DOCSLIB.ORG

Gangs: Gather, Authenticate 'N Group Securely∗

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Gangs: Gather, Authenticate 'N Group Securely∗ GAnGS: Gather, Authenticate 'n Group Securely∗ Chia-Hsin Owen Chen†, Chung-Wei Chen‡, Cynthia Kuo§, Yan-Hao Lai∗, Jonathan M. McCune§, Ahren Studer§⋄, Adrian Perrig§, Bo-Yin Yang†, Tzong-Chen Wu∗∗ † Academia Sinica ‡ National Tsing Hua University § Carnegie Mellon University ∗ National Chung Hsing University ∗∗ National Taiwan University of Science and Technology ⋄Correspondence should be addressed to [email protected] ABSTRACT 1. INTRODUCTION Establishing secure communication among a group of phys- Humans often form groups when meeting in person: po- ically collocated people is a challenge. This problem can tential collaborators exchange ideas and data after a con- be reduced to establishing authentic public keys among all ference, opposing parties communicate during contract ne- the participants – these public keys then serve to establish gotiation, and political cabinets meet and later disseminate a shared secret symmetric key for encryption and authenti- strategies during a campaign. In all of these scenarios, mem- cation of messages. Unfortunately, in most real-world set- bers of a group want to communicate without allowing oth- tings, public key infrastructures (PKI) are uncommon and ers to access the information. Communication is secured distributing a secret in a public space is difficult. Thus, it is using cryptographic keys, which enable the encryption and a challenge to exchange authentic public keys in a scalable, authentication of messages. The challenge is to establish secure, and easy to use fashion. these cryptographic keys in a secure, usable manner. In this paper, we propose GAnGS, a protocol for the se- The goal of this work is to help establish keys within a cure exchange of authenticated information among a group group over a wireless medium. Wireless communication is of people. In contrast to prior work, GAnGS resists Group- invisible to humans and thus fails to indicate the source of in-the-Middle and Sybil attacks by malicious insiders, as well information to the user. An attacker can thus easily per- as infiltration attacks by malicious bystanders. GAnGS is form a Man-in-the-Middle (MitM) attack and expose keys to designed to be robust to user errors, such as miscounting the outsiders or establish different keys within the group. Prior number of participants or incorrectly comparing checksums. work relies on pre-existing associations or secrets within the We have implemented and evaluated GAnGS on Nokia N70 group to secure wireless channels. In addition, prior work phones. The GAnGS system is viable and achieves a good assumes that users can accurately count or compare strings balance between scalability, security, and ease of use. of hexadecimal digits. Unfortunately, these assumptions of- Categories and Subject Descriptors C.2.0 [Computer – ten do not hold, and an alternative solution is necessary to Communication Networks]: General – security and protec- establish group keys. tion; H.1.2 [Models and Principles] User/Machine Systems Prior work on group communication leverages a Public – human factors Key Infrastructure (PKI) to authenticate public keys or a group password to secure communication. However, a PKI General Terms: Security, Human Factors may be impractical outside corporate settings, and a shared password needs to be securely exchanged between group ∗This research was supported in part by the iCAST project members. When an ad-hoc group meets in a public space under grant NSC96-3114-P-001-002-Y from the National (e.g., an airport), an attacker can intercept all communica- Science Council Taiwan, CyLab at Carnegie Mellon under tion (electronic, spoken, or written), most likely observe the grants DAAD19-02-1-0389 and MURI W 911 NF 0710287 group’s password and thus subvert the group. To protect from the Army Research Office, grants CCF-0424422 and wireless communication with no prior associations or shared CNS-0627357 from the National Science Foundation, and General Motors through the GM-CMU Collaborative Re- secrets, Demonstrative Identification (DI) allows a user to search Laboratory. The views and conclusions contained indicate via physical actions which two devices should com- here are those of the authors and should not be interpreted municate (e.g., touching devices together, one device taking as representing the official policies or endorsements, either a picture of the other, etc.) [3, 21, 22, 24]. However, cur- express or implied, of ARO, CMU, GM, iCast, NSF, or the rent DI schemes only work for pairwise communication. We U.S. Government or any of its agencies. extend DI to the group setting and introduce the notion of Physical Articulation to Authenticate Legitimate Parties (PAALP). With PAALP, members of a group can verify the information they have wirelessly received originated from Permission to make digital or hard copies of all or part of this work for the expected physical devices. In essence, a protocol sup- personal or classroom use is granted without fee provided that copies are porting PAALP (a “PAALPable” protocol) enables conver- not made or distributed for profit or commercial advantage and that copies sion of physical presence within a group into digital trust. bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific Even with a PKI or a group password, user errors can permission and/or a fee. cause vulnerabilities when establishing keys. Prior works MobiCom'08, September 14–19, 2008, San Francisco, USA. assume humans can accurately count the number of mem- Copyright 2008 ACM 978-1-60558-096-8/08/09 ...$5.00. bers in the group and compare random strings (tasks which information IX from member X. This includes“In- cannot be automated by a device). Other work has shown clusivity” in that when a member X has a copy of that users often commit errors in these simple tasks [15,28]. the list, the list must include IX. When groups members fail to compare accurately, an at- 2. Exclusivity. Λ contains information from the ℓ in- tacker can split the group as part of a Group in the Middle tended group members, and no other individuals. (GitM) Attack [16]. When group members count incorrectly, X an outsider can add himself to the group or an insider can 3. Uniqueness. Each member can only contribute add multiple identities (a Sybil attack [8]) without changing one piece of information (IX) to Λ. the checksum values used to verify successful completion. • Resistance to Human Error. As group size in- Given these errors, we would like to design a protocol that creases, the likelihood that a user will make a mistake is secure in the presence of miscounts (Enumeration Error also increases. Groups must be able to exchange au- Proof (EEP)) and resilient to failed comparisons (Compari- thentic information accurately. In the event of user son Error Proof (CEP)). error(s), GAnGS should fail safely (discard the list). We present GAnGS (Gather, Authenticate ’n Group Se- curely), a system that gathers, distributes, and verifies au- 2.2 Assumptions thentic information among a group of collocated mobile de- We assume that: vices. GAnGS exchanges group members’ public keys such • Group members are physically located in the same that each group member obtains the authentic public key of room during group formation; every other member. Knowing every other members’ pub- • Group members can distinguish legitimate members lic key can be used to encrypt messages or distribute group from non-members; keys among any subset of the group. Our key insight is that verifying the group list via physical interaction in ran- • Members possess devices that support the same phys- domly assigned subgroups reduces user error while providing ical method for exchanging information (e.g., our im- a probabilistic security guarantee. plementation of GAnGS requires Bluetooth support, a GAnGS is PAALPable, EEP, and CEP. As such, a group camera, and programmable software); and using GAnGS can exclude outsiders and detect GitM and • Members accurately count less than ten individuals. Sybil attacks. Achieving these usability goals presents a tradeoff for security. For 100% EEP and CEP, each device 2.3 Attacker Model must interact with every other device (for a total of O(n2) in- Attackers may be located inside or outside of the room teractions). GAnGS provides greater than 95% probability before, during, and after GAnGS is performed. If attack- of attack detection while requiring only O(n) interactions. ers are in the same room as group members, information displayed on a screen or written down may be seen by the Contributions. With PAALP, we extend the idea of attackers, and verbal communication may be heard by the physically identifying parties which communicate wirelessly attackers. With their devices, attackers can overhear, inter- via physical actions in a group setting. We quantify the cept, and inject any wireless communication. As part of an user effort in our PAALPable system by comparing the num- insider attack, a member of the group may be an attacker. ber of interactions between devices in a run of the protocol. An attacker’s goal is to add unintended entities’ informa- These physical interactions provide resilience to user error tion to the list of public keys, edit or remove valid members’ and contribute the resilience to counting and comparison information from the list, and/or contribute multiple iden- errors, EEP and CEP respectively. We present the first im- tities to the list (a Sybil attack [8]). An attacker can also plementation of a system to bootstrap scalable, secure group perform a denial of service (DoS) attack such that GAnGS communication and evaluate our approaches on Bluetooth- fails to complete successfully. The impact of a DoS attack enabled Nokia N70 camera phones. is limited, since the attacker would fail to compromise the group’s communication. GAnGS addresses attacks against 2.
Load more

Recommended publications
  • Implementation and Analysis of Key Reinstallation Attack
    International Journal of Innovations in Engineering and Technology (IJIET) http://dx.doi.org/10.21172/ijiet.133.21 Implementation and Analysis of Key Reinstallation Attack Saba Khanum1, Ishita kalra2 1Department of Information Technology, MSIT, Janakpuri, New Delhi, India 2Department of Computer Science and Engineering, MSIT, Janakpuri, New Delhi, India Abstract- The objective of the paper is to implement and analyzed the impact of Key Reinstallation Attack (popularly dubbed as KRACK) on debian based machines. The paper elucidates on the capture of packets through the attack without being a part of the network and affecting the target machines with the help of an attack machine placed inside the network. It basically exploits the nonce of the network which ultimately paves way to the execution of the attack. The issue tends to gather more eyeballs as it affects all devices using Wi-Fi through WPA2 protocol. Hence, the catastrophe complimented along the attack is severe. The analysis of the impact is carried on by analyzing the type of packets visible as well as captured during the course of the implementation. Here, we have created a python script which identifies whether the targeted machine is vulnerable to KRACK or not and corresponding to that the packet capture starts and ultimately, the impact is measured. Keywords – KRACK, weakness, WPA2, attack, security I. INTRODUCTION The presence of the bug has been detected in the cryptographic nonce of the WPA2 and can be used to clone a connected party to reinstall a used key. The presence of the nonce is specifically intended to prevent reuse, but in this particular case, it gives malicious users the opportunity to replay, decrypt, or forge packets, ultimately enabling them to access all previously considered encrypted information without actually being part of the network.
    [Show full text]
  • Authenticated Encryption Mode IAPM Using SHA-3'S Public Random
    Authenticated Encryption Mode IAPM using SHA-3’s Public Random Permutation Charanjit Jutla IBM T. J. Watson Research Center New York 10598 Abstract. We study instantiating the random permutation of the block- cipher mode of operation IAPM (Integrity-Aware Parallelizable Mode) with the public random permutation of Keccak, on which the draft stan- dard SHA-3 is built. IAPM and the related mode OCB are single-pass highly parallelizable authenticated-encryption modes, and while they were originally proven secure in the private random permutation model, Kurosawa has shown that they are also secure in the public random per- mutation model assuming the whitening keys are uniformly chosen with double the usual entropy. In this paper, we show a general composabil- ity result that shows that the whitening key can be obtained from the usual entropy source by a key-derivation function which is itself built on Keccak. We stress that this does not follow directly from the usual indifferentiability of key-derivation function constructions from Random Oracles. We also show that a simple and general construction, again employing Keccak, can also be used to make the IAPM scheme key- dependent-message secure. Finally, implementations on modern AMD-64 architecture supporting 128-bit SIMD instructions, and not supporting the native AES instructions, show that IAPM with Keccak runs three times faster than IAPM with AES. 1 Introduction Symmetric key encryption of bulk data is usually performed using either a stream cipher or a block cipher. A long message is divided into small fixed-size blocks and encryption is performed by either a stream-cipher mode or a block-cipher mode employing a cryptographic primitive that operates on blocks.
    [Show full text]
  • OCB: a Bock-Cipher Mode of Operation for Efficient Authenticated Encryption
    OCB: A Bock-Cipher Mode of Operation for Efficient Authenticated Encryption Phillip Rogaway UC Davis This work done at Chiang Mai University [email protected] http://www.cs.ucdavis.edu/~rogaway Mihir Bellare John Black Ted Krovetz UC San Diego University of Nevada UC Davis CCS-8 — Philadelphia, USA — November 8, 2001 Slide 1 Principal Goals of Symmetric Cryptography Privacy What the Adversary sees tells her nothing of significance about the underlying message M that the Sender sent Authenticity The Receiver is sure that the string he receives was sent (in exactly this form) by the Sender Authenticated Encryption Achieves both privacy and authenticity C C* Nonce M M K Adversary K or invalid K K Sender Receiver Slide 2 Why Authenticated Encryption? • Efficiency By merging privacy and authenticity one can achieve efficiency difficult to achieve if handling them separately. • Easier-to-correctly-use abstraction By delivering strong security properties one may minimize encryption-scheme misuse. Slide 3 Easier to correctly use because stronger security properties Idealized encryption OCB Authenticated encryption [Bellare, Rogaway] IND-CPA + auth of ciphertexts [Katz,Yung] [Bellare, Namprempre] IND-CCA = NM-CCA CTR, CBC$ [Goldwasser, Micali] IND-CPA [Bellare, Desai, Jokipii, Rogaway] ECB Slide 4 Right or Wrong? It depends on what definition E satisfies K A . R K A A B EK (A . B . RA . RB .sk) EK (RB) Slide 5 Folklore approach. See Generic Composition [Bellare, Namprempre] and [Krawczyk] Traditional approach to authenticated encryption for
    [Show full text]
  • Global Journal of Engineering Science And
    [Arslan, 6(3): March 2019] ISSN 2348 – 8034 DOI- 10.5281/zenodo.2599921 Impact Factor- 5.070 GLOBAL JOURNAL OF ENGINEERING SCIENCE AND RESEARCHES PRIVACY PRESERVING SECURITY MECHANISM FOR IOT BASED DISTRIBUTED SMART HEALTHCARE SYSTEM Farrukh Arslan School of Electrical and Computer Engineering, Purdue University, USA ABSTRACT Data security and privacy are one of the key concerns in the Internet of Things (IoT). Usage of IOT is increasing in the society day-by-day, and security challenges are becoming more and more severe. From a data perspective, IOT data security plays a major role. Some of the sensitive data such as criminal record, military information, the medical record of the patients, etc. Due to the size and other features of IOT, it is almost impossible to create an efficient centralized authentication system. The proposed system focused on IoT security for distributed medical record to provide perimeter security to the patient. Building trust in distributed environments without the need for authorities is a technological advance that has the potential to change many industries, the IOT is one among them. Furthermore, it protects data integrity and availability. It improves the accessibility of data by using the indexing method along with the blockchain. Moreover, it facilitate the utility of tracking the previous history of the patient record using the hyper ledger with authorization. Keywords: security, Internet of Things, Health-care, Block chain, Hyper ledger. I. INTRODUCTION Amount of information grows day by day but the security of the data is not maintained properly. Nowadays blockchain technology is very useful in IOT field such as smart cities, smart home system as well as it provides security [1].
    [Show full text]
  • CMU-CS-17-118 July 2017
    Secure Large-Scale Outsourced Services Founded on Trustworthy Code Executions Bruno Vavala CMU-CS-17-118 July 2017 School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 Faculty of Sciences University of Lisbon 1749-16 Lisbon, Portugal Thesis Committee: Peter Steenkiste, Co-Chair Nuno Neves, University of Lisbon, Co-Chair Anupam Datta Vyas Sekar Antonia Lopes, University of Lisbon Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer Science Copyright c 2017 Bruno Vavala This research was sponsored by Fundac¸ao˜ para a Cienciaˆ e Tecnologia (Portuguese Foundation for Science and Technology) through the Carnegie Mellon Portugal Program under grant SFRH/BD/51562/2011 (until August 2016) and the Information and Communication Technology Institute at Carnegie Mellon University, by FCT through project UID/CEC/00408/2013 (LaSIGE), by the EC through project FP7-607109 (SEGRID) and project H2020-643964 (SUPERCLOUD). The views and conclusions contained in this document are those of the author and should not be interpreted as representing the official policies, either expressed or implied, of any sponsoring institution, the Portuguese government, the U.S. government or any other entity. Keywords: Trusted Computing, Cloud Security, Trusted Execution Abstraction, Execution Integrity, Code Identity, Large-scale Data, TPM, Intel SGX, Efficient Execution Verification, Passive Replication, Service Availability This work was partially supported by the Fundac¸ao˜ para a Cienciaˆ e Tecnologia (FCT) through research grant SFRH/BD/51562/2011 (until August 2016) and through project UID/CEC/00408/2013 (LaSIGE), by the Informa- tion and Communication Technology Institute at Carnegie Mellon University, by the EC through project FP7-607109 (SEGRID) and project H2020-643964 (SUPERCLOUD).
    [Show full text]
  • The Evolution of Authenticated Encryption
    The Evolution of Authenticated Encryption Phillip Rogaway University of California, Davis, USA Those who’ve worked with me on AE: Mihir Bellare Workshop on Real-World Cryptography John Black Thursday, 10 January 2013 Ted Krovetz Stanford, California, USA Chanathip Namprempre Tom Shrimpton David Wagner 1/40 Traditional View (~2000) Of Symmetric Goals K K Sender Receiver Privacy Authenticity (confidentiality) (data-origin authentication) Encryption Authenticated Encryption Message scheme Achieve both of these aims Authentication Code (MAC) IND-CPA [Goldwasser, Micali 1982] Existential-unforgeability under ACMA [Bellare, Desai, Jokipii, R 1997] [Goldwasser, Micali, Rivest 1984, 1988], [Bellare, Kilian, R 1994], [Bellare, Guerin, R 1995] 2/40 Needham-Schroeder Protocol (1978) Attacked by Denning-Saco (1981) Practioners never saw a b IND-CPA as S encryption’s goal A . B . NA {N . B . s . {s . A} } 1 A b a 2 a b {s . A} A 3 b B 4 {NB}s 5 {NB -1 }s 3/40 Add redundancy No authenticity for any S = f (P) CBC ~ 1980 Doesn’t work Beyond CBC MAC: regardless of how you compute unkeyed checksums don’t work even the (unkeyed) checksum S = R(P1, …, Pn) with IND-CCA or NM-CPA schemes (Wagner) [An, Bellare 2001] 4/40 Add more arrows PCBC 1982 Doesn’t work See [Yu, Hartman, Raeburn 2004] The Perils of Unauthenticated Encryption: Kerberos Version 4 for real-world attacks 5/40 Add yet more stuff iaPCBC [Gligor, Donescu 1999] Doesn’t work Promptly broken by Jutla (1999) & Ferguson, Whiting, Kelsey, Wagner (1999) 6/40 Emerging understanding that: - We’d like
    [Show full text]
  • ATAES132A 32K AES Serial EEPROM Complete Data Sheet
    ATAES132A ATAES132A 32K AES Serial EEPROM Complete Data Sheet Features • Crypto Element Device with Secure Hardware-Based Key Storage • 32 kb Standard Serial EEPROM Memory – Compatible with the Microchip AT24C32D and the Microchip AT25320B – 16 User Zones of 2 kb Each • High-Security Features – AES Algorithm with 128-bit Keys – AES-CCM for Authentication – Message Authentication Code (MAC) Capability – Guaranteed Unique Die Serial Number – Secure Storage for up to Sixteen 128-bit Keys – Encrypted User Memory Read and Write – Internal High-Quality FIPS Random Number Generator (RNG) – 16 High-Endurance Monotonic EEPROM Counters • Flexible User Configured Security – User Zone Access Rights Independently Configured – Authentication Prior to Zone Access • Read/Write, Encrypted, or Read-Only User Zone Options • High-Speed Serial Interface Options – 10 MHz SPI (Mode 0 and 3) – 1 MHz Standard I2C Interface • 2.5V to 5.5V Supply Voltage Range • <250 nA Sleep Current • 8-pad UDFN and 8-lead SOIC Package Options • Temperature Range: -40°C to +85°C Applications • Easily Add Security by Replacing Existing Serial EEPROM • Authenticate Consumables, Components, and Network Access • Protect Sensitive Firmware • Securely Store Sensitive Data and Enable Paid-for Features • Prevent Contract Manufacturers from Overbuilding • Manage Warranty Claims • Securely Store Identity Data (i.e. Fingerprints and Pictures) © 2018 Microchip Technology Inc. Datasheet Complete DS40002023A-page 1 ATAES132A Description The Microchip ATAES132A is a high-security, Serial Electrically-Erasable and Programmable Read-Only Memory (EEPROM) providing both authentication and confidential nonvolatile data storage capabilities. Access restrictions for the 16 user zones are independently configured, and any key can be used with any zone.
    [Show full text]
  • Design and Analysis of Decentralized Public Key Infrastructure with Quantum-Resistant Signatures
    석 ¬ Y 위 | 8 Master's Thesis 양자 ´1 서명D t©\ È중YT 공개¤ 0반 lpX $Ä 및 분석 Design and Analysis of Decentralized Public Key Infrastructure with Quantum-resistant Signatures 2018 H 형 철 (W ; 哲 An, Hyeongcheol) \ m 과 Y 0 Ð Korea Advanced Institute of Science and Technology 석 ¬ Y 위 | 8 양자 ´1 서명D t©\ È중YT 공개¤ 0반 lpX $Ä 및 분석 2018 H 형 철 \ m 과 Y 0 Ð 전산Y부 (정보보8대YÐ) Design and Analysis of Decentralized Public Key Infrastructure with Quantum-resistant Signatures Hyeongcheol An Advisor: Kwangjo Kim A dissertation submitted to the faculty of Korea Advanced Institute of Science and Technology in partial fulfillment of the requirements for the degree of Master of Science in Computer Science (Information Security) Daejeon, Korea June 12, 2018 Approved by Kwangjo Kim Professor of Computer Science The study was conducted in accordance with Code of Research Ethics1. 1 Declaration of Ethical Conduct in Research: I, as a graduate student of Korea Advanced Institute of Science and Technology, hereby declare that I have not committed any act that may damage the credibility of my research. This includes, but is not limited to, falsification, thesis written by someone else, distortion of research findings, and plagiarism. I confirm that my thesis contains honest conclusions based on my own careful research under the guidance of my advisor. MIS H형철. 양자 ´1 서명D t©\ È중YT 공개¤ 0반 lpX $Ä 및 분석. 전산Y부 (정보보8대YÐ) . 2018D. 50+iv ½. 지ÄP수: @광p. 20164355 (영8 |8) Hyeongcheol An. Design and Analysis of Decentralized Public Key Infras- tructure with Quantum-resistant Signatures.
    [Show full text]
  • Replay Attack Vulnerabilities and Mitigation Strategies a Study of a Unique Class of Attack and Several Methods Attempting to Prevent Attacks of a Kind
    Replay Attack Vulnerabilities and Mitigation Strategies A Study of a Unique Class of Attack and Several Methods Attempting to Prevent Attacks of a Kind Alex Goldschmidt 1 Abstract Replay attacks are a unique class of network infiltration that have harmful effects both online and offline. With encryption becoming cryptographically stronger every year, a movement from attacks based on decryption to attacks based in replay of encrypted information is almost inevitable. In this project, replay attacks will be looked at more closely, along with several ways to protect against them. Replay attacks have been used to compromise SSL sessions, perform fraudulent transactions with chip-based credit cards, and even to break into cars and garage doors. While many methods have been put forward, including time-based encryption and origin/destination verification, there is no single solution to this problem, but instead one must incorporate several strategies to fully protect against such an attack. Introduction In the world of security, there are innumerable methods of compromising a network. Whether the attacker’s goal is to shut down communication between parties, or to steal information from an unsuspecting victim, the security system in place must be able to defend against it. The best method of protecting information, which prevents a lot of these attacks from being feasible, is to encrypt all data that is transmitted from one place to another. However, what happens when the attacker doesn’t need to know what the message actually says? This is the principle behind the Replay Attack. Replay Attacks are listed as entry 294 in the Common Weakness Enumeration (CWE), where they are described as a “flaw [that] exists when the design of the software makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message” (Mitre, 2015).
    [Show full text]
  • Ios Security Ios 12.3
    iOS Security iOS 12.3 May 2019 Contents Page 5 Introduction Page 6 System Security Secure boot chain System Software Authorization Secure Enclave OS Integrity Protection Touch ID Face ID Page 15 Encryption and Data Protection Hardware security features File Data Protection Passcodes Data Protection classes Keychain data protection Keybags Page 25 App Security App code signing Runtime process security Extensions App Groups Data Protection in apps Accessories HomeKit SiriKit HealthKit ReplayKit Secure notes Shared notes Apple Watch Page 39 Network Security TLS VPN Wi-Fi Bluetooth Single sign-on Continuity AirDrop security Wi-Fi password sharing iOS Security | May 2019 2 Page 47 Apple Pay Apple Pay components How Apple Pay uses the Secure Element How Apple Pay uses the NFC controller Credit, debit, and prepaid card provisioning Payment authorization Transaction-specific dynamic security code Paying with credit and debit cards in stores Paying with credit and debit cards within apps Paying with credit and debit cards on the web Contactless passes Apple Pay Cash Transit cards Student ID cards Suspending, removing, and erasing cards Page 58 Internet Services Apple ID iMessage Business Chat FaceTime iCloud iCloud Keychain Siri Safari Suggestions, Siri Suggestions in Search, Lookup, #images, News app, and News widget in non-News countries Safari Intelligent Tracking Prevention Page 73 User Password Management App access to saved passwords Automatic strong passwords Sending passwords to other people or devices Credential provider extensions Page
    [Show full text]
  • Certificate in E Certificate in E-Governance and Security Information System (CEGCS-04) Vernance and Cyber
    Certificate in e -Governance and Cyber Security Information System (CEGCS-04) Title Information System Adviso rs Mr. R. Thyagarajan, Head, Admn. & Finance and Acting Director, CEMCA Dr. Manas Ranjan Panigrahi, Program Officer(Education) , CEMCA Prof. Durgesh Pant, Director -SCS&IT, UOU Editor Er. Gopesh Pande, Network Engineer, Wipro Infotech, Mumbai Authors Block I> Unit I, Unit II, Unit III & Unit IV Er. Charanjeet Singh Chawla, Wing Commander, Indian Air Force, Ministry of Defence Block II> Unit I, Unit II, Unit III & Unit IV Er. Ashok Katariya, Group Captain, Indian Air Force, Ministry of Defence Block III> Unit I, Unit II, Unit III & Unit IV Er. Ashok Katariya, Group Captain, Indian Air Force, Ministry of Defence ISBN : 978 -93 -84813 -93 -2 Acknowledgement The University acknow ledges with thanks the expertixe and financial support provided by Commonwealth Educational Media Centre for Asia(CEMCA), New Delhi, for the preparation of this study material. Uttarakhand Open University, 2016 © Uttarak hand Open University, 2016. Information System is made available under a Creative Commons Attribution Share-Alike 4.0 Licence (international): http://creativecommons.org/licenses/by -sa/4.0/ It is attributed to the sources marked in the References, Article Sources and Contributors section. Published by: Uttarakhand Open University, Haldwani Expert Panel S. No. Name 1 Dr. Jeetendra Pande, School of Computer Science & IT, Uttarakhand Open University, Haldwani 2 Prof. Ashok Panjwani, Professor, MDI, Gurgoan 3 Group Captain Ashok Katariya, Ministry of Defense, New Delhi 4 Mr. Ashutosh Bahuguna, Scientist- CERT-In, Department Of Electronics & Information Technology, Government Of India 5 Mr. Sani Abhilash, Scientist- CERT-In, Department Of Electronics & Information Technology, Government Of India 6 Wing Commander C.S.
    [Show full text]
  • (12) Patent Application Publication (10) Pub. No.: US 2016/0028552 A1 Spanos Et Al
    US 2016.0028552A1 (19) United States (12) Patent Application Publication (10) Pub. No.: US 2016/0028552 A1 Spanos et al. (43) Pub. Date: Jan. 28, 2016 (54) SYSTEMAND METHOD FOR CREATING A tion No. 62/170,131, filed on Jun. 3, 2015, provisional MULT-BRANCHED BLOCKCHAIN WITH application No. 62/185,613, filed on Jun. 27, 2015. CONFIGURABLE PROTOCOL RULES Publication Classification (71) Applicants: Nikolaos Spanos, New York, NY (US); (51) Int. Cl. Andrew R. Martin, New York, NY H04L 9M32 (2006.01) (US); Eric T. Dixon, North Bergen, NJ G06F 12/02 (2006.01) (US); Asterios Steven Geros, New York, H04L 29/06 (2006.01) NY (US) G06F 2/14 (2006.01) (72) Inventors: Nikolaos Spanos, New York, NY (US); (52) U.S. Cl. Andrew R. Martin, New York, NY CPC ............ H04L 9/3297 (2013.01); H04L 9/3268 Bergen, NJ (2013.01); H04L 9/3242 (2013.01); G06F (US); Eric T. Dixon, North 12/1408 (2013.01); G06F 12/0246 (2013.01); (US); Asterios Steven Geros, New York, H04L 63/164 (2013.01); H04L 63/168 NY (US) (2013.01); G06F 2212/1052 (2013.01); G06F (73) Assignee: BLOCKCHAIN TECHNOLOGIES 2212/7209 (2013.01) CORPORATION, New York, NY (US) (57) ABSTRACT The present invention generally relates to blockchain tech (21) Appl. No.: 14/809,062 nology. Specifically, this invention relates to creating a block chain called a slidechain that allows for multiple valid (22) Filed: Jul. 24, 2015 branches or forks to propagate simultaneously with a custom ized set of protocol rules embedded in and applied to each fork chain that branches from another chain.
    [Show full text]