Services Mbilizing Healthcare Staff with Clud Services Published May 2012 Mbile Technlgies are changing hw healthcare staff delivers care. With new pwerful integrated slutins available fr the healthcare staff,

More information

Fixed vs. Variable Interest Rates

Fixed vs. Variable Interest Rates Fixed vs. Variable Interest Rates Understanding the Advantages and Disadvantages f Each Rate Type When shpping fr financial prducts, there are a lt f factrs t cnsider. Much has changed in the financial

More information

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014 State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)

More information

Implementing SQL Manage Quick Guide

Implementing SQL Manage Quick Guide Implementing SQL Manage Quick Guide The purpse f this dcument is t guide yu thrugh the quick prcess f implementing SQL Manage n SQL Server databases. SQL Manage is a ttal management slutin fr Micrsft SQL

More information

Session 9 : Information Security and Risk

Session 9 : Information Security and Risk INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin

More information

March 1, 2012. VIA E-mail to fcs-scf@fin.gc.ca

March 1, 2012. VIA E-mail to fcs-scf@fin.gc.ca March 1, 2012 VIA E-mail t fcs-scf@fin.gc.ca Ms. Leah Andersn Directr, Financial Sectr Divisin Department f Finance L Esplanade Laurier 20 th Flr, East Twer 140 O Cnnr Street Ottawa, ON K1A 0G5 Dear Ms.

More information

Electronic Data Interchange (EDI) Requirements

Electronic Data Interchange (EDI) Requirements Electrnic Data Interchange (EDI) Requirements 1.0 Overview 1.1 EDI Definitin 1.2 General Infrmatin 1.3 Third Party Prviders 1.4 EDI Purchase Order (850) 1.5 EDI PO Change Request (860) 1.6 Advance Shipment

More information

DTO Advice Note. Mobility Management Plans

DTO Advice Note. Mobility Management Plans DUBLIN TRANSPORTATION OFFICE PREAMBLE s what and why are they? The s are intended as guidance fr Lcal Authrities and thers invlved in land use planning and develpment in the Greater Dublin Area. The need

More information

Merchant Processes and Procedures

Merchant Processes and Procedures Merchant Prcesses and Prcedures Table f Cntents EXHIBIT C 1. MERCHANT INTRODUCTION TO T-CHEK 3 1.1 Wh is T-Chek Systems? 3 1.2 Hw t Cntact T-Chek Systems 3 1.3 Hw t Recgnize T-Chek Frms f Payment 3 1.3.1

More information

Access to the Ashworth College Online Library service is free and provided upon enrollment. To access ProQuest:

Access to the Ashworth College Online Library service is free and provided upon enrollment. To access ProQuest: PrQuest Accessing PrQuest Access t the Ashwrth Cllege Online Library service is free and prvided upn enrllment. T access PrQuest: 1. G t http://www.ashwrthcllege.edu/student/resurces/enterlibrary.html

More information

The Cost Benefits of the Cloud are More About Real Estate Than IT

The Cost Benefits of the Cloud are More About Real Estate Than IT y The Cst Benefits f the Clud are Mre Abut Real Estate Than IT #$#%&'()*( An Osterman Research Executive Brief Published December 2010 "#$#%&'()*( Osterman Research, Inc. P.O. Bx 1058 Black Diamnd, Washingtn

More information

ITU-T IdMFG Framework Work Group

ITU-T IdMFG Framework Work Group ITU-T IdMFG Framewrk Wrk Grup Internatinal Telecmmunicatin Unin 1 Evlutin f Identity Management Presence (Inference frm vide cameras, RFID sensrs, etc.) Implicit Bimetrics (Key strkes, vice, face) Transparent

More information

CCHIIM ICD-10 Continuing Education Requirements for AHIMA Certified Professionals (& Frequently Asked Questions for Recertification)

CCHIIM ICD-10 Continuing Education Requirements for AHIMA Certified Professionals (& Frequently Asked Questions for Recertification) CCHIIM ICD-10 Cntinuing Educatin Requirements fr AHIMA Certified Prfessinals (& Frequently Asked Questins fr Recertificatin) The transitin t ICD-10-CM and ICD-10-PCS is anticipated t imprve the capture

More information

Best Practice - Pentaho BA for High Availability

Best Practice - Pentaho BA for High Availability Best Practice - Pentah BA fr High Availability This page intentinally left blank. Cntents Overview... 1 Pentah Server High Availability Intrductin... 2 Prerequisites... 3 Pint Each Server t Same Database

More information

Project Startup Report Presented to the IT Committee June 26, 2012

Project Startup Report Presented to the IT Committee June 26, 2012 Prject Name: SOS File 2.0 Agency: Secretary f State Business Unit/Prgram Area: Secretary f State Prject Spnsr: Al Jaeger Prject Manager: Beverly Maitland Prject Startup Reprt Presented t the IT Cmmittee

More information