Secure and resilient proximity-based access control

  • Authors:

  • Sunoh Choi;Christopher Gutierrez;Hyo-Sang Lim;Saurabh Bagchi;Elisa Bertino

  • Affiliations:

  • Purdue University, West Lafayette, IN, USA;Purdue University, West Lafayette, IN, USA;Yonsei University, Wonju, South Korea;Purdue University, West Lafayette, IN, USA;Purdue University, West Lafayette, IN, USA

  • Venue:
  • Proceedings of the 2013 international workshop on Data management & analytics for healthcare
  • Year:
  • 2013

Quantified Score

Hi-index 0.00

Visualization

Abstract

The ubiquity of mobile devices has increased the convenience of communication but it has also introduced personal privacy concerns. In the domain of portable medical records, it is vital to provide authentication which protects personal information from unauthorized users who are located out of legitimate regions. To support such location-based authentication, one possible approach in medical systems is exploiting distance-bounding protocols which allow detecting a user's current location to determine whether the user is in trusted physical locations such as a doctor's office. However, sensors that enable distance-bounding protocols are expensive and not widely deployed yet since the required protocols typically need special devices such as devices utilizing ultrasound. To overcome the lack of device deployment, we propose a secure proximity-based access control scheme based on the use of multiple location based service (LBS) devices utilizing Bluetooth which is cheap and already widely used. Furthermore, we provide several ways to prevent various attacks. We report experimental performance results which indicate that access control is executed within 100 ms on Intel i7 processor and in about two seconds on the Android platform. Furthermore, our proposed system achieves communication overhead in O(1) as opposed to digital signatures which grow in O(n).