Security from Location
Author: Di Qiu
Publisher: Stanford University
Published: 2009
Total Pages: 176
ISBN-13:
DOWNLOAD EBOOKThe emergence of the Internet and personal computers has led to an age of unprecedented information access. The proliferation of Internet connectivity, personal computers, and portable, high density data storage has put volumes of data at one's fingertips. While the spread of such technology has increased efficiency and knowledge, it has also made information theft easier and more damaging. One common expression of information theft is a data storage disk or equipment containing sensitive or valuable information. For example, the U.K. government lost computer disks that contain personal information on almost half of the country's population. The information includes names, addresses, insurance numbers, bank account details, etc. These emerging problems have made the field of information security grow significantly in recent years. This thesis develops a new means to provide more protection against information loss, named geo-security or location-based security. This new technology is well suited to help mitigate the above described data loss scenario. Precise location and time information can be used to restrict access of the system or equipment at certain locations and time frames. This study bridges the two fields of navigation and security, and provides experimental support for the concept using location information for security. This thesis designs a theoretical framework that provides a general analysis of geo-security, and quantifies the reliability and security of a geo-security system. The qualitative part of this analysis includes navigation signal definition, system design, performance standards, threat model and attack scenarios, and mitigation of the threats/attacks. The quantitative part of this analysis measures and quantifies location-dependent navigation parameters based on information theory, and evaluates the consistency, spatial decorrelation, and entropy of these parameters for a variety of relevant navigation systems. Next, this thesis demonstrates geo-security using Long Range Navigation (Loran) and Wi-Fi as case studies. Experiments were conducted to evaluate the performance based on the designed framework. They illustrate the trade space between permitting access to authorized users and denying access to attackers. Finally, error-tolerant algorithms, named fuzzy extractors, are developed to improve the availability and reliability of location-based security systems given the constraints of real-world navigation systems and signal propagation characteristics.