9.1 Summary and Conclusion
The main goal of this work was to to design solutions using mobile devices that would enhance security in challenging environments, and secondly to design improved authen-tication methods that can be used in both RW and VW scenarios. Security solutions from three RW application areas were proposed, covering a good spread of challenging environments, and then two of these areas were investigated in the VW. A summary of the application areas and use cases now follows.
9.1.1 Application Area: e-Voting
Chapter 4 introduced the Remote e-Voting application area, which has been the subject of extensive academic research. However, schemes which use mobile phones for voting are not easy to find, due to the difficulty in ensuring that the mobile device will process votes in the correct manner (the secure platform problem). Using a phone for voting would have great benefit in areas where it may be dangerous or practically impossible to reach an electoral poll site, for example in remote communities, or due to physical immobility of voters. A “front-end” SCWS generic e-voting model was proposed, and two e-voting schemes, Prˆet `a Voter and Estonian I-voting, were used as examples of its applicability in use cases EV-1 and EV-2 respectively. The solution presented distributed web server functionality to voters’ SIMs, so that there was no central vote-processing web server to target: an attacker would need to compromise many phones to successfully affect the election result. The use of the SIM’s tamper-resistant environment for the storage and processing of sensitive voter credentials also addresses the secure platform problem. Thus the principle of using a ubiquitous device (the phone) with an SCWS application that provides a secure distributed architec-ture for remote e-voting was established. The SCWS voting application protects the e-voting system by making the effort required to attack vote casting prohibitively high.
CONTRIBUTIONS:
EV-1/EV-2: The SCWS was used in a solution that provides tamper resistance and protection against DDoS attacks in remote voting, which was illustrated using e-voting systems Prˆet `a Voter and Estonian I-voting as examples [1] [2].
9.1.2 Application Area: m-Payment
Chapter 5 covered the M-Payment application area, where there are many existing solutions (and corresponding security issues) as discussed in [27].
9.1. Summary and Conclusion 9. Conclusion and Future Work
In use case MP-1, a branchless banking scheme was presented that used PKI-capable SIMs equipped with a SCWS to process withdrawals, deposits and transfers in a secure and user-friendly manner. Even though these specialised SIMs are more expensive than conventional SIMs, this is a cheaper overall solution than setting up physical bank branches. A preliminary security analysis indicated that the security of this proposal is higher than that offered by the most widely used m-payment scheme in the developing world, M-PESA.
All systems present a trade-off between usability and security, and the second use case in this area, MP-2, presented a pragmatic solution where infrastructure constraints limit the security options available. It described how Bitcoin transactions could be made in an area where Internet connectivity is not available, that would enable a charitable organisation to provide humanitarian aid in Bitcoin. The proposal included hosted Bitcoin wallets maintained by the charity, an SMS based mobile payment sys-tem and an OTP token-based two-factor authentication method.
CONTRIBUTIONS:
MP-1: The SCWS and its tightly managed, standardised management protocols were used in a branchless banking application, to provide enhanced security compared to other SIM-based m-Payment schemes, such as M-PESA [3].
MP-2: Access to secure blockchain technology was enabled via an SMS m-payment system, for use by charitable organisations in offline humanitarian aid scenarios [4].
9.1.3 Application Area: Authentication
Chapter 6 discussed Authentication techniques. Use case Auth-1 proposed a Single Sign-On (SSO) solution for disconnected environments by using the tamper-resistant security properties of the SCWS installed in a SIM (SIM-SCWS) with in another SCWS smart card chip (MOD-SCWS) embedded within an electronic assembly. Local authen-tication on the mobile device SIM-SCWS produces a security token that is sent to the MOD-SCWS over local wireless channels communications. The distributed authentica-tion approach avoids a single point of failure i.e. a centralised SSO server, and as seen before, attacks against an individual SCWS are not scalable as they require physical possession of the SIM-SCWS or MOD-SCWS.
In contrast, use case Auth-2 investigated the potential for using depth cameras on a smart phone as sensors for dynamic biometric authentication, using the DTW algorithm to analyse the captured data. As depth camera phones are not currently commercially available, preliminary experiments were done using Kinect and Leap Mo-tion devices to assess the accuracy and practicality of the approach, with promising
9.1. Summary and Conclusion 9. Conclusion and Future Work
results.
CONTRIBUTIONS:
Auth-1: Secure offline authentication in an SSO application was facilitated by using the SCWS (installed in both a SIM and a security module) and near field communications to exchange security tokens [6].
Auth-2: An investigation into the feasibility of using gesture recognition as a two-factor one-step dynamic biometric authentication method was carried out [5, 7, 8].
9.1.4 Application Area: VW Applications
Chapter 7 took two of the previously studied application areas (authentication and e-voting) and applied them to the VW environment as VW Applications. VW-1 again used the SCWS for authentication, but this time in conjunction with OTPs and geolocation to offer security improvements on the current static username/password authentication that is often used for VW login. Use case VW-2 provided secure and private in-world voting by locating code voting processes in a trusted external zone, the TSL: VCLs were sent to the user’s RW mobile phone in order to complete the voting process.
CONTRIBUTIONS:
VW-1: Authentication of online log-in to VWs was enhanced using the SCWS, geolo-cation and OTP processes [9].
VW-2: Privacy was introduced into a VW e-voting application via knowledge fragmen-tation across four distinct zones, using a mobile phone to receive security information over a second channel i.e. the MNO network [10].
9.1.5 SCWS Solutions
The SCWS was used in five of the solutions presented: the main strength of using the SCWS is that it uses standardised hardware, protocols and communications to protect sensitive information, without the need for specialised equipment and phone applica-tions. By storing security information on the tamper-resistant SIM, local authentication can be done by the SCWS without communicating credentials across a network. Us-ing existUs-ing tamper-resistant hardware (the SIM) with standardised features (SCWS) along with the MNO’s FAP (via HTTPs), means that sensitive information can be protected at all times. The security of these standardised elements has been