Secure Mobile Computing using Biotelemetrics

Faculty: Ben Calhoun (ECE), Travis Blalock (ECE), Alf Weaver (CS)
Graduate students: Andrew Jurik (CS), Jonathan Bolus (ECE), Joe Ryan (ECE), Steve Jocke (ECE)

Undergraduate students: Mahlon Graham (CpE), Caroline Andrews (EE), Yonathan Habtemichael (EE), Jay Hoffman (EE)

School of Engineering and Applied Science
University of Virginia
Funded through the National Science Foundation and WiCAT
The widespread use of mobile computing devices is an enabler for ubiquitous computing, but can be a threat to data security when sensitive information is stored on devices that can be lost or stolen. Our project seeks to secure sensitive data on mobile devices by introducing a biotelemetric link between the user and the device. 
With ordinary mobile devices, a user authenticates in some standard fashion (e.g., password, fingerprint) and gains access to the devices programs and data. If the data is sensitive (e.g., medical data, intelligence data), there is a risk to data privacy and security if the user is incapacitated, or if the user loses the device, or if the device is stolen. Our project improves security by monitoring a biometric signal (initially a heart beat).  Usage continues normally as long as the biometric signal is reliably received.  Data protection policies (set by system administrators) dictate what happens in abnormal situations.  The device can be forced into a locked state in which user data is encrypted and the data cannot be decrypted until the user has completed a successful re-authentication.  Alternatively, the device can be forced into a safe state in which all sensitive data is erased.
On the hardware side, we are designing an integrated circuit with three components: a biometric sensor (initially heart rate), a microcontroller, and a radio (initially Bluetooth). This system, which we call the "patch," would have a form factor similar to a bandaid. In year one the IC is powered by a battery, but the research goal is to reduce power consumption such that the chip can eventually operate by harvesting energy from the body (e.g., temperature differential, motion).  In subsequent years we will also replace the Bluetooth channel with a less power-hungry technology.  On the software side, we are using a PDA as our initial mobile device and have programmed it to detect and act upon biometric signal anomalies in accordance with its preprogrammed policies.
In the nine screenshots below we show the following sequence of events:
1. user login
2. connect the PDA to the Bluetooth link
3. enable policies on the PDA; for example, if the PDA does not receive data for 99 seconds (timeout), the PDA is put into the locked state; if a low heart rate is detected (less than 30 beats per minute for more than 5 seconds) the PDA is put into the "safe" state where all user data is erased
4. normal operation
5. a low heart rate event is detected
6. the PDA is forced into a locked state and the user must re-authenticate to regain access to data
7. re-authentication examples include a secret question/answer,
8. recognition of a previously chosen visual object, and
9. another login.

This picture shows the prototype hardware that detects the heartbeat and transmits its digital representation over the Bluetooth channel to the PDA.  In this picture the PDA displays the waveform received.

Our major research questions include: