Security Policy Implementation Strategies for Common Carrier Monitoring Service Providers Short Position Paper for IEEE POLICY 2009 Carl A. Gunter University.

Slides:

Advertisements

Similar presentations

Pervasive Wireless Solutions © Copyright IBM Corporation 2004 IBM La Gaude Smart Home / Intelligent Building Jean-Michel Corrieu IBM Europe Technical Manager.

Advertisements

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Sharing Content and Experience in Smart Environments Johan Plomp, Juhani Heinila, Veikko Ikonen, Eija Kaasinen, Pasi Valkkynen 1.

Information Systems in Business

Vendor Briefing May 26, 2006 AMI Overview & Communications TCM.

Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets Chapter 4.

Slide title minimum 48 pt Slide subtitle minimum 30 pt towards 50 billion connections Zagreb, 9-11 November 2011 Mićo dujak Solution Manager ICT solutions.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

Illinois Security Lab Using Attribute-Based Access Control to Enable Attribute- Based Messaging Rakesh Bobba, Omid Fatemieh, Fariba Khan, Carl A. Gunter.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

PARTICIPATORY MEDICINE: LEVERAGING SOCIAL NETWORKS IN TELEHEALTH SOLUTIONS Duckki Lee, PhD Stduent Mobile and Pervasive Computing Lab University of Florida.

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Applied Cryptography for Network Security

2008/7/3 NanoMon: An Adaptable Sensor Network Monitoring Software Misun Yu, Haeyong Kim, and Pyeongsoo Mah Embedded S/W Research Division Electronics and.

AgentOS: The Agent-based Distributed Operating System for Mobile Networks Salimol Thomas Department of Computer Science Illinois Institute of Technology,

Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

EHealth Challenges and Opportunities E-health: Multi-disciplinary of E (ICT) and Healthcare, or applied ICT in healthcare (Design oriented), or healthcare.

Cloud Usability Framework

August 8, 2015ECI Confidential. AccessWave Smart Grid Market Trends& Applications Matthias Nass VP Field Marketing EMEA.

Advanced Metering Infrastructure

ZIGBEE PROTOCOL FOR WIRLEESS SENSOR NETWORK ZIGBEE PROTOCOL FOR WIRLEESS SENSOR NETWORK Research paper Lina kazem

Towards a Distributed, Service-Oriented Control Infrastructure for Smart Grid ASU - Cyber Physical Systems Lab Professor G. Fainekos Presenter: Ramtin.

By Brett Kotowski.  Wireless telecommunication device that sends signals from patient to healthcare provider.  Minimizes trips to hospital patient needs.

Component 4: Introduction to Information and Computer Science Unit 10: Future of Computing Lecture 2 This material was developed by Oregon Health & Science.

IOT5_ GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.

PKI in Higher Education: Dartmouth PKI Lab Update Internet2 Virtual Meeting 5 October 2001.

A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation.

Introduction to the Mobile Security (MD)  Chaitanya Nettem  Rawad Habib  2015.

IIIAURJCUPV Task 7.1 Software architecture and computation model E. Marcos C. Acuña Task 7.2 Multiagent System Platform A. Espinosa Task.

1 Web Services Distributed Systems. 2 Service Oriented Architecture Service-Oriented Architecture (SOA) expresses a software architectural concept that.

Mobile data. Introduction Wireless (cellular) communications has experienced a tremendous growth in this decade. Most of the wireless users also access.

Top-Down Network Design Chapter Nine Developing Network Management Strategies Oppenheimer.

Mobile Agent Technology for the Management of Distributed Systems - a Case Study Claudia Raibulet& Claudio Demartini Politecnico di Torino, Dipartimento.

Component 4: Introduction to Information and Computer Science Unit 10b: Future of Computing.

WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.

Designing System for Internet Commerce 6. Functional Architecture Jinwon Lee.

Team 16 : MedFRS Device Diagnostic Software Misha DowdProject Manager Delnaz GundeviaLife Cycle Planner Anfal Abdul JaleelSystem Architect Nanda Kishore.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 4 Realtime Widely Distributed Instrumention System.

1 Emergency Alerts as RSS Feeds with Interdomain Authorization Filippo Gioachin 1, Ravinder Shankesi 1, Michael J. May 1,2, Carl A. Gunter 1, Wook Shin.

Grid-based Future Internet with Wireless sensor network By Mohammad Mehedi Hassan Student ID:

Copyright © 2002 Intel Corporation. Intel Labs Towards Balanced Computing Weaving Peer-to-Peer Technologies into the Fabric of Computing over the Net Presented.

Chapter 5 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved.

Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets.

Internet of Things. IoT Novel paradigm – Rapidly gaining ground in the wireless scenario Basic idea – Pervasive presence around us a variety of things.

Chapter 8 – Cloud Computing

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Providing web services to mobile users: The architecture design of an m-service portal Minder Chen - Dongsong Zhang - Lina Zhou Presented by: Juan M. Cubillos.

GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.

Living in a Digital World Discovering Computers Fundamentals, 2011 Edition.

Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.

Fast Transmission to Remote Cooperative Groups: A New Key Management Paradigm.

Innovative ICT Building a Better Smart City. Agenda 1. Why focus on Smart City 2. What is a Smart City 3. References.

Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources.

Outline Introduction Standards Project General Idea

University of Technology

Mobile Commerce and the Internet of Things

Mobile Commerce and Ubiquitous Computing

Sensor Networks – Motes, Smart Spaces, and Beyond

Mobile Commerce and Ubiquitous Computing

Presentation transcript:

Security Policy Implementation Strategies for Common Carrier Monitoring Service Providers Short Position Paper for IEEE POLICY 2009 Carl A. Gunter University of Illinois

Monitoring Service Provider (MSP) collects data from monitored parties, conveys it to users. Example: monitoring for security and fire emergencies. Advantages – Division of labor – Deals with heterogeneity, change – Provides value added services like routing and triage – Economy of scale Monitoring Service Provider

MSP Components

Applied to telecommunication carriers: limited responsibility for content Basis under US law – Restatement of Torts (Rest. 2d Torts sections 581,612), the Digital Millennium Copyright Act (17 U.S.C. section 512), and the Communications Decency Act immunity for interactive computer service (47 U.S.C. sec 230). This talk: – Argue for three technologies that support the implementation of Common Carrier MSPs (CCMSPs) – Illustrate with two application areas Common Carrier Protection

Healthcare Assisted living: monitor vital signs of assisted persons Increasing number of elderly, rising healthcare costs, desire for independent living Enabled by advances in networking, sensors, and healthcare IT systems Assisted Living Service Provider (ALSP) is an MSP for assisted living Energy Systems Advanced Meter Infrastructure (AMI): computers with wireless digital links monitor and may control power usage. Facilitates demand response and distributed generation, …. for “Smart Grid” Meter Data Management Service (MDMS) is an MSP for AMI Application Areas

AMI Components and Applications

Technology Service Oriented Architecture (SOA) (aka “web services”) is distributed computing based on a set of standardized formats for B2B web commerce developed by W3C and Oasis Provide support for flexible security, including encryption Provides security capabilities beyond SSL/TLS Application ALSP design can use SOA with XMLENC to provide end-to- end encryption model Easy to implement with existing platforms Assures that the ALSP collects only the routing data it needs, not medical data it does not process CCMSP protection Enabling Technologies 1

Drop-Box Architecture Enc[ Health status ] Enc[ Reminder ] Store & Forward Medical Device Monitoring Service Clinician 8 May, Shin, Gunter, FMSE 07

Message Encryption Header Information (Including sender, recipient, data ID etc.) Medical data (readings, checksum, etc) Header Information (Including sender, recipient, data ID etc.) Medical data (readings, checksum, etc) Header Information (Including sender, recipient, data ID etc.) Medical data (readings, checksum, etc) Stored in ALSPTransmitted over networkOnly authorized people can see

Technology Attribute-Based Encryption (ABE) New public key cryptography based on Identity-Based Encryption (IBE) Encrypts using a policy based on attributes Prevents collusion between parties with attributes Application Provides ALSP a flexible way to dispatch encrypted messages to parties without knowing more than their attributes Message to attending and primary care physicians can be encrypted under doctor attribute Minimizes key management while supporting CCMSP Enabling Technologies 2

Attribute-Based Messaging Encryption Bobba, Fatemieh, Khan, Khan, Gunter, Khanna, Prabhakaran, TISSEC 09

Technology Remote Attestation is the concept of checking remote system state using a trusted monitoring element Protection levels vary: software or also hardware tamper resistance TPM now common in PCs Need to extend technology to embedded processors (e.g. flash MPUs) Application Residential loads generate details useful to residents but not by utility Desirable to leave details behind and collect aggregate data needed for billing Remote attestation offers some assurance for the aggregation, especially for updatable software meters Enabling Technologies 3

Cumulative Attestation for Embedded Processors LeMay, Gunter, ESORICS 07

Architecture MSP Monitoring Service Provider CCMSP Common Carrier MSP Application ALSP Assisted Living Service Provider MDMS Meter Data Management Service Technology SOA Service Oriented Architecture ABE and ABM Attribute-Based Encryption and Messaging Remote Attestation Summary