Gaia Context and Location-Aware Encryption for Pervasive Computing Environments Jalal Al-MuhtadiRaquel Hill Roy Campbell Dennis Mickunas University of.

Slides:



Advertisements
Similar presentations
An Overview Of Windows NT System Student: Yifan Yang Student ID:
Advertisements

Ubiquitous Computing and Active Spaces The Gaia Approach Fabio Kon Department of Computer Science University of São Paulo, Brazil
SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation.
Impala: A Middleware System for Managing Autonomic, Parallel Sensor Systems Ting Liu and Margaret Martonosi Princeton University.
Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.
Gaia: A Middleware Platform for Active Spaces Summarized by Dongjoo Lee, IDS Lab., Seoul National University.
Efficient Private Techniques for Verifying Social Proximity Michael J. Freedman and Antonio Nicolosi Discussion by: A. Ziad Hatahet.
New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.
Protecting User Data in Ubiquitous Computing: Towards Trustworthy Environments Yitao Duan and John Canny UC Berkeley.
Fundamentals of Computer Security Geetika Sharma Fall 2008.
Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Towards Security and Privacy for Pervasive Computing Author : Roy Campbell,Jalal Al-Muhtadi, Prasad Naldurg,Geetanjali Sampemane M. Dennis Mickunas.(2002)
FIT3105 Smart card based authentication and identity management Lecture 4.
Vault: A Secure Binding Service Guor-Huar Lu, Changho Choi, Zhi-Li Zhang University of Minnesota.
ATSN 2009 Towards an Extensible Agent-based Middleware for Sensor Networks and RFID Systems Dirk Bade University of Hamburg, Germany.
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
ICPCA 2008 Research of architecture for digital campus LBS in Pervasive Computing Environment 1.
Operating Systems.
Public Key Infrastructure Ammar Hasayen ….
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Secure Embedded Processing through Hardware-assisted Run-time Monitoring Zubin Kumar.
Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Secure Encounter-based Mobile Social Networks: Requirements, Designs, and Tradeoffs.
The Computer for the 21 st Century Mark Weiser – XEROX PARC Presented By: Mihail Ionescu.
Scalable Security and Accounting Services for Content-based Publish/Subscribe Systems Himanshu Khurana NCSA, University of Illinois.
A Lightweight Platform for Integration of Resource Limited Devices into Pervasive Grids Stavros Isaiadis and Vladimir Getov University of Westminster
Some Computer Science Issues in Ubiquitous Computing Presenter : Junghee-Han Mark Weiser Communications of the ACM, July 1993.
Software Architecture Framework for Ubiquitous Computing Divya ChanneGowda Athrey Joshi.
SECURITY-AWARE AD-HOC ROUTING FOR WIRELESS NETWORKS Seung Yi, Prasad Naldurg, Robin Kravets Department of Computer Science University of Illinois at Urbana-Champaign.
GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Improving Network I/O Virtualization for Cloud Computing.
CPET 565 Mobile Computing Systems Context-Aware Computing (2) Lecture 11 Hongli Luo Indiana University-Purdue University Fort Wayne.
Hiding in the Mobile Crowd: Location Privacy through Collaboration.
Active Security Ryan Hand, Michael Ton, Eric Keller.
Advanced Computer Networks Topic 2: Characterization of Distributed Systems.
Author: Monirul Sharif, Wenke Lee, Weidong Cui, Andrea Lanzi Reportor: Chun-Chih Wu Advisor: Hsing-Kuo Pao Select: CCS09’
Scalable Distributed Service Integrity Attestation for Software-as-a-Service Clouds.
Cerberus: A Context-Aware Security Scheme for Smart Spaces presented by L.X.Hung u-Security Research Group The First IEEE International Conference.
Android Security Model that Provide a Base Operating System Presented: Hayder Abdulhameed.
G53SEC 1 Reference Monitors Enforcement of Access Control.
An Introduction to Trusted Platform Technology Siani Pearson Hewlett Packard Laboratories, UK
Amit Warke Jerry Philip Lateef Yusuf Supraja Narasimhan Back2Cloud: Remote Backup Service.
Operating System Organization Chapter 3 Michelle Grieco.
Participatory Privacy: Enabling Privacy in Participatory Sensing
A Study of Context-Awareness: Gaia & SOCAM Presented by Dongjoo Lee IDS Lab., Seoul National University Gaia: A Middleware Infrastructure to.
Abstract A Structured Approach for Modular Design: A Plug and Play Middleware for Sensory Modules, Actuation Platforms, Task Descriptions and Implementations.
© Chinese University, CSE Dept. Distributed Systems / Distributed Systems Topic 1: Characterization of Distributed & Mobile Systems Dr. Michael R.
Wireless and Mobile Security
Internet of Things. IoT Novel paradigm – Rapidly gaining ground in the wireless scenario Basic idea – Pervasive presence around us a variety of things.
1 My Dream of Jini Fabio Kon Jalal Al-Muhtadi Roy Campbell M. Dennis Mickunas Department of Computer Science University of Illinois at.
Gaia1 A middleware Infrastructure to Enable Active spaces 윤혜진.
Securing Broker-Less Publish/Subscribe Systems Using Identity-Based Encryption.
Privacy-Preserving and Content-Protecting Location Based Queries.
Design and Implementation of Secure Layer over UPnP Networks Speaker: Chai-Wei Hsu Advisor: Dr. Chin-Laung Lei.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
Gaia An Infrastructure for Active Spaces Prof. Klara Nahrstedt Prof. David Kriegman Prof. Dennis Mickunas
Active X and Signed Applets Chad Bollard. Overview ActiveX  Security Features  Hidden Problems Signed Applets  Security Features  Security Problems.
Gaia Ubiquitous Computing Directions Roy Campbell University of Illinois at Urbana-Champaign.
 Background  Introduction  Purpose  Basic rover services  Physical architecture of Rover System  Server operation  Logical Architecture of A Rover.
MadeCR: Correlation-based Malware Detection for Cognitive Radio
Outline What does the OS protect? Authentication for operating systems
Outline What does the OS protect? Authentication for operating systems
Sentio: Distributed Sensor Virtualization for Mobile Apps
COMPSCI210 Recitation 5 Oct 2012 Vamsi Thummala
PLANNING A SECURE BASELINE INSTALLATION
O.S. Security.
What is an operating system An operating system is the most important software that runs on a computer. It manages the computer's memory and processes,
Presentation transcript:

Gaia Context and Location-Aware Encryption for Pervasive Computing Environments Jalal Al-MuhtadiRaquel Hill Roy Campbell Dennis Mickunas University of Illinois at Urbana-Champaign

Gaia Outline n n Background n n Motivation n n Assumptions n n System Overview – –Gaia Context File System – –Gaia Publish/Subscribe Channel n n Implementation & Evaluation n n Conclusion & Future Work

Gaia Active Spaces Middleware – Gaia Active Space homeofficecarcampus Physical space coordinated by a responsive context-based software infrastructure that enhances the ability of mobile users to interact and configure their physical and digital environment seamlessly.

Gaia Introducing Gaia n Gaia OS, a distributed meta-operating system that runs on top of existing operating systems. n Provides infrastructure and core services for constructing general-purpose ubiquitous computing environments. homeofficecarcampus hospital

Gaia Introducing Gaia MS Windows, OS X, Linux, Symbian OS, Mobile Windows, etc.

Gaia Motivation n n Goal: defining an efficient authorization mechanism which leverages contextual information –context information changing frequently  expensive re- keying 

Gaia Motivation n n Security in pervasive computing is essential n n Major barrier to real-world deployment n n New computing paradigm  new challenges – –Integration of digital & physical infrastructures – –Context & Location Awareness n n Context and Location Awareness as an additional parameter to security

Gaia Scenarios n Active Space –only provide services to devices inside the space n Classroom n Hospital Scenario –authorized nurses inside specific hospital units (intensive care, x-ray room, nursery) n Military Scenarios –reveal next plan only when soldier arrives at destination

Gaia Gaia MS Windows, OS X, Linux, Symbian OS, Mobile Windows, etc. * a framework to store & update location info in real-time * aggregates location info from various devices * distributed components

Gaia Assumptions –Existence of a trusted infrastructure »Active Space consists of a plethora of machines and services, some are trusted (Kernel services) –Infeasibility to forge location data »Tamper-resistant hardware + certified location data –Cryptography has much less overhead than access control »Access control requires reference monitors to check all accesses  expensive for mobile devices! –We will focus on Location-based encryption

Gaia System Overview n Gaia Context File System (CFS) –Context-Aware file system –Aggregates related material from different mount points –Trigger automatic data conversions on-the-fly –Location and context-based encryption provides efficient security

Gaia Location-Encryption in CFS

Gaia Location-Encryption in CFS n Step 1: admin creates an encryption region n LS creates a private key K R n LS replies with ID R

Gaia Location-Encryption in CFS n When creating a location-encrypted file ID R is provided (2) n Data is sent to a Location Encryptor (LE) (3) n LE has access to K R  encrypts the data using K R

Gaia Location-Encryption in CFS n When requesting the file the CFS invokes a LV object (Location Verifier) (4, 5) n Iff user is located within region R then decrypt data (5)

Gaia Multi-Layer Encryption n In some cases, context- based encryption is not enough –e.g. exam scenario n Introduce Multi-layer encryption n 1 st layer must be peeled off by LS n 2 nd layer must be peeled off by authorized user

Gaia Gaia Publish/Subscribe Channels n Gaia Publish/Subscribe Channel –The underlying communication is facilitated by an “event channel” –Implemented as publish/subscribe channels –Provides an efficient technique for dispersing events to various entities in the system –Features asynchronous and decoupled message transmission

Gaia Gaia Publish/Subscribe Channels n P publishes information n EB is responsible for creating the channel and managing access for it –ex. museums n Subscribers try to peel off both layers

Gaia Implementation n Implemented the different components in a prototype Active Space –services require physical location in the space –light control etc. n Use of Bluetooth discovery for approximate location capturing n Use of a 2-layer encryption to access location- restricted services

Gaia Crypto Performances on some Gaia Devices DeviceAES 128-bit performance AES 256-bit performance Pentium™ GHz, Windows™ XP PC MB/s48.23 MB/s HP Pocket PC H5550, Intel® PXA MHz processor MB/s10.84 MB/s Treo 600, Palm OS, Arm MHz 5.76 MB/s0.452 MB/s Onhand PC watch, 16- bit 3.67 MHz KB/s[too slow]

Gaia Latency in Location-Aware Publish/Subscribe Channel No. of subscribers Latency (ms)

Gaia Challenges & Future Work n Preventing “Relay Attacks” –difficult to solve. –Maybe some “restrictions” can be introduced n Expanding the mechanism to accommodate groups –Only when k of n people are under a specific context  access is granted –(use of threshold cryptography)

Gaia Conclusions n The need to accommodate contextual information into security n We presented an efficient authorization mechanism that leverages contextual information n Provided a prototype implementation

Gaia Thank you! Any questions?