Ubiquitous Systems Security Boris Dragovic Systems Research Group Computer Laboratory University of Cambridge, UK.

Slides:

Advertisements

Similar presentations

References Overview User attention is by far the most precious resource in a world where computational and networking infrastructure is becoming cheaper.

Advertisements

Electronic Books Whats in a Name? Are We Really Talking About Books?

© 2004 Mobile VCE New Revenues through Ubiquitous Services: Removing the Barriers Steve Wright Head of Strategic Research, BT on behalf.

Context-Aware Security Gleneesha Johnson

UBICOMP-RG BOF II Adrian Friday, Oliver Storz and Nigel Davies Lancaster University & University of Arizona.

9 th June 2004GGF 11 Ad-hoc Meeting UBICOMP-RG: Bridging two communities Adrian Friday, Oliver Storz and Nigel Davies Lancaster University & University.

UBICOMP-RG Adrian Friday, Oliver Storz and Nigel Davies Lancaster University & University of Arizona.

OneM2M Technical Requirements - Driven by EU BUTLER and IEEE PAC - Group Name: WG1 (REQ) Source: Friedbert Berens, FBConsulting Sarl,

1 The Ubiquitous Web Eunchae Yoon. School of Engineering, Eunchae Yoon 2 Contents What is Ubiquitous computing? What is Ubiquitous Web? Ubiquitous computing.

Beyond Prototypes: Challenges in Deploying Ubiquitous Systems N. Davies and H. Gellersen IEEE pervasive computing, 2002 Presenter: Min Zhang

Peter Kropf Ubiquitous Computing - Hiver 2006/20071 Peter Kropf Université de Neuchâtel Institut d’informatique

UBICOMP pervasive computing

All rights reserved © 2005, Alcatel Risk Awareness in Enterprise IT Processes and Networks  Dr. Stephan Rupp.

Ruhr University Bochum Cryptography in Heavily Constraint Environments Christof Paar EUROBITS Center for IT Security COmmunication SecuritY (COSY) Group.

9 Lecture The Wireless Revolution. Identify the principal wireless transmission media and devices, cellular network standards and generations, and standards.

Towards Security and Privacy for Pervasive Computing Author ： Roy Campbell,Jalal Al-Muhtadi, Prasad Naldurg,Geetanjali Sampemane M. Dennis Mickunas.(2002)

1 Ubiquitous Computing CS376 Reading Summary Taemie Kim.

Reference: [1] TeamSpace paper

Gaia Context and Location-Aware Encryption for Pervasive Computing Environments Jalal Al-MuhtadiRaquel Hill Roy Campbell Dennis Mickunas University of.

Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,

Software Engineering Issues for Ubiquitous Computing Author: Gregory D. Abowd, Georgia Institute of Technology CSCI 599 Week 4 Paper 3 September

Ubiquitous Computing Computers everywhere. Agenda Old future videos

Patrik Werle Gregory D. Abowd The Future Computing Environments (FCE) Group, Georgia Institute of Technology Ubiquitous Computing: Research.

An Approach for Configuring Ontology- based Application Context Model Chung-Seong Hong, Hyun Kim, Hyoung-Sun Kim Electronics and Telecommunication Research.

CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine

Ubiquitous Computing Computers everywhere.

Real-Time Systems and the Aware Home Anind K. Dey Ubiquitous Computing Future Computing Environments.

CSE5610 Intelligent Software Systems Semester 1 Enabling Intelligent Systems in Pervasive Computing.

Community Manager A Dynamic Collaboration Solution on Heterogeneous Environment Hyeonsook Kim  2006 CUS. All rights reserved.

Challenges in Ubiquitous Computing and Networking Management Jong T. Park Kyungpook National University Korea APNOMS 2003 DEP, Fukuoka,

Copyright Security-Assessment.com 2004 New Technology Enforcement Strategies by Peter Benson.

BCS, The Chartered Institute for IT Mauritius 6 th November 2012.

