SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation.

Slides:

Advertisements

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Advertisements

Web Services In M-Commerce

D SEA Group Software Engineering and Architecture Group i On Exploiting DIVERSITY e-professionals scenario Paola Inverardi Dipartimento di Informatica.

ITU-T SG13 futures session – July 25, D1 Present document contains informations proprietary to France Telecom. Accepting this document means for.

SensMax People Counting Solutions Visitors counting makes the most efficient use of resources - people, time and money, which leads to higher profits in.

Analysis Modeling.

MobiShare: Sharing Context-Dependent Data & Services from Mobile Sources Efstratios Valavanis, Christopher Ververidis, Michalis Vazirgianis, George C.

28.2 Functionality Application Software Provides Applications supply the high-level services that user access, and determine how users perceive the capabilities.

ASNA Architecture and Services of Network Applications Research overview and opportunities L. Ferreira Pires.

Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.

1 Geographic Information Infrastructures for Ubiquitous Computing Spring 2007 Ki-Joune Li.

Quality of Service in IN-home digital networks Alina Albu 23 October 2003.

Middleware & Applications for Mobile Collaboration Prof. Markus Endler Laboratory for Advanced Collaboration (LAC) PUC-Rio

Challenges: Device-free Passive Localization for Wireless Environments Moustafa Youssef, Matthew Mah, Ashok Agrawala University of Maryland College Park.

1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.

What is adaptive web technology?  There is an increasingly large demand for software systems which are able to operate effectively in dynamic environments.

Presented by Tao HUANG Lingzhi XU. Context Mobile devices need exploit variety of connectivity options as they travel. Operating systems manage wireless.

Joint Presentation Real-Time Locating System for Boarding Support and Rescue: A Case Study Multi-Agent System for Controlling the Unloading of Illegal.

Omniran ZigBee SEP2 Smart Grid Use Case Analysis Date: Authors: NameAffiliationPhone Max RiegelNSN

An Intelligent Broker Architecture for Context-Aware Systems A PhD. Dissertation Proposal in Computer Science at the University of Maryland Baltimore County.

Advances in Technology and CRIS Nikos Houssos National Documentation Centre / National Hellenic Research Foundation, Greece euroCRIS Task Group Leader.

Context-Aware Middleware for Anytime, Anywhere Social Networks Dario Bottazzi, Rebecca Montanari, and Alessandra Toninelli University of Bologna IEEE Intelligent.

S New Security Developments in DICOM Lawrence Tarbox, Ph.D Chair, DICOM WG 14 (Security) Siemens Corporate Research.

Module 8: Managing Client Configuration and Connectivity.

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

Patterns for Location and Context-based access control

Adaptability for flexible mobile service provision in 3G and beyond Nikos Houssos

1 Multi Cloud Navid Pustchi April 25, 2014 World-Leading Research with Real-World Impact!

COMP 410 & Sky.NET May 2 nd, What is COMP 410? Forming an independent company The customer The planning Learning teamwork.

Computing on the Cloud Jason Detchevery March 4 th 2009.

Integrated Support for Handoff Management and Context Awareness in Heterogeneous Wireless Networks ACM MPAC’05.

Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner Clifford Neuman Jeffrey I. Schiller.

Context Infrastructure for Developing Context-Aware Applications Fakultät Informatik, Institut für Systemarchitektur, Lehrstühl für Rechnernetze Jordan.

Module 5: Designing a Terminal Services Infrastructure.

AirPatrol’s ZoneDefense for Corrections Complete 24/7 precision monitoring and detection of all mobile devices.

Doc.: IEEE /1061r1 Submission September 2015 Kare Agardh, SonySlide 1 Further Use Cases for Next Generation Positioning Date: 2015/09/13 Authors:

Application Policy on Network Functions (APONF) G. Karagiannis and T.Tsou 1.

A Flexible Access Control Model for Web Services Elisa Bertino CERIAS and CS Department, Purdue University Joint work with Anna C. Squicciarini – University.

Lecture 7: Requirements Engineering

Authorization for IoT Group Name: oneM2M SEC WG Source: Francois Ennesser, Gemalto NV Meeting Date: Agenda Item:

Distributed Authentication in Wireless Mesh Networks Through Kerberos Tickets draft-moustafa-krb-wg-mesh-nw-00.txt Hassnaa Moustafa

A security framework combining access control and trust management for mobile e-commerce applications Gregor v.Bochmann, Zhen Zhang, Carlisle Adams School.

Copyright: NOMAD IST NOMAD Integrated Networks for Seamless and Transparent Service Discovery.

Cerberus: A Context-Aware Security Scheme for Smart Spaces presented by L.X.Hung u-Security Research Group The First IEEE International Conference.

Submission doc.: IEEE 11-14/0877r0 July 2014 SK Yong et.al., AppleSlide 1 Generic Service Discovery Proposal: Dynamic Bloom Filter Operation Date:

Information Technology Needs and Trends in the Electric Power Business Mladen Kezunovic Texas A&M University PS ERC Industrial Advisory Board Meeting December.

Doc.: IEEE /0834r0 Submission July 2015 Thomas Handte, SonySlide 1 Further Use Cases for Next Generation Positioning Date: 2015/07/13 Authors:

GPS Provider:  GPS signal Network Location Provider:  Cell ID  Wi-Fi.

Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.

Rover Technology Enabling Scalable Location Aware Computing ( Wireless ) Myoung – Seo Kim Super Computing Lab

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE September Integrating Policy with Applications.

Internet of Things. IoT Novel paradigm – Rapidly gaining ground in the wireless scenario Basic idea – Pervasive presence around us a variety of things.

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

Policy-Based Dynamic Negotiation for Grid Services Authorization Ionut Constandache, Daniel Olmedilla, Wolfgang Nejdl Semantic Web Policy Workshop, ISWC’05.

1 An infrastructure for context-awareness based on first order logic 송지수 ISI LAB.

Semantic Web in Context Broker Architecture Presented by Harry Chen, Tim Finin, Anupan Joshi At PerCom ‘04 Summarized by Sungchan Park

Rights Management for Shared Collections Storage Resource Broker Reagan W. Moore

Secure Access and Mobility Jason Kunst, Technical Marketing Engineer March 2016 Location Based Services with Mobility Services Engine ISE Location Services.

Continuous Monitoring of Spatial Queries in Wireless Broadcast Environments.

SOURCE:2014 IEEE 17TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND ENGINEERING AUTHER: MINGLIU LIU, DESHI LI, HAILI MAO SPEAKER: JIAN-MING HONG.

Context-Aware Middleware for Resource Management in the Wireless Internet US Lab 신현정.

Trust Profiling for Adaptive Trust Negotiation

Pilot Walktour Operation Guide V3.5 (Android)

Introduction to Cloud Computing

Object-Oriented Analysis

Mobile Computing.

Analysis models and design models

A lighttwiht reconfigurable security mechanism for 3G/4G mobile devices 2019/7/1 A Lightweight reconfigurable security mechanism for 3G/4G mobile devices.

Presentation transcript:

SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation simple? What if we add location information to the policy and say “Grant access to all people present in the room”. STUDENTS

LOCATION BASED TRUST NEGOTIATION MOTIVATION  Conventional trust negotiation mechanisms rely on the assumption that requestors’ profiles fully determine what they are authorized to do.  A requestor’s profile is not the only thing that matters,his/her physical location may also play a pivotal role in determining access rights.  Automated trust negotiation networks should be adapted to handle location based scenarios.

CHALLENGES  Choosing the right location measurement technology  Defining symbolic positions in a machine understandable way.  Expressing and handling both absolute and relative locations.  Proper treatment of volatile information.  Handling dynamically changing information (Future Work)

LOCATION BASED PREDICATES  Position Based Conditions: Conditions Based on the location of the user i.e. if he is located in a certain area, proximity to common landmarks etc.  Movement Based Conditions: Conditions based on the mobility of the user like velocity, direction, acceleration etc.  Interaction Based Conditions: Conditions relating multiple users like number of users in a particular area, two users in the same area etc. Identifying the kind of conditions that might be useful for to include in our policies is the first step. We identified three types of conditions

ARCHITECTURE  The location service has the capability to understand information from wireless networks and GPS (Global Positioning Systems). CLIENT ENTITY SERVER ENTITY

WIRELESS NETWORKS  Has limited coverage but extremely helpful in indoor environments( e.g buildings, malls, floors)  Access points visible and signal strength will be the main parameters on which location identification will take place.  Important characteristics of the network can be obtained like current access point, ssids of networks visible etc.  Change in network statistics can be accounted for in the maps. The MoCA( Mobile Collaboration Architecture) system has all the facilities needed for such a situation

MoCA (MOBILE COLLABORATION ARCHITECTURE)  A middleware architecture that supports the development and deployment of context-aware distributed applications for infra-structured wireless local networks, that is, IEEE b/g WLANs.  Consists of a set of API's that enable easier and more effective application development by providing easy access to generic services useful for location identification.  Consists of three main parts a) MoCA Monitor: Responsible for collecting all relevant data about the access points visible and signal strength and displaying it to the user. b) CIS (Context Information Service): Collects all the data that the monitor receives. c) LIS(Location Inference Service): Uses the data from CIS and other data from previously created reference points to determine location.

SIMPLE NEGOTIATION USING MoCA SERVICES CLIENT SERVER Request for resource MoCA Ask device identifier Supplies id Check Location Location Value Grant Access

GPS (GLOBAL POSITIONING SYSTEM)  Ideal for outdoor environments  NMEA sentences read from the receiver are used to compute location.  Many other attributes other than position like elevation, time, direction etc can be obtained from the data.  The complete path for a given duration of time can be obtained.  Information can be used to plot location on any commercially available or custom made maps.  The GPS Data is read from the serial port from where it is sent to the service to process the NMEA Data.

NEGOTIATION USING GPS $GPRMC, ,V,,,,,,,070508,,,N *44 NMEA DATA POLICY ENGINE REPLY PLOT THE LOCATION

RESULTS AND POSSIBLE PREDICATES LOCATION RESULTS OBTAINED  Access Points Visible: Check the access points which are visible from the client’s area.  Position on Google Maps: Plotting the user’s current position on google maps using the static map API provided.  Other information like signal strength, battery level, direction, elevation, current access point are also computed which can be used based on the need. REASONING PREDICATES  Alone: Using this we can find out whether the user is alone in a particular area or not.  Same Area: We can check whether two users are in the same area or not.

FUTURE WORK  Adapting the system to make sure that any location changes during the course of the negotiation are taken into consideration  Automation of the GPS location identification process.  Design of custom maps which can be used to generate location automatically in case of GPS.  Ability to compute relative location like for example. Proximity to a certain building, landmark.