Authentication

As passive tagging technologies like RFID become more economical and ubiquitous, it can be envisioned that in the future, millions of sensors integrated with these tags could become an integral part of the next generation of smart infrastructure and the overall concept of internet-of-things. As a result, securing these passive assets against data theft and counterfeiting would become a priority, reinforcing the importance of the proposed dynamic authentication techniques.

The U.S. electric grid is being transformed from a one-way channel delivering electricity from central power plants to customers at set prices, toward a distributed grid with two-way flows of information and electricity and dynamic distributed markets. The benefits of creating distributed markets for electricity are potentially great. Consumers can participate as buyers and sellers in these markets, utilities can reduce costly peak electricity load and risk of outages, and firms can be rewarded for innovation.

Common smartphone authentication mechanisms such as PINs, graphical passwords, and fingerprint scans offer limited security. They are relatively easy to guess or spoof, and are ineffective when the smartphone is captured after the user has logged in. Multi-modal active authentication addresses these challenges by frequently and unobtrusively authenticating the user via behavioral biometric signals, such as touchscreen interaction, hand movements, gait, voice, and phone location.

This project for Wearable Authentication Solutions for Ubiquitous and Personal Touch-Enabled Devices (WASUP) studies and designs models and techniques to identify, authenticate, and audit touches on touch-sensing devices using a small wearable token. The token, such as a bracelet or ring, embeds a security code in the capacitive touch signature of a user, which is detected with the existing capacitive sensors used in many touch screens. This offers a number of distinct and desirable properties. First, the code is clearly associated with a touch, even if multiple potential users are nearby.

The cellular network is the largest wireless infrastructure deployed today. It offers users mobile Internet access and carrier-grade voice service. Each such service (e.g., data or voice) typically involves operations on both data and control planes. The former transfers service content to users, whereas the latter performs control functions of service instantiation, maintenance, update, and termination. Securing control and data planes is thus critical to mobile network service.