1 Security Challenges of Location-Aware Mobile Business Emin Islam Tatlı, Dirk Stegemann Theoretical Computer Science, University of Mannheim February.

Slides:

Advertisements

Similar presentations

OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.

Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Dynamic Anonymity Emin İslam Tatlı, Dirk Stegemann, Stefan Lucks University of Mannheim, Germany.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Principles of Information Security, 2nd edition1 Cryptography.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

FIT5037 Advanced Network Security --- Modern Computing and Security --- Lecture 1.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European.

1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.

Security Management.

Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.

A Seminar on Securities In Cloud Computing Presented by Sanjib Kumar Raul Mtech(ICT) Roll-10IT61B09 IIT Kharagpur Under the supervision of Prof. Indranil.

RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.

ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 12 Slide 1 Distributed Systems Architectures.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

BUSINESS B1 Information Security.

Defining Computer Security cybertechnology security can be thought of in terms of various counter measures: (i) unauthorized access to systems (ii) alteration.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

IEEE R lmap 23 Feb 2015.

Software Architecture Framework for Ubiquitous Computing Divya ChanneGowda Athrey Joshi.

Chapter 1 Lecture 2 By :Jigar M Pandya WCMP 1. Architecture of Mobile Computing The three tier architecture contains the user interface or the presentation.

Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

© Synergetics Portfolio Security Aspecten.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

EIDE Design Considerations 1 EIDE Design Considerations Brian Wright Portland General Electric.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST

Database Security Tampere University of Technology, Introduction to Databases. Oleg Esin.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.

Lesson 10: Configuring Network Settings MOAC : Configuring Windows 8.1.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Security in Wireless Sensor Networks by Toni Farley.

Creating and Managing Digital Certificates Chapter Eleven.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

Real time Stock quotes by web Service and Securing XML for Web Services security. Bismita Srichandan

SMARTIE Area of Activity: Framework Programme 7Framework Programme 7 ICT Objective 1.4 IoT (Smart Cities) Period:1 st September st August 2016.

Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.

A Seminar on Securities In Cloud Computing

Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.

Security Outline Encryption Algorithms Authentication Protocols

An Introduction to Privacy and Anonymous Communication

Mobile Computing.

A Seminar on Securities In Cloud Computing

Lecture 1: Foundation of Network Security

Chinese wall model in the internet Environment

Presentation transcript:

1 Security Challenges of Location-Aware Mobile Business Emin Islam Tatlı, Dirk Stegemann Theoretical Computer Science, University of Mannheim February 2005

2 Outline The Mobile Business Research Group Context- and Location-awareness Application Logic Framework Security Challenges Further Research

3 Mobile Business Research Group Generic platform for location-based and context-based mobile business applications Joint project of 7 research groups at the University of Mannheim Cooperations with SAP AG, Walldorf CAS Software AG, Karlsruhe Web:

4 Location and Context Context = any information that can be used to characterize the situation of an entity Examples: location, time, identity, level of mobility A Context-based application considers context when providing its service.

5 Examples Find the nearest haircutter Display the special offers of nearby shops that sell men’s shirts Find a pizza delivery service that can deliver my favorite pizza for less than 8 EUR within 15 minutes to my current location Location-based Post-it

6 Application Logic CONTEXT AWARE MOBILE BUSINESS SERVICES Request Dispatcher Service Registration Service Repository Mobile User Service Provider Service Provider Service Provider 1 - register 2- service query 3- service descriptions 4- service request 5- service result

7 Research Areas Service-oriented software architectures Service discovery and service brokerage Wireless networks, localization, content-to-device adaption Data exchange formats, location-based ontologies User requirements and preferences Mobile solutions in supply chain management Security

8 Security Challenges Anonymity Privacy of personal data Confidentiality of the communication Confidentiality of locally stored data Usability vs. security

9 Anonymity Mobile users require to hide their real identity Anonymity ensures that a user may use a resource or service without disclosing the user's identity [1] Service providers require a unique representation of users (partial) Solution Pseudonymity Pseudonyms are faked names (e.g. nicknames)

10 Unlinkability of Pseudonyms Linkability of pseudonyms may break anonymity „unlinkability requires that users and/or subjects are unable to determine whether the same user caused certain specific operations in the system“ [1] Mix-net [2] based solutions not flexible Future Research Analyzing existing protocols and enhancing them to satisfy m-business unlinkability

11 Mix-net Mix: Computer between sender and receiver Decrypts messages and forwards to receiver SenderReceiverMix-net K M (R 1, K R (R 0,M), Addr_R) K R (R 0,M) Sender Receiver

12 Privacy of Personal Data Service providers request different kinds of personal data (even only for profiling of users) Personal data is private, especially location Privacy is “the ability and/or right to protect your personal secrets” [4] Solution Identity Manager [5] P3P [6]

13 Identity Manager Enables full control of personal data Presents an interface for creating different virtual IDs binding a subset of personal data to each ID During communication with a service provider, the user chooses a suitable ID for this particular type of communication Before any personal data is sent to a service provider, the user is asked to allow this transmission

14 Identity Manager (cont.) quoted from

15 Confidentiality of the Communication Communication messages contain sensitive information e.g. personal data, credit card numbers, location, queries of users results from broker registration data of providers Any mobile device can receive data transmitted over air Confidentiality ensures that unauthorized disclosure of personal data is not possible Solution End-to-end security (e.g. SSL-based protocol) Future research How to avoid SSL-handshake delay

16 Confidentiality of Locally Stored Data Thefts are very common in the mobile world User’s local data (e.g. profiles, passwords, private keys, etc.) should be protected from unauthorized disclosure Solution Two-factor authentication Password-based encryption

17 Usability vs. Security Trade-off usability and security: users prefer usability weak, easily-guessable passwords digital certificates Different sensitivity of users for security Enhance usability and security according to personal needs Solution Dynamically configurable security policy management system

18 Usability vs. Security (cont.) Components of a dynamically configurable security policy management system Password Manager Single-Sign-On Security Level Manager Identity Manager

19 Research Focus Design an open security architecture which can easily be integrated within the m-business application framework

20 Remarks Workshop Public Workshop on Mobile Business organized by the University of MannheimWorkshop on Mobile Business Mobile Business: Geschäftsfelder und Softwaretechnologien More Information: mannheim.de/workshopMBusiness/mBusinessWorkshop.htm mannheim.de/workshopMBusiness/mBusinessWorkshop.htm Hiwi Jobs, Studien-, Bachelor- and Diplomarbeiten: Emin Islam Tatlı A5,6 B105 – Dirk Stegemann A5,6 B125 – and co-workers in the project

21 References [1]ISO99 ISO IS 15408, 1999, [2]D. Chaum. Untraceable Electronic Mail, Return Ad- dresses, and Digital Pseudonyms. Communications of the ACM, [3]D. Chaum. The Dining Cryptographers Problem: Unconditional Sender and Receipient Untraceability. Journal of Cryptography, [4]Anderson R., Security Engineering, Wiley Computer Publishing, [5]U. Jendricke, D. Gerd tom Markotten, Usability meets security - the Identity-Manager as your personal security assistant for the Internet, Proceedings of the 16th Annual Computer Security Applications Conference (ACSAC'00), p.344, December 11-15, [6]W3C, P3P (Platform for Privacy Preferences Initiative), [7]OpenCA Research \& Development Labs, [8]eTrust Pki, [9]Netscape Certificate Management System, [10]Raheem Beyah, Shantanu Kangude, George Yu, Brian Strickland, and John Copeland. ``Rogue Access Point Detection using Temporal Traffic Characteristics.'' Appeared in the Proceedings of IEEE GLOBECOM 2004, December [11]Preventing Internet Denial-of-Service using Capabilities, Tom Anderson, Timothy Roscoe and David Wetherall. Proceedings of the Second Workshop on Hot Topics in Networking (HotNets-II), Cambridge, MA, USA, November 19-20, 2003.

22 Security Challenges of Location-Aware Mobile Business Emin Islam Tatlı, Dirk Stegemann Theoretical Computer Science, University of Mannheim February 2005 Thank you for your attention !