Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 30 of 30
Full-Text Articles in Physical Sciences and Mathematics
Thaw Publications, Carl Landwehr, David Kotz
Thaw Publications, Carl Landwehr, David Kotz
Computer Science Technical Reports
In 2013, the National Science Foundation's Secure and Trustworthy Cyberspace program awarded a Frontier grant to a consortium of four institutions, led by Dartmouth College, to enable trustworthy cybersystems for health and wellness. As of this writing, the Trustworthy Health and Wellness (THaW) project's bibliography includes more than 130 significant publications produced with support from the THaW grant; these publications document the progress made on many fronts by the THaW research team. The collection includes dissertations, theses, journal papers, conference papers, workshop contributions and more. The bibliography is organized as a Zotero library, which provides ready access to citation materials …
Using Vibrations From A Smartring As An Out-Of-Band Channel For Sharing Secret Keys, Sougata Sen, Varun Mishra, David Kotz
Using Vibrations From A Smartring As An Out-Of-Band Channel For Sharing Secret Keys, Sougata Sen, Varun Mishra, David Kotz
Dartmouth Scholarship
With the rapid growth in the number of Internet of Things (IoT) devices with wireless communication capabilities, and sensitive information collection capabilities, it is becoming increasingly necessary to ensure that these devices communicate securely with only authorized devices. A major requirement of this secure communication is to ensure that both the devices share a secret, which can be used for secure pairing and encrypted communication. Manually imparting this secret to these devices becomes an unnecessary overhead, especially when the device interaction is transient. In this work, we empirically investigate the possibility of using an out-of-band communication channel – vibration, generated …
Workshop On Emerging Technology And Data Analytics For Behavioral Health, David Kotz, Sarah E. Lord, A. James O'Malley, Luke Stark, Lisa Marsch
Workshop On Emerging Technology And Data Analytics For Behavioral Health, David Kotz, Sarah E. Lord, A. James O'Malley, Luke Stark, Lisa Marsch
Dartmouth Scholarship
Wearable and portable digital devices can support self-monitoring for patients with chronic medical conditions, individuals seeking to reduce stress, and people seeking to modify health-related behaviors such as substance use or overeating. The resulting data may be used directly by a consumer, or shared with a clinician for treatment, a caregiver for assistance, or a health coach for support. The data can also be used by researchers to develop and evaluate just-in-time interventions that leverage mobile technology to help individuals manage their symptoms and behavior in real time and as needed. Such wearable systems have huge potential for promoting delivery …
Nocloud: Experimenting With Network Disconnection By Design, Reza Rawassizadeh, Timothy Pierson, Ronald Peterson, David Kotz
Nocloud: Experimenting With Network Disconnection By Design, Reza Rawassizadeh, Timothy Pierson, Ronald Peterson, David Kotz
Dartmouth Scholarship
Application developers often advocate uploading data to the cloud for analysis or storage, primarily due to concerns about the limited computational capability of ubiquitous devices. Today, however, many such devices can still effectively operate and execute complex algorithms without reliance on the cloud. The authors recommend prioritizing on-device analysis over uploading the data to another host, and if on-device analysis is not possible, favoring local network services over a cloud service.
Spice: Secure Proximity-Based Infrastructure For Close Encounters, Aarathi Prasad, Xiaohui Liang, David Kotz
Spice: Secure Proximity-Based Infrastructure For Close Encounters, Aarathi Prasad, Xiaohui Liang, David Kotz
Dartmouth Scholarship
We present a crowdsourcing system that extends the capabilities of location-based applications and allows users to connect and exchange information with users in spatial and temporal proximity. We define this incident of spatio-temporal proximity as a \em close encounter. Typically, location-based application users store their information on a server, and trust the server to provide access only to authorized users, not misuse the data or disclose their location history. Our system, called SPICE, addresses these privacy issues by leveraging Wi-Fi access points to connect users and encrypt their information before it is exchanged, so only users in close encounters have …
Lighttouch: Securely Connecting Wearables To Ambient Displays With User Intent, Xiaohui Liang, Tianlong Yun, Ronald Peterson, David Kotz
Lighttouch: Securely Connecting Wearables To Ambient Displays With User Intent, Xiaohui Liang, Tianlong Yun, Ronald Peterson, David Kotz
Dartmouth Scholarship
Wearables are small and have limited user interfaces, so they often wirelessly interface with a personal smartphone/computer to relay information from the wearable for display or other interactions. In this paper, we envision a new method, LightTouch, by which a wearable can establish a secure connection to an ambient display, such as a television or a computer monitor, while ensuring the user's intention to connect to the display. LightTouch uses standard RF methods (like Bluetooth) for communicating the data to display, securely bootstrapped via the visible-light communication (the brightness channel) from the display to the low-cost, low-power, ambient light sensor …
Privacy And Security In Mobile Health – A Research Agenda, David Kotz, Carl A. Gunter, Santosh Kumar, Jonathan P. Weiner
Privacy And Security In Mobile Health – A Research Agenda, David Kotz, Carl A. Gunter, Santosh Kumar, Jonathan P. Weiner
Dartmouth Scholarship
Mobile health technology has great potential to increase healthcare quality, expand access to services, reduce costs, and improve personal wellness and public health. However, mHealth also raises significant privacy and security challenges.
Amulet: A Secure Architecture For Mhealth Applications For Low-Power Wearable Devices, Andrés Molina-Markham, Ronald Peterson, Joseph Skinner, Tianlong Yun, Bhargav Golla, Kevin Freeman, Travis Peters, Jacob Sorber, Ryan Halter, David Kotz
Amulet: A Secure Architecture For Mhealth Applications For Low-Power Wearable Devices, Andrés Molina-Markham, Ronald Peterson, Joseph Skinner, Tianlong Yun, Bhargav Golla, Kevin Freeman, Travis Peters, Jacob Sorber, Ryan Halter, David Kotz
Dartmouth Scholarship
Interest in using mobile technologies for health-related applications (mHealth) has increased. However, none of the available mobile platforms provide the essential properties that are needed by these applications. An mHealth platform must be (i) secure; (ii) provide high availability; and (iii) allow for the deployment of multiple third-party mHealth applications that share access to an individual's devices and data. Smartphones may not be able to provide property (ii) because there are activities and situations in which an individual may not be able to carry them (e.g., while in a contact sport). A low-power wearable device can provide higher availability, remaining …
A Wearable System That Knows Who Wears It, Cory Cornelius, Ronald Peterson, Joseph Skinner, Ryan Halter, David Kotz
A Wearable System That Knows Who Wears It, Cory Cornelius, Ronald Peterson, Joseph Skinner, Ryan Halter, David Kotz
Dartmouth Scholarship
Body-area networks of pervasive wearable devices are increasingly used for health monitoring, personal assistance, entertainment, and home automation. In an ideal world, a user would simply wear their desired set of devices with no configuration necessary: the devices would discover each other, recognize that they are on the same person, construct a secure communications channel, and recognize the user to which they are attached. In this paper we address a portion of this vision by offering a wearable system that unobtrusively recognizes the person wearing it. Because it can recognize the user, our system can properly label sensor data or …
Privacy In Mobile Technology For Personal Healthcare, Sasikanth Avancha, Amit Baxi, David Kotz
Privacy In Mobile Technology For Personal Healthcare, Sasikanth Avancha, Amit Baxi, David Kotz
Dartmouth Scholarship
Information technology can improve the quality, efficiency, and cost of healthcare. In this survey, we examine the privacy requirements of \emphmobile\/ computing technologies that have the potential to transform healthcare. Such \emphmHealth\/ technology enables physicians to remotely monitor patients' health, and enables individuals to manage their own health more easily. Despite these advantages, privacy is essential for any personal monitoring technology. Through an extensive survey of the literature, we develop a conceptual privacy framework for mHealth, itemize the privacy properties needed in mHealth systems, and discuss the technologies that could support privacy-sensitive mHealth systems. We end with a list of …
Understanding Sharing Preferences And Behavior For Mhealth Devices, Aarathi Prasad, Jacob Sorber, Timothy Stablein, Denis Anthony, David Kotz
Understanding Sharing Preferences And Behavior For Mhealth Devices, Aarathi Prasad, Jacob Sorber, Timothy Stablein, Denis Anthony, David Kotz
Dartmouth Scholarship
mHealth devices offer many potential benefits to patients, health providers and others involved in the patients' healthcare. If patients are not in control of the collection and sharing of their personal health information, they will have privacy concerns even while enjoying the benefits of the devices. We investigated patients' willingness to share their personal health information, collected using mHealth devices, with their family, friends, third parties and the public. Our findings are based on a user study conducted with 41 participants. The best way to understand people's privacy concerns is to give them the opportunity to use the device and …
Passive Biometrics For Pervasive Wearable Devices (Poster Paper), Cory Cornelius, Zachary Marois, Jacob Sorber, Ron Peterson, Shrirang Mare, David Kotz
Passive Biometrics For Pervasive Wearable Devices (Poster Paper), Cory Cornelius, Zachary Marois, Jacob Sorber, Ron Peterson, Shrirang Mare, David Kotz
Dartmouth Scholarship
Wearable devices – like the FitBit, MOTOACTV, and Jawbone UP – are increasingly becoming more pervasive whether for monitoring health and fitness, personal assistance, or home automation. While pervasive wearable devices have long been researched, we are now beginning to see the fruits of this research in the form of commercial offerings. Today, many of these commercial wearable devices are closed systems that do not interoperate with other devices a person might carry. We believe, however, these commercial offerings signal the coming of wireless body-area networks that will connect these pervasive wearable devices and leverage existing devices a user already …
An Amulet For Trustworthy Wearable Mhealth, Jacob Sorber, Minho Shin, Ronald Peterson, Cory Cornelius, Shrirang Mare, Aarathi Prasad, Zachary Marois, Emma N. Smithayer, David Kotz
An Amulet For Trustworthy Wearable Mhealth, Jacob Sorber, Minho Shin, Ronald Peterson, Cory Cornelius, Shrirang Mare, Aarathi Prasad, Zachary Marois, Emma N. Smithayer, David Kotz
Dartmouth Scholarship
Mobile technology has significant potential to help revolutionize personal wellness and the delivery of healthcare. Mobile phones, wearable sensors, and home-based tele-medicine devices can help caregivers and individuals themselves better monitor and manage their health. While the potential benefits of this “mHealth” technology include better health, more effective healthcare, and reduced cost, this technology also poses significant security and privacy challenges. In this paper we propose \emphAmulet, an mHealth architecture that provides strong security and privacy guarantees while remaining easy to use, and outline the research and engineering challenges required to realize the Amulet vision.
Effects Of Network Trace Sampling Methods On Privacy And Utility Metrics, Phillip A. Fazio, Keren Tan, David Kotz
Effects Of Network Trace Sampling Methods On Privacy And Utility Metrics, Phillip A. Fazio, Keren Tan, David Kotz
Dartmouth Scholarship
Researchers choosing to share wireless-network traces with colleagues must first anonymize sensitive information, trading off the removal of information in the interest of identity protection and the preservation of useful data within the trace. While several metrics exist to quantify this privacy-utility tradeoff, they are often computationally expensive. Computing these metrics using a \emphsample\/ of the trace could potentially save precious time. In this paper, we examine several sampling methods to discover their effects on measurement of the privacy-utility tradeoff when anonymizing network traces. We tested the relative accuracy of several packet and flow-sampling methods on existing privacy and utility …
Adapt-Lite: Privacy-Aware, Secure, And Efficient Mhealth Sensing, Shrirang Mare, Jacob Sorber, Minho Shin, Cory Cornelius, David Kotz
Adapt-Lite: Privacy-Aware, Secure, And Efficient Mhealth Sensing, Shrirang Mare, Jacob Sorber, Minho Shin, Cory Cornelius, David Kotz
Dartmouth Scholarship
As healthcare in many countries faces an aging population and rising costs, mobile sensing technologies promise a new opportunity. Using mobile health (mHealth) sensing, which uses medical sensors to collect data about the patients, and mobile phones to act as a gateway between sensors and electronic health record systems, caregivers can continuously monitor the patients and deliver better care. Although some work on mHealth sensing has addressed security, achieving strong security and privacy for low-power sensors remains a challenge. \par We make three contributions. First, we propose Adapt-lite, a set of two techniques that can be applied to existing wireless …
Adaptive Security And Privacy For Mhealth Sensing, Shrirang Mare, Jacob Sorber, Minho Shin, Cory Cornelius, David Kotz
Adaptive Security And Privacy For Mhealth Sensing, Shrirang Mare, Jacob Sorber, Minho Shin, Cory Cornelius, David Kotz
Dartmouth Scholarship
As healthcare in many countries faces an aging population and rising costs, mobile Health (mHealth) sensing technologies promise a new opportunity. However, the privacy concerns associated with mHealth sensing are a limiting factor for their widespread adoption. The use of wireless body area networks pose a particular challenge. Although there exist protocols that provide a secure and private communication channel between two devices, the large transmission overhead associated with these protocols limit their application to low-power mHealth sensing devices. We propose an adaptive security model that enables use of privacy-preserving protocols in low-power mHealth sensing by reducing the network overhead …
Short Paper: The Netsani Framework For Analysis And Fine-Tuning Of Network Trace Sanitization, Phil Fazio, Keren Tan, Jihwang Yeo, David Kotz
Short Paper: The Netsani Framework For Analysis And Fine-Tuning Of Network Trace Sanitization, Phil Fazio, Keren Tan, Jihwang Yeo, David Kotz
Dartmouth Scholarship
Anonymization is critical prior to sharing wireless-network traces within the research community, to protect both personal and organizational sensitive information from disclosure. One difficulty in anonymization, or more generally, sanitization, is that users lack information about the quality of a sanitization result, such as how much privacy risk a sanitized trace may expose, and how much research utility the sanitized trace may retain. We propose a framework, NetSANI, that allows users to analyze and control the privacy/utility tradeoff in network sanitization. NetSANI can accommodate most of the currently available privacy and utility metrics for network trace sanitization. This framework provides …
Privacy Analysis Of User Association Logs In A Large-Scale Wireless Lan, Keren Tan, Guanhua Yan, Jihwang Yeo, David Kotz
Privacy Analysis Of User Association Logs In A Large-Scale Wireless Lan, Keren Tan, Guanhua Yan, Jihwang Yeo, David Kotz
Dartmouth Scholarship
User association logs collected from a large-scale wireless LAN record where and when a user has used the network. Such information plays an important role in wireless network research. One concern of sharing these data with other researchers, however, is that the logs pose potential privacy risks for the network users. Today, the common practice in sanitizing these data before releasing them to the public is to anonymize users' sensitive information, such as their devices' MAC addresses and their exact association locations. In this work, we aim to study whether such sanitization measures are sufficient to protect user privacy. By …
Anonysense: A System For Anonymous Opportunistic Sensing, Minho Shin, Cory Cornelius, Dan Peebles, Apu Kapadia, David Kotz, Nikos Triandopoulos
Anonysense: A System For Anonymous Opportunistic Sensing, Minho Shin, Cory Cornelius, Dan Peebles, Apu Kapadia, David Kotz, Nikos Triandopoulos
Dartmouth Scholarship
We describe AnonySense, a privacy-aware system for realizing pervasive applications based on collaborative, opportunistic sensing by personal mobile devices. AnonySense allows applications to submit sensing \emphtasks\/ to be distributed across participating mobile devices, later receiving verified, yet anonymized, sensor data \emphreports\/ back from the field, thus providing the first secure implementation of this participatory sensing model. We describe our security goals, threat model, and the architecture and protocols of AnonySense. We also describe how AnonySense can support extended security features that can be useful for different applications. We evaluate the security and feasibility of AnonySense through security analysis and prototype …
A Threat Taxonomy For Mhealth Privacy, David Kotz
A Threat Taxonomy For Mhealth Privacy, David Kotz
Dartmouth Scholarship
Networked mobile devices have great potential to enable individuals (and their physicians) to better monitor their health and to manage medical conditions. In this paper, we examine the privacy-related threats to these so-called \emphmHealth\/ technologies. We develop a taxonomy of the privacy-related threats, and discuss some of the technologies that could support privacy-sensitive mHealth systems. We conclude with a brief summary of research challenges.
A Correlation Attack Against User Mobility Privacy In A Large-Scale Wlan Network, Keren Tan, Guanhua Yan, Jihwang Yeo, David Kotz
A Correlation Attack Against User Mobility Privacy In A Large-Scale Wlan Network, Keren Tan, Guanhua Yan, Jihwang Yeo, David Kotz
Dartmouth Scholarship
User association logs collected from real-world wireless LANs have facilitated wireless network research greatly. To protect user privacy, the common practice in sanitizing these data before releasing them to the public is to anonymize users' sensitive information such as the MAC addresses of their devices and their exact association locations. In this work,we demonstrate that these sanitization measures are insufficient in protecting user privacy from a novel type of correlation attack that is based on CRF (Conditional Random Field). In such a correlation attack, the adversary observes the victim's AP (Access Point) association activities for a short period of time …
Is Bluetooth The Right Technology For Mhealth?, Shrirang Mare, David Kotz
Is Bluetooth The Right Technology For Mhealth?, Shrirang Mare, David Kotz
Dartmouth Scholarship
Many people believe mobile healthcare (mHealth) would help alleviate the rising cost of healthcare and improve the quality of service. Bluetooth, which is the most popular wireless technology for personal medical devices, is used for most of the mHealth sensing applications. In this paper we raise the question – Is Bluetooth the right technology for mHealth? To instigate the discussion we discuss some shortcomings of Bluetooth and also point out an alternative solution.
On Usable Authentication For Wireless Body Area Networks, Cory Cornelius, David Kotz
On Usable Authentication For Wireless Body Area Networks, Cory Cornelius, David Kotz
Dartmouth Scholarship
We examine a specific security problem in wireless body area networks (WBANs), what we call the ıt one body authentication problem. That is, how can we ensure that the wireless sensors in a WBAN are collecting data about one individual and not several individuals. We explore existing solutions to this problem and provide some analysis why these solutions are inadequate. Finally, we provide some direction towards a promising solution to the problem and how it can be used to create a usably secure WBAN.
A Privacy Framework For Mobile Health And Home-Care Systems, David Kotz, Sasikanth Avancha, Amit Baxi
A Privacy Framework For Mobile Health And Home-Care Systems, David Kotz, Sasikanth Avancha, Amit Baxi
Dartmouth Scholarship
In this paper, we consider the challenge of preserving patient privacy in the context of mobile healthcare and home-care systems, that is, the use of mobile computing and communications technologies in the delivery of healthcare or the provision of at-home medical care and assisted living. This paper makes three primary contributions. First, we compare existing privacy frameworks, identifying key differences and shortcomings. Second, we identify a privacy framework for mobile healthcare and home-care systems. Third, we extract a set of privacy properties intended for use by those who design systems and applications for mobile healthcare and home-care systems, linking them …
Opportunistic Sensing: Security Challenges For The New Paradigm, Apu Kapadia, David Kotz, Nikos Triandopoulos
Opportunistic Sensing: Security Challenges For The New Paradigm, Apu Kapadia, David Kotz, Nikos Triandopoulos
Dartmouth Scholarship
We study the security challenges that arise in Opportunistic people-centric sensing, a new sensing paradigm leveraging humans as part of the sensing infrastructure. Most prior sensor-network research has focused on collecting and processing environmental data using a static topology and an application-aware infrastructure, whereas opportunistic sensing involves collecting, storing, processing and fusing large volumes of data related to everyday human activities. This highly dynamic and mobile setting, where humans are the central focus, presents new challenges for information security, because data originates from sensors carried by people— not tiny sensors thrown in the forest or attached to animals. In this …
Poster Abstract: Reliable People-Centric Sensing With Unreliable Voluntary Carriers, Cory Cornelius, Apu Kapadia, David Kotz, Dan Peebles, Minho Shin, Patrick Tsang
Poster Abstract: Reliable People-Centric Sensing With Unreliable Voluntary Carriers, Cory Cornelius, Apu Kapadia, David Kotz, Dan Peebles, Minho Shin, Patrick Tsang
Dartmouth Scholarship
As sensor technology becomes increasingly easy to integrate into personal devices such as mobile phones, clothing, and athletic equipment, there will be new applications involving opportunistic, people-centric sensing. These applications, which gather information about human activities and personal social context, raise many security and privacy challenges. In particular, data integrity is important for many applications, whether using traffic data for city planning or medical data for diagnosis. Although our AnonySense system (presented at MobiSys) addresses privacy in people-centric sensing, protecting data integrity in people-centric sensing still remains a challenge. Some mechanisms to protect privacy provide anonymity, and thus provide limited …
Anonysense: Opportunistic And Privacy-Preserving Context Collection, Apu Kapadia, Nikos Triandopoulos, Cory Cornelius, Dan Peebles, David Kotz
Anonysense: Opportunistic And Privacy-Preserving Context Collection, Apu Kapadia, Nikos Triandopoulos, Cory Cornelius, Dan Peebles, David Kotz
Dartmouth Scholarship
Opportunistic sensing allows applications to “task” mobile devices to measure context in a target region. For example, one could leverage sensor-equipped vehicles to measure traffic or pollution levels on a particular street, or users' mobile phones to locate (Bluetooth-enabled) objects in their neighborhood. In most proposed applications, context reports include the time and location of the event, putting the privacy of users at increased risk—even if a report has been anonymized, the accompanying time and location can reveal sufficient information to deanonymize the user whose device sent the report. \par We propose AnonySense, a general-purpose architecture for leveraging users' mobile …
Virtual Walls: Protecting Digital Privacy In Pervasive Environments, Apu Kapadia, Tristan Henderson, Jeffrey Fielding, David Kotz
Virtual Walls: Protecting Digital Privacy In Pervasive Environments, Apu Kapadia, Tristan Henderson, Jeffrey Fielding, David Kotz
Dartmouth Scholarship
As pervasive environments become more commonplace, the privacy of users is placed at an increased risk. The numerous and diverse sensors in these environments can record contextual information about users, leading to users unwittingly leaving “digital footprints.” Users must therefore be allowed to control how their digital footprints are reported to third parties. While a significant amount of prior work has focused on location privacy, location is only one specific type of footprint, and we expect most users to be incapable of specifying fine-grained policies for a multitude of footprints. In this paper we present a policy language based on …
Scalability In A Secure Distributed Proof System, Kazuhiro Minami, David Kotz
Scalability In A Secure Distributed Proof System, Kazuhiro Minami, David Kotz
Dartmouth Scholarship
A logic-based language is often adopted in systems for pervasive computing, because it provides a convenient way to define rules that change the behavior of the systems dynamically. Those systems might define rules that refer to the users' context information to provide context-aware services. For example, a smart-home application could define rules referring to the location of a user to control the light of a house automatically. In general, the context information is maintained in different administrative domains, and it is, therefore, desirable to construct a proof in a distributed way while preserving each domain's confidentiality policies. In this paper, …
Secure Context-Sensitive Authorization, Kazuhiro Minami, David Kotz
Secure Context-Sensitive Authorization, Kazuhiro Minami, David Kotz
Dartmouth Scholarship
There is a recent trend toward rule-based authorization systems to achieve flexible security policies. Also, new sensing technologies in pervasive computing make it possible to define context-sensitive rules, such as “allow database access only to staff who are currently located in the main office.” However, these rules, or the facts that are needed to verify authority, often involve sensitive context information. This paper presents a secure context-sensitive authorization system that protects confidential information in facts or rules. Furthermore, our system allows multiple hosts in a distributed environment to perform the evaluation of an authorization query in a collaborative way; we …