Context-Aware Security Gleneesha Johnson

Slides:

Advertisements

Similar presentations

A Usage-based Authorization Framework for Collaborative Computing Systems Xinwen Zhang George Mason University Masayuki Nakae NEC Corporation Michael J.

Advertisements

Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.

Mobile applications Mobile applications have been a domain for recommendation –small display sizes and space limitations –naturally require.

Operating System Security

Service-Based Paradigm Anchoring the Indefinable Field Of Pervasive Computing Presenter: Vijay Dheap.

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Welcome to DEAS 2005 Design and Evolution of Autonomic Application Software David Garlan, CMU Marin Litoiu, IBM CAS Hausi A. Müller, UVic John Mylopoulos,

Access Control Methodologies

Fundamentals of Computer Security Geetika Sharma Fall 2008.

A Context Framework for Ambient Intelligence. Context servers Motivation interoperable Machine processable Security & privacy.

Chapter 1 – Introduction

Towards Security and Privacy for Pervasive Computing Author ： Roy Campbell,Jalal Al-Muhtadi, Prasad Naldurg,Geetanjali Sampemane M. Dennis Mickunas.(2002)

Software Engineering Issues for Ubiquitous Computing Author: Gregory D. Abowd, Georgia Institute of Technology CSCI 599 Week 4 Paper 3 September

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

An Approach for Configuring Ontology- based Application Context Model Chung-Seong Hong, Hyun Kim, Hyoung-Sun Kim Electronics and Telecommunication Research.

CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine

Security Models for Trusting Network Appliances From ： IEEE ( 2002 ) Author ： Colin English, Paddy Nixon Sotirios Terzis, Andrew McGettrick Helen Lowe.

CSE5610 Intelligent Software Systems Semester 1 Enabling Intelligent Systems in Pervasive Computing.

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Introduction (Pendahuluan)  Information Security.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

AMBIENT INTELLIGENT José Manuel Molina López Catedrático de Ciencia de la Computación e Inteligencia Artificial.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Information Systems Controls for System Reliability -Information Security-

Summary For Chapter 8 Student: Zhibo Wang Professor: Yanqing Zhang.

A Survey on Context-Aware Computing Center for E-Business Technology Seoul National University Seoul, Korea 이상근, 이동주, 강승석, Babar Tareen Intelligent Database.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

DCS 891C Research Seminar Summer 2004 July 16, 2004 Richard Harvey

Introduction to the Mobile Security (MD)  Chaitanya Nettem  Rawad Habib  2015.

Cryptography and Network Security

Switch off your Mobiles Phones or Change Profile to Silent Mode.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

Introduction to Computer Security1 Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st semester University of.

Threats, Risk Assessment, and Policy Management in UbiComp Workshop on Security in UbiComp UBICOMP 2002, 29th Sept. Göteborg, Sweden Philip Robinson, SAP.

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

© Synergetics Portfolio Security Aspecten.

Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.

Protection Models Yeong-Tay Timothy Sun September 27, Dennis Kafura – CS5204 – Operating Systems.

Extending context models for privacy in pervasive computing environments Jadwiga Indulska The School of Information Technology and Electrical Engineering,

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

Cerberus: A Context-Aware Security Scheme for Smart Spaces presented by L.X.Hung u-Security Research Group The First IEEE International Conference.

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Principles of Context aware systems Presented by: Rajesh Gangam Usable Security.

Understanding and using patterns in software development EEL 6883 Software Engineering Vol. 1 Chapter 4 pp Presenter: Sorosh Olamaei.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Data Governance 101. Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Academic Year 2014 Spring Academic Year 2014 Spring.

Internet of Things. IoT Novel paradigm – Rapidly gaining ground in the wireless scenario Basic idea – Pervasive presence around us a variety of things.

Time-Space Trust in Networks Shunan Ma, Jingsha He and Yuqiang Zhang 1 College of Computer Science and Technology 2 School of Software Engineering.

1 5/18/2007ã 2007, Spencer Rugaber Architectural Styles and Non- Functional Requirements Jan Bosch. Design and Use of Software Architectures. Addison-Wesley,

Ubiquitous Systems Security Boris Dragovic Systems Research Group Computer Laboratory University of Cambridge, UK.

Computer Security: Principles and Practice

Ergonomics/Human Integrated Systems (Project 02)

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

Ambient Intelligence: Everyday Living Aid System for Elders

Bringing Diversity into Impact Evaluation: Towards a Broadened View of Design and Methods for Impact Evaluation Sanjeev Sridharan.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Access Control Model SAM-5.

Challenges facing Enterprise Mobility

Internet of Things: State of the Art

World-Leading Research with Real-World Impact!

Cryptography and Network Security

Securing Home IoT Environments with Attribute-Based Access Control

Pervasive Computing Happening?

DATABASE SECURITY For CSCL (BIM).

Recommendations in ubiquitous environments

Cryptography and Network Security Chapter 1

Cyber Security R&D: A Personal Perspective

Presentation transcript:

Context-Aware Security Gleneesha Johnson

Context Common definition from Dey et al. [DA99] …any information that can be used to characterize the situation of an entity. An entity is a person, place, or object that is considered relevant to the interaction between a user and an application, including the user and applications themselves Contextual Attribute - a measurable context primitive –Common examples are location and time

Context-Aware Systems A system is context-aware if it can discover and utilize context to adapt its behavior based on the current situation Context can be supplied from a variety of sources –sensors embedded in a computing device, external sensors in the environment, a context providing service, and system state

Context-Aware Systems Seminal Paper by Weiser “The Computer for the 21 st Century” [W99] –Many computers seamlessly integrated into the physical environment –Objective – to support and enhance a user’s experience by making life and tasks easier Significant body of research explores ways that objective can be accomplished –Location-aware application Less work on enhancing security

Traditional Security Coarse and context insensitive Based on relatively stable, well-defined, consistent configurations, and static contexts. [HSBER05] Shifting computing paradigm Anytime, anywhere, anyone access Rapidly and frequently changing context

Context-Aware Security Security mechanisms dynamically adapting to the user’s situation based on the provided context Context can be incorporated into various security services –Access control, encryption, authentication, etc. Context can incorporated into security in different ways –Supplement user attributes –Replace user attributes Majority of research focuses on access control

Access Control Objective is to prevent unauthorized access to protected resources Controls what subjects (active entities, such as users and processes) can access what resources (passive entities) and what operations they can perform (read, write)

Access Control Model

Context-Aware Access Control Incorporating context into access control allows decisions to be based on situation at time of resource request. Generalized RBAC (GRBAC)[CLSDAA00] – uses “environment roles” to capture security- relevant context of environment in which access request was made. Dynamic RBAC (DRBAC)[ZP04] – dynamically adjust user role and permissions based on context using state machines Many others

Context-Aware Security Issue Many of today’s context-aware security systems are either vague about their notion of context, or use limited context –Abstracts away important aspects of the situation –Lead to poor security decisions based on an incomplete picture

Shrink-Wrapped Security A security paradigm in which a tight coupling is provided between a user's current situation and security –not possible when only limited context is utilized Requires a more comprehensive notion of context than what is currently used by context-aware security systems –Only consider security-relevant context

Security-Relevant Context Security-relevant context consists of the set of contextual attributes that can be used to characterize the situation of an entity, whose value affects the choice of the most appropriate controls (measures) or the configuration of those controls to protect information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction in order to provide confidentiality, integrity and availability.

Security-Relevant Context The values of security-relevant contextual attributes affect the choice of the most appropriate controls because they impact the likelihood of certain threats to confidentiality, integrity, and availability being realized. Therefore, based on their values, the most appropriate controls and configuration of those controls can be employed to mitigate those threats.

Research Areas Secure context collection and management in a dynamic environment –Context authentication and integrity –Context privacy The formulation and enforcement of context-aware security policies Identifying relevant context

Identifying Relevant Context Exercise

References [DA99] Anind K. Dey and Gregory D. Abowd. Towards a Better Understanding of Context and Context-Awareness. Proceedings of the 1st International Workshop on Managing Interactions in Smart Environments [W99] M. Weiser, "The Computer for the 21 st Century," ACM SIGMOBILE Mobile Computing and Communications Review, vol. 3, pp. 3-11, [HSBER05] R. Hulsebosch, A.H. Salden, M.S. Bargh, PWG Ebben, and J Reitsma. Context Sensitive Access Control [CLSDAA00] Michael J. Covington, Wende Long, Srividhya Srinivasan, Anind Dey, Mustaque Ahamad, and Gregory Abowd. Securing context aware applications using environment roles [ZP04] Guangsen Zhang and Manish Parashar. Context-Aware Dynamic Access Control for Pervasive Applications.