DCS 891C Research Seminar Summer 2004 July 16, 2004 Richard Harvey

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

ErdOS: An energy-aware social operating system Further Reading: (*) Narseo Vallina-Rodriguez, Pan Hui, Jon Crowcroft, Andrew Rice. “Exhausting Battery.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Managing Privacy and Trust in P2P Communication v. 0.7 Privacy, Economy and Trust in P2P Content.

Charting Past, Present, and Future Research in Ubiquitous Computing Gregory D. Abowd and Elizabeth D. Mynatt Georgia Institute of Technology LEE SEMUN.

Ubiquitous Computing Computers everywhere. Where are we going? What happens when the input is your car pulls into the garage, and the output is the heat.

Threats, Risk Assessment, and Policy Management in UbiComp Workshop on Security in UbiComp UBICOMP 2002, 29th Sept. Göteborg, Sweden Philip Robinson, SAP.

Pervasive software interoperability for the Operating Room of the Future May 10, 2005.

TRUST & SECURITY ISSUES IN FP6: Towards a global dependability and security framework Aniyan VARGHESE European Commission DG Information Society - Unit.

1 Chapter 7 Designing for the Human Experience in Smart Environments.

Comp 15 - Usability & Human Factors Unit 9 - Ubiquitous Computing in Healthcare This material was developed by Columbia University, funded by the Department.

$20 billion business 230 million printers sold  170 million inkjet  60 million laserjet #1 in ink, laser, scanners, designjet, print servers Consistent.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

Cerberus: A Context-Aware Security Scheme for Smart Spaces presented by L.X.Hung u-Security Research Group The First IEEE International Conference.

Trends in Embedded Computing The Ubiquitous Computing through Sensor Swarms.

Mobile Communication Middleware By:Lekometsa Mokhesi Anisa Ragalo Supervisor: Ken Macgregor.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

An Architecture to Support Context-Aware Applications

Private Information Protection based on User-Trusted Program Institute of Systems and Information Engineering/KYUSHU Ken ’ ichi Takahashi.

Focus On Bluetooth Security Presented by Kanij Fatema Sharme.

Overview of the security weaknesses in Bluetooth Dave Singelée COSIC seminar 11/06/2003.

UBICOMP SYSTEMS: TOPICS & CHALLENGES. New computing model  Heterogeneous devices  Interaction:  Many-to-many  Possibly implicit, invisible, through.

Approaches for Ensuring Security and Privacy in Unplanned Ubiquitous Computing Environments V. Ramakrishna, Kevin Eustice, Matthew Schnaider Laboratory.

Pervasive Computing Parts of the slides are extracted from those of Profs. Mark Weiser, Deborah Estrin, Akbar Sayeed, Jack Stankovic, Mani Srivastava,

Jacques Bus Head of Unit, DG INFSO-F5 “Security” European Commission FP7 launch in the New Member States Regional on-line conference 22 January 2007 Objective.

The Personal Server Changing the Way We Think About Ubiquitous Computing Roy Want, et al. / Intel Research UBICOMP 2002 Nov Seungjae Lee

1 Pervasive Computing: Vision and Challenges Myungchul Kim Tel:

Cyber in the Cloud & Network Enabling Offense and Defense Mark Odell April 28, 2015.

Ambient Intelligence: Everyday Living Aid System for Elders

LECTURER: NGUY Ễ N ANH TU Ấ N (TUAN NGUYEN) TUTORS: TÔN TH Ị KIM LOAN TR Ầ N H Ồ NG NGHI {TUANNA, LOANTTK, Developing Applications.

Towards ‘Ubiquitous’ Ubiquitous Computing: an alliance with ‘the Grid’ Oliver Storz, Adrian Friday, and Nigel Davies Computing Department, Lancaster University,

Mobile Communications: Introduction WIRELESS MOBILE DEVICES performance Pager receive only tiny displays simple text messages Mobile phones voice, data.

Gaia Ubiquitous Computing Directions Roy Campbell University of Illinois at Urbana-Champaign.

Security of the Internet of Things: perspectives and challenges

Overview Issues in Mobile Databases – Data management – Transaction management Mobile Databases and Information Retrieval.

Cyber Security R&D: A Personal Perspective

Presentation transcript:

Ubiquitous Systems Security Boris Dragovic Systems Research Group Computer Laboratory University of Cambridge, UK

Ubiquitous Systems Security What is Ubiquitous Computing? What is Ubiquitous Computing? What are the Security & Privacy issues? What are the Security & Privacy issues? The CASPEr project The CASPEr project EU initiative EU initiative Concluding remarks Concluding remarks

What is Ubiquitous Computing? (1) “Each person is continually interacting with hundreds of … interconnected computers” which ideally “weave themselves into the fabric of everyday life until they are indistiguinshable from it” -- “Some computer science issues in Ubiquitous computing.”, CACM, Mark Weiser, “The computer of the 21 st century.”, Scientific American, 1991.

What is Ubiquitous Computing? (2) “Wirelessly networked processors embedded in everyday objects” “Wirelessly networked processors embedded in everyday objects” Smart environments characterized by: Smart environments characterized by: Transparent interaction Transparent interaction Automated capture Automated capture Context awareness Context awareness Proactive and reactive Proactive and reactive Example projects Example projects AT&T Active bat/badge, HP Cooltown, Microsoft Aura, Intel Place Lab and PersonalServer, EQUATOR AT&T Active bat/badge, HP Cooltown, Microsoft Aura, Intel Place Lab and PersonalServer, EQUATOR

What is Ubiquitous Computing? (3) Where do we currently stand? Where do we currently stand? Ubiquitous devices (always “at hand”): Ubiquitous devices (always “at hand”): Mobile phones, Personal Digital Assistants, Laptops, etc. Mobile phones, Personal Digital Assistants, Laptops, etc. Ubiquitous networks (always available): Ubiquitous networks (always available): (W)LAN/MAN (Ethernet & IEEE ) (W)LAN/MAN (Ethernet & IEEE ) GSM/GPRS/3G GSM/GPRS/3G PANs (Bluetooth, IrDA, AudioNet etc.) PANs (Bluetooth, IrDA, AudioNet etc.) Ubiquitous services Ubiquitous services Currently mostly “location-based” Currently mostly “location-based”

What is Ubiquitous Computing? (4) Reference: Alan Daniel, Georgia Institute of Technology.

What is Ubiquitous Computing? (5) Effects (always-on, always-available) Effects (always-on, always-available) economy & businesses economy & businesses productivity productivity competitiveness competitiveness growth growth etc. etc. private lives private lives

Security & Privacy Issues (1) The “Old Model” – a Castle The “Old Model” – a Castle Security perimeter, inside and outside Security perimeter, inside and outside Firewalls for access control Firewalls for access control Static security policy Static security policy Static trust model Static trust model Tendency to focus on network layer Tendency to focus on network layer Pre-evaluated, non- or slowly-evolving threat model. Pre-evaluated, non- or slowly-evolving threat model.

Security and Privacy Issues (2) Relevant UbiComp characteristics: Relevant UbiComp characteristics: a) wireless media supporting from personal- area to wide-area networks b) ad-hoc device association at different layers c) location and context considerations in policy management d) heterogeneity of content encoding e) variability in processing and storage capabilities of devices f) heterogeneity of security & privacy policies

Security and Privacy Issues (3) The “New Model” The “New Model” Authentication Authentication secure transient associations secure transient associations proximity proximity Recognition vs. Authentication Recognition vs. Authentication activities/behaviour activities/behaviour situation interpretation situation interpretation Identity Management Identity Management

Security and Privacy Issues (4) The “New Model” The “New Model” Confidentiality Confidentiality eavesdropping on wireless links not a major issue eavesdropping on wireless links not a major issue device capabilities (processor, battery etc.) device capabilities (processor, battery etc.) confidentiality of data and meta data on devices real problem confidentiality of data and meta data on devices real problem Integrity Integrity again, not messages in transit but devices again, not messages in transit but devices tamper resistance/evidence tamper resistance/evidence

Security and Privacy Issues (5) The “New Model” The “New Model” Availability Availability jamming communications channels jamