% This file was created with JabRef 2.6b.
% Encoding: Cp1252

@INPROCEEDINGS{Camenisch2008,
  author = {Camenisch, Jan and Gro\ss, Thomas and Heydt-Benjamin, Thomas S.},
  title = {Rethinking accountable privacy supporting servicess},
  booktitle = {DIM '08: Proceedings of the 4th ACM workshop on Digital identity
	management},
  year = {2008},
  pages = {1--8},
  address = {New York, NY, USA},
  publisher = {ACM},
  abstract = {As privacy concerns among consumers rise, service providers will
	
	increasingly want to provide services that support privacy enhancing
	
	technologies. At the same time, providers of commercial services
	
	require the security of identifying misbehaving users. For
	
	instance, users that do not pay their bill can be held accountable
	for
	
	their behavior. We propose a scheme that permits privacy support
	
	while retaining accountability. In our proposed scheme an honest
	
	user may enjoy full anonymity, but dishonest users who do not pay
	
	their bill have their identity revealed. In contrast to existing revocable
	
	anonymity systems, our proposed scheme requires less trust
	
	in an external authority, while simultaneously making accountability
	
	easier (and less costly) to achieve. We contribute the concept
	
	of a time capsule, that is, a verifiable encryption with timed and
	
	revocable decryptability.},
  doi = {http://doi.acm.org/10.1145/1456424.1456426},
  isbn = {978-1-60558-294-8},
  location = {Alexandria, Virginia, USA},
  timestamp = {2009.10.07}
}

@INPROCEEDINGS{Danev2009,
  author = {Danev, Boris and Heydt-Benjamin, Thomas S. and Capkun, Srdjan},
  title = {Physical-layer Identification of RFID Devices},
  booktitle = {USENIX Security '09: Proceedings of the 18th USENIX Security Symposium},
  year = {2009},
  pages = {125--136},
  publisher = {USENIX},
  location = {Montreal, Canada},
  timestamp = {2009.09.29}
}

@MISC{feder2008,
  author = {Feder, Barnaby J.},
  title = {A Heart Device Is Found Vulnerable to Hacker Attacks},
  howpublished = {The New York Times},
  month = {March},
  year = {2008},
  keywords = {heydt-benjamin, implantable, medical, devices},
  timestamp = {2009.09.29}
}

@ARTICLE{Halperin2008a,
  author = {Daniel Halperin and Thomas S. Heydt-Benjamin and Kevin Fu and Tadayoshi
	Kohno and William H. Maisel},
  title = {Security and Privacy for Implantable Medical Devices},
  journal = {IEEE Pervasive Computing},
  year = {2008},
  volume = {7},
  pages = {30--39},
  number = {1},
  month = {January},
  __markedentry = {[hey]},
  abstract = {{Protecting implantable medical devices against attack without compromising
	patient health requires balancing security and privacy goals with
	traditional goals such as safety and utility. Implantable medical
	devices monitor and treat physiological conditions within the body.
	These devices - including pacemakers, implantable cardiac defibrillators
	(ICDs), drug delivery systems, and neurostimulators - can help manage
	a broad range of ailments, such as cardiac arrhythmia, diabetes,
	and Parkinson's disease. IMDs' pervasiveness continues to swell,
	with upward of 25 million US citizens currently reliant on them for
	life-critical functions. Growth is spurred by geriatric care of the
	aging baby-boomer generation, and new therapies continually emerge
	for chronic conditions ranging from pediatric type 1 diabetes to
	anorgasmia and other sexual dysfunctions. Moreover, the latest IMDs
	support delivery of telemetry for remote monitoring over long-range,
	high-bandwidth wireless links, and emerging devices will communicate
	with other interoperating IMDs.},
	
	keywords={data privacy, patient monitoring, prosthetics, security
	of dataParkinson's disease, anorgasmia, cardiac arrhythmia, drug
	delivery systems, geriatric care, high-bandwidth wireless links,
	implantable cardiac defibrillators, implantable medical devices privacy,
	implantable medical devices security, neurostimulators, pacemakers,
	patient health, pediatric type 1 diabetes, physiological conditions,
	remote monitoring, sexual dysfunctions, telemetry}},
  doi = {10.1109/MPRV.2008.16},
  keywords = {{data privacy, patient monitoring, prosthetics, security of dataParkinson's
	disease, anorgasmia, cardiac arrhythmia, drug delivery systems, geriatric
	care, high-bandwidth wireless links, implantable cardiac defibrillators,
	implantable medical devices privacy, implantable medical devices
	security, neurostimulators, pacemakers, patient health, pediatric
	type 1 diabetes, physiological conditions, remote monitoring, sexual
	dysfunctions, telemetry}},
  publisher = {IEEE},
  timestamp = {2009.09.29},
  url = {http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4431854}
}

@INPROCEEDINGS{Halperin2008,
  author = {Daniel Halperin and Thomas S. Heydt-Benjamin and Benjamin Ransford
	and Shane S. Clark and Benessa Defend and Will Morgan and Kevin Fu
	and Tadayoshi Kohno and William H. Maisel M.D.},
  title = {Pacemakers and Implantable Cardiac Defibrillators: Software Radio
	Attacks and Zero-Power Defenses},
  booktitle = {Proceedings of the 2008 IEEE Symposium on Security and Privacy},
  year = {2008},
  pages = {{129-142}},
  month = {May},
  publisher = {IEEE},
  __markedentry = {[hey]},
  abstract = {{Our study analyzes the security and privacy properties of an implantable
	cardioverter defibrillator (ICD). Introduced to the U.S. market in
	2003, this model of ICD includes pacemaker technology and is designed
	to communicate wirelessly with a nearby external programmer in the
	175 kHz frequency range. After partially reverse-engineering the
	ICD's communications protocol with an oscilloscope and a software
	radio, we implemented several software radio-based attacks that could
	compromise patient safety and patient privacy. Motivated by our desire
	to improve patient safety, and mindful of conventional trade-offs
	between security and power consumption for resource-constrained devices,
	we introduce three new zero-power defenses based on RF power harvesting.
	Two of these defenses are human-centric, bringing patients into the
	loop with respect to the security and privacy of their implantable
	medical devices (IMDs). Our contributions provide a scientific baseline
	for understanding the potential security and privacy risks of current
	and future IMDs, and introduce human-perceptible and zero-power mitigation
	techniques that address those risks. To the best of our knowledge,
	this paper is the first in our community to use general-purpose software
	radios to analyze and attack previously unknown radio communications
	protocols.}},
  doi = {{10.1109/SP.2008.31}},
  keywords = {{cardiovascular system, defibrillators, health and safety, pacemakers,
	programmable circuits, security, software radio, terrorismRF power
	harvesting, human-perceptible mitigation techniques, implantable
	cardioverter defibrillators, implantable medical devices, oscilloscope,
	pacemaker technology, partial reverse-engineering, patient privacy,
	patient safety, power consumption, radiocommunications protocol,
	security aspects, software radio attacks, zero-power defenses}},
  timestamp = {2009.09.29},
  url = {http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=4531149&isnumber=4531132},
  www_pdf_url = {http://www.secure-medicine.org/icd-study/icd-study.pdf}
}

@INPROCEEDINGS{Heydt-Benjamin2007,
  author = {Thomas S. Heydt-Benjamin and Dan V. Bailey and Kevin Fu and Ari Juels
	and Tom OHare},
  title = {Vulnerabilities in First-Generation {RFID}-enabled Credit Cards},
  booktitle = {Proceedings of Eleventh International Conference on Financial Cryptography
	and Data Security},
  year = {2007},
  pages = {2-14},
  address = {Lowlands, Scarborough, Trinidad/Tobago},
  month = {February},
  __markedentry = {[hey]},
  abstract = {RFID-enabled credit cards are widely deployed in the United States
	and other countries, but no public study has thoroughly analyzed
	the mechanisms that provide both security and privacy. Using samples
	from a variety of RFID-enabled credit cards, our study observes that
	(1) the cardholder’s name and often credit card number and expiration
	are leaked in plaintext to unauthenticated readers, (2) our homemade
	device costing around $150 effectively clones one type of skimmed
	cards thus providing a proof-of-concept implementation for the RF
	replay attack, (3) information revealed by the RFID transmission
	cross contaminates the security of RFID and non-RFID payment contexts,
	and (4) RFID-enabled credit cards are susceptible in various degrees
	to a range of other traditional RFID attacks such as skimming and
	relaying.},
  doi = {10.1007/978-3-540-77366-5},
  keywords = {security; RFID},
  slides_url = {{http://prisms.cs.umass.edu/~kevinfu/talks/FC-RFID-CC-slides.pdf}},
  timestamp = {2009.09.29},
  url = {http://www.springerlink.com/content/e7324164535up092/fulltext.pdf},
  video_url = {http://www.youtube.com/watch?v=xPkzFETzueQ}
}

@INPROCEEDINGS{Heydt-Benjamin2006a,
  author = {Thomas S. Heydt-Benjamin and Hee-Jin Chae and Benessa Defend and
	Kevin Fu},
  title = {Privacy for Public Transportation},
  booktitle = {Proceedings of the Sixth Workshop on Privacy Enhancing Technologies
	(PET 2006)},
  year = {2006},
  address = {Cambridge, UK},
  month = {June},
  publisher = {Springer},
  __markedentry = {[hey]},
  abstract = {We propose an application of recent advances in e-cash, anonymous
	
	credentials, and proxy re-encryption to the problem of privacy in
	
	public transit systems with electronic ticketing. We discuss some
	of the
	
	interesting features of transit ticketing as a problem domain, and
	provide
	
	an architecture sufficient for the needs of a typical metropolitan
	
	transit system. Our system maintains the security required by the
	transit
	
	authority and the user while significantly increasing passenger privacy.
	
	Our hybrid approach to ticketing allows use of passive RFID transponders
	
	as well as higher powered computing devices such as smartphones
	
	or PDAs. We demonstrate security and privacy features offered by our
	
	hybrid system that are unavailable in a homogeneous passive transponder
	
	architecture, and which are advantageous for users of passive as well
	
	as active devices.},
  bookurl = {http://petworkshop.org/2006/},
  timestamp = {2009.09.29},
  www_pdf_url = {http://petworkshop.org/2006/preproc/preproc_01.pdf},
  www_section = {Misc}
}

@INPROCEEDINGS{Heydt-Benjamin2006,
  author = {Thomas S. Heydt-Benjamin and Andrei Serjantov and Benessa Defend},
  title = {Nonesuch: a mix network with sender unobservability},
  booktitle = {{Proceedings of the Workshop on Privacy in the Electronic Society
	(WPES 2006)}},
  year = {2006},
  pages = {1--8},
  address = {New York, NY, USA},
  publisher = {ACM Press},
  __markedentry = {[hey]},
  abstract = {Oblivious submission to anonymity systems is a process by
	
	which a message may be submitted in such a way that nei-
	
	ther the anonymity network nor a global passive adversary
	
	may determine that a valid message has been sent. We
	
	present Nonesuch: a mix network with steganographic sub-
	
	mission and probabilistic identification and attenuation of
	
	cover traffic. In our system messages are submitted as ste-
	
	gotext hidden inside Usenet postings. The steganographic
	
	extraction mechanism is such that the the vast majority of
	
	the Usenet postings which do not contain keyed stegotext
	
	will produce meaningless output which serves as cover traf-
	
	fic, thus increasing the anonymity of the real messages. This
	
	cover traffic is subject to probabilistic attenuation in which
	
	nodes have only a small probability of distinguishing cover
	
	messages from “real” messages. This attenuation prevents
	
	cover traffic from travelling through the network in an infi-
	
	nite loop, while making it infeasible for an entrance node to
	
	distinguish senders.},
  doi = {http://doi.acm.org/10.1145/1179601.1179603},
  isbn = {1-59593-556-8},
  location = {Alexandria, Virginia, USA},
  timestamp = {2009.09.29},
  www_pdf_url = {http://www.cs.umass.edu/~tshb/wpes40-heydt-benjamin.pdf},
  www_section = {Anonymous communication}
}

@INPROCEEDINGS{Rasmussen2009,
  author = {Kasper Bonne Rasmussen and Claude Castelluccia and Thomas S. Heydt-Benjamin
	and Srdjan Capkun},
  title = {Proximity-based Access Control for Implantable Medical Devices},
  booktitle = {Proceedings of the ACM Conference on Computer and Communications
	Security (CCS)},
  year = {2009},
  publisher = {ACM Press},
  timestamp = {2009.09.29}
}

@MISC{schwartz2006,
  author = {Schwartz, John},
  title = {Researchers See Privacy Pitfalls in No-Swipe Credit Cards},
  howpublished = {The New York Times},
  month = {October},
  year = {2006},
  keywords = {heydt-benjamin, RFID, credit, card},
  timestamp = {2009.09.29}
}

@comment{jabref-meta: selector_publisher:}

@comment{jabref-meta: selector_author:}

@comment{jabref-meta: selector_journal:}

@comment{jabref-meta: selector_keywords:}