Saturday, April 30, 2016

GPS Evidence: Better Cybersecurity through GeoPrinting*

Digital devices, computers, cell phones, and tablets are more mobile today than ever before. They are also wired for more sensors than ever before. These sensors detect movement, orientation, g-forces and, yes, GPS generated location fixes. Digital devices know where they are, and often know where they have been, and, with appropriate software, are probably are capable of predicting where they will be used in the future, based on historical records.

Both because of their value as strictly as hardware and because of the valuable data they store, digital devices are the targets of thieves. Because they are always with us, digital devices are also susceptible to accidental loss, loss that can leave them in the hands of those who might not return them, or use the data on them for their own purposes.

Digital devices are often portals to the authorized user's entire life “on the cloud.” Because owners often allow nearly automatic logins from portable digital devices in their possession, others can easily “take over” email, banking, and other security sensitive websites or applications. Thus, the loss of a digital device might not just endanger what is on that device, but rather endanger the owner's financial, commercial, social and emotional future: the owner's entire “Cloud Persona.” Furthermore, because portable digital devices often hold business, professional or otherwise confidential data trusted to the authorized user, hacking, theft or loss can effect entire business ventures or threaten government security.

How do we protect ourselves from these threats in a connected digital age? Answer: GeoSecurity: The practice of raising or lowering portable device digital security based on whether the device is within a valid GeoPrint location for the device, and the process of both heightening security to access the device, and digitally informing cloud accessed applications to raise or lower security standards based on the current device location. As explained below, digital devices can become much safer by recording where they are usually used, then requiring less security in those familiar physical locations, and much higher security when used outside the familiar locations.

A “personal” digital device is only used from one physical location at one time, as the authorized user has only . Because most portable digital devices are equipped with GPS chips, those devices know and can record where they are currently being used, and where they have been used before, and the paths between those points (if activated.) For instance, an I-pad owner might use their I-pad at home (Point A), at their office (Point B), at their health club (Point C), and at selected friends houses (Points D, E, and F.) Previously recorded locations are safer, because if someone logs into the digital device, it is likely to be the owner or an authorized user of the portable digital device.

Points A through F are lower risk locations, because these are locations. Software can “learn” device owner locations and keep them in memory after a “training period” of a week, two weeks,etc., or tie them to a locational database such as vehicle tracking databases like those used by some insurers. These recorded points, and travel between them, would be the authorized user's GeoPrint.

Establishing the “GeoPrint” [Digital locational fingerprint]:
We all travel in patterns: to work, to school, to social locations, ect. We carry our portable digital devices with us [Ipads, Iphones, Tablets, Cell Phones, etc.] These devices have sensors that “know where they are,” and can preserve and record locational information in several ways: GPS chips can write track records, Cell phones connect to certain cell towers throughout the course of a day or trip, etc. Software can be written to record those geographic locations and establish a GeoPrint: Digital geographic “fingerprinting” based on a portable digital device's unique GPS track record based on the user's repetitive cyclical travel patterns over the course of time. Like a fingerprint, our travel patterns are unique based on our daily obligations. Some trips will repeat daily, others, several times a week, and some, once a month or so. Rarely, trips will be seasonal, such as seasonal but repetitive trips to cottages in the summer, or ski locations in the winter. Good software will allow for a baseline GeoPrint, and allow for high security authorized additions to the baseline record, which will eliminate the need for repetition in following seasons or years.

Protecting our Devices With GeoSecurity:
The first line of defense is making sure no one unauthorized gets into our portable devices, so GPS related low and high security zones recording (training?) and comparison should be either part of the operating system, or booted before the operating system boots, so access can be controlled before any device information is exposed.

Therefore, if, suddenly, someone logs into the Ipad from a previously unknown location (Point Z), outside the owner's geoprint, even if the login is correct, there is a much greater chance that the person logging in is not the owner, but a thief or unauthorized user. Should, then, the device lock out the potential user based on location?

No, absolutely not! But, the device can shift to a higher security mode based on the new location, perhaps requiring a second, unrelated password, answer to a security question, or secondary requirement to trace a security drawing in a predetermined manner.

Furthermore, if the higher security feature is attempted and the unauthorized user fails it, the device can be programed to generate predetermined email messages indicating 1) the current GPS location 2) Identities and strengths of nearby network signals (together with whatever ID signals can be gleaned from the networks) and 3) a picture of the party attempting to log in.

Finally, if the higher security mode login passes, the system can query if the user wants to designate the previously unknown area as a new lower security area, and put that GPS information into memory. If so, Point Z would now be designated lower security.

Protecting our Cloud Personas With GeoSecurity:
The second line of defense would be software added or activated from cloud based providers. To prevent these providers from “tracking” the device owner, apps on the device can handle the training, and make a determination whether the device is in a low or high security location (where low is where the owner usually logs in, and high is “everywhere else.”) Then the local app would simply flag the cloud application to use low or high security for the current transaction – for high security, it would require additional password(s), security questions, or logging. Cloud applications would be more secure simply by “listening” to the high or low security recommendations from the app.

Of course, the owner might try to log in from a device that does not generate a GPS fix – which, in itself, would probably require higher security, because it might not be the owner. In such situations, sensitive cloud apps might use other determinations, like networks logged in from, locations of network nodes, and the like, to determine that lower security should be used, or let the owner make a decision AFTER passing a high security login requirement a single time. Better practice would be using Desktop GeoChronoSecurity, described below, after authorizing the desktop for certain times of use.

Using GPS device location as a factor in determining what security measures should be used would make mobile devices less subject to theft, online account more secure from hacking, while allowing device owners to access their accounts with reasonably lowered risks. Device owners can dial in a margin of locational error they are comfortable with, from a few hundred feet to a few miles, and still enjoy better security.

Temporary Geographic Changes
While we travel to usual places regularly, there will be times when our geographic “fingerprint” is just not valid – vacations, extended hospital stays, etc. Good security software will allow a valid user (determined by passing the high security test) to temporarily reduce security – but for a specific preprogrammed time period, so at the return from vacation, the former GeoSecurity scheme automatically resumes. This removes the possibility the user will forget to resume the program.
Such changes can be chronologically AND physically based to reduce risks, such as restrictions to the city the user is visiting for a period of three days, changing to the next city for two days. While less secure than continuous high security, such a plan reduces risk of data loss and limits risk in a high risk situation.

Permanently Changing the Digital Fingerprint:
While we all engage in repetitive movement, viewed over the course of weeks, there are “sea change” times in our lives where everything in our “movement lives” changes – job change moving to a new city, graduating high school and going to college. GeoPrints could be changed by high security login and authorizing the software to "relearn" our travel pattern-which might either replace our previous patterns; or be amended to those travel pattern.  This would allow the college student to return home for the weekend without facing high security software challenges.  

Enhancements - GeoChronoprint:
Those who desire both the best in security and the best ease of access might want to use not only a GeoPrint but a GeoChronoprint: A combination of location AND TIME at that location. A GeoChronoprint would record not only past locations, but time frames at that location, or times in transit. These could be used to develop location and time based rules for lower security access, with other other times and places requiring higher security access. For example, your device “learns” that your are at your location “workplace” from 9 am to 5 pm. Therefore, it won't allow low security access at 7 pm even if the device is still at your workplace- which is good, because you forgot your phone there and someone is trying to hack it! Of course, there will be some built in “fudge factors” in time frames, as you might get to work late some days, travel at different times, etc. but “windows” of access could easily be built to allow minutes or hours of additional low security access and still improve overall security. Likewise, larger geographic security could allow additional freedom without too much reduction in security. So, a typical test might be “If within 500 feet of Lat. X Long. Y from 7 am to 6 pm, then use low security, otherwise, high security” (if 8 am to 5 pm are usual hours.)

Desktop GeoChronosecurity: Desktops don't move, so why do we need GeoSecurity for desktops? Digtal Personnas can be accessed by both portable and nonportable computers, so if I've locked up my digital access from portable devices with GeoChronosecurity, my nonportable computers either will have high security access at all times (because they don't “know” and can't “tell” where they are) or I will be stuck with low security at all times from my desktop, which means any other desktop from anywhere could act like my desktop to get to my apps with lower security, even when I'm not at my desktop keyboard. The better answer: Authorize specific desktops by using portable devices:
  1. Travel to your desktop with your portable device. Go to “Authorize Desktops” on the GeoSecurity app.
  2. Enable “GeoChronosecurity” by downloading the correct application, or enabling it on the application.
  3. The portable device app will give you both the Long. Lat. GPS location of your desktop AND
  4. A security code you input to the application, different for each desktop. To be authorized the desktop would HAVE to be within your GeoChronoprint (correct time and location) because that is what makes sure you are you!
  5. The desktop will import your GeoChronoprint and only give you desktop low security access at times when your are expected to be at that location (home, for instance) and all other times, high security access would be required.
  6. When you reboot, your desktop should give its location and the current time.
While desktops suffer less thefts, they are just as susceptible as portable devices to hacking. So you may wish to use the principle of exclusion to keep others off your Desktop. Authorizing a desktop gives it a permanent stored GeoPrint that never changes; unauthorized users will attempt to login either with a different locational information or no locational information-and will face high security when trying to log into cloud applications or websites.

GeoExclusion Security: Because there is only one you, you may want to turn on GeoExclusion – that is, the highest security that will exclude the most people (three passwords, security questions, etc.) When you are expected to be in a certain location, your digital devices in that location will return to low security. When you are expected to leave, your devices return to high security. GeoExclusion could also lock out others from your applications when you are both detected on a portable digital device elsewhere, because there is only one of you. Desktops would also benefit from GeoExclusion – If you incorporate your GeoChronoprint in the desktop computer, your software and Cloud apps will know when you are expected to be on the desktop computer, and move to lower security for the duration of your expected stay, then shift back to high security once you leave the premises.

Would GeoSecurity threaten digital privacy?
In a word, no! The entire process could encrypt GPS coordinates, locations, and times. The GeoPrint, or GeoChronoprint, is needed for comparison purposes, and the software could be written in such a way that hides the actual information both from the authorized user and from any network or Cloud Applications. The only question GeoSecurity software needs to answer is “Do I need to lower security here? And now?” by checking if the current location is historically safe, that is, visited before. This simple “Yes or No” answer can be handed off to local software, applications, and Cloud Based software. Therefore, adding GeoSecurity to current web applications would be as simple as adding the extra security features, adding some “hooks” to detect the local software's responses, and adding configuration options to turn on GeoSecurity.  Encrypted GeoChronoprints can be shared with the authorized users other devices by secure means (USB transfer) together with whatever algorithm and keys are needed to sync the GeoSecurity system.

This blog post describes an outline of a digital security system based on past geographic travel that will enhance current security systems by introduction of a unique computer recognized element - gps location - that, while in control of the authorized user, will provide an element of identification that is both nearly impossible to replicate and is created without any additional effort by the authorized user.  Based both on current technological sensors and current software capabilities, it just needs dedicated, and hopefully open sourced coders (under a GNU license) to write the code to link the pieces of the puzzle.