Florida State University Libraries Electronic Theses, Treatises and Dissertations The Graduate School 2015 Cashtags: Protecting the Input and Display of Sensitive Data Michael J. Mitchell Follow this and additional works at the FSU Digital Library. For more information, please contact [email protected] FLORIDA STATE UNIVERSITY COLLEGE OF ARTS AND SCIENCES CASHTAGS: PROTECTING THE INPUT AND DISPLAY OF SENSITIVE DATA By MICHAEL J. MITCHELL A Dissertation submitted to the Department of Computer Science in partial fulfillment of the requirements for the degree of Doctor of Philosophy Degree Awarded: Spring Semester, 2015 Copyright © 2015 Michael J. Mitchell. All Rights Reserved. Michael J. Mitchell defended this dissertation on April 15, 2015. The members of the supervisory committee were: An-I Andy Wang Professor Directing Dissertation. Linda DeBrunner University Representative Gary Tyson Committee Member Zhi Wang Committee Member The Graduate School has verified and approved the above-named committee members, and certifies that the dissertation has been approved in accordance with university requirements. ii To my wife and family for their unconditional support iii ACKNOWLEDGMENTS My deepest gratitude is owed to my advisor and major professor Dr. Andy Wang. From his vision and research inspiration, to financial support, to patience reviewing and commenting on countless publication revision, I am truly fortunate to have such an amazing advisor. Without his guidance and persistent help, this dissertation would not have been possible. He is also responsible for the development of many technical and analytical skills I will carry with me throughout my professional career. I also express my gratitude to Dr. Peter Reiher of UCLA. His wisdom, insight, and collaboration have truly been an asset to this research. I would also like to thank the members of my dissertation committee. I thank Dr. Gary Tyson for financial support and research experience in the FSU Mobile Lab, and Dr. Zhi Wang for his guidance and additional research opportunities in mobile security. I would also like to thank my university representative and external committee member Dr. Linda DeBrunner. Her engineering background brought alternate perspective and general context into this research. I would also like to thank the members of the FSU Operation Systems and Storage research group. Their engaging questions and alternate approaches brought unique perspectives into my research and often were able to identify inadequacies and shortcomings that I could not see myself. I am fortunate to have been part of such an intelligent, dedicated, and talented research group. I also express my gratitude to the current and former FSU Department of Computer Science support staff. In particular, I thank Daniel Clawson, Eleanor McNealy, and Kristan Mcalpin for their assistance handling many administrative issues and for helping me to navigate the academic bureaucracy of the university. I also thank Ratnesh Patidar, Manik Saini, and Parteek Singh for their assistance with parts of the human subjects’ privacy study, as well as the 600 people who took the time to participate in the research study. iv This dissertation contains excerpts from the following publications: [1] Michael Mitchell, Ratnesh Patidar, Manik Saini, Parteek Singh, An-I Andy Wang, and Peter Reiher. “Mobile Usage Patterns and Privacy Implications.” Proceedings of the IEEE 2015 International Workshop on the Impact of Human Mobility in Pervasive Systems and Applications (PerMoby), 2015. [2] Michael Mitchell, An-I Wang, and Peter Reiher. “Cashtags: Prevent Leaking Sensitive Information through Screen Display.” Technical Report TR-141209, Department of Computer Science, Florida State University, 2014. [3] Michael Mitchell, An‐I Andy Wang, and Peter Reiher. “Mobile Usage Patterns and Privacy Implications.” Technical Report TR‐131104, Department of Computer Science, Florida State University, 2013. All interaction with human subjects was approved by the Florida State University IRB Human Subjects Committee, approval numbers HSC# 2012.8779 and HSC# 2013.10175. Full approval documentation and supplemental data is contained in Appendices A-C. This work is sponsored in part by NSF CNS-1065127, “Facets: Exploring Semantic Equivalence of Files to Improve Storage Systems”. Opinions, findings, and conclusions or recommendations expressed in this document do not necessarily reflect the views of the NSF, FSU, UCLA, or the U.S. government. v TABLE OF CONTENTS List of Tables ................................................................................................................................. ix List of Figures ................................................................................................................................. x Abstract ........................................................................................................................................ xiii 1 Introduction ............................................................................................................................... 1 1.1 Motivation ........................................................................................................................ 1 1.2 The Shoulder Surfing Threat ............................................................................................ 1 1.3 The Dangers are Everywhere ........................................................................................... 2 1.4 The Consequences can be Severe ..................................................................................... 3 1.5 Current Solutions.............................................................................................................. 3 1.6 Thesis ............................................................................................................................... 4 1.7 Scope of the Dissertation .................................................................................................. 4 1.8 Contributions .................................................................................................................... 4 1.9 Outline of the Dissertation ............................................................................................... 5 2 Mobile Privacy Survey ............................................................................................................. 6 2.1 Survey Motivation ............................................................................................................ 6 2.2 Human Subject-based Solutions....................................................................................... 6 2.3 Mobile Usage and Privacy Implications Survey .............................................................. 7 2.4 Experimental Methodology .............................................................................................. 7 2.5 Survey Results Overview ................................................................................................. 9 2.6 Demographics and Market Share ..................................................................................... 9 2.7 Privacy Results ............................................................................................................... 12 2.8 Other Findings ................................................................................................................ 21 vi 2.9 Lessons from the Survey ................................................................................................ 22 3 Existing Observation-resistant Solutions ............................................................................... 26 3.1 Visual Authentication Protection ................................................................................... 26 3.2 Digital Communication Channel Protection .................................................................. 34 3.3 Existing Solutions Inadequate ........................................................................................ 34 4 Cashtags ................................................................................................................................. 36 4.1 User Model ..................................................................................................................... 36 4.2 Threat Model .................................................................................................................. 38 4.3 Compared to Password Managers .................................................................................. 38 4.4 Design Overview ............................................................................................................ 39 5 System Design ....................................................................................................................... 41 5.1 Observation-resistant Approaches.................................................................................. 41 5.2 Where to Intercept Sensitive Data .................................................................................. 42 5.3 User Interface ................................................................................................................. 44 5.4 Accessing Sensitive Information .................................................................................... 46 5.5 Variants of Data Formats ............................................................................................... 47 5.6 Deployment and Development Models .........................................................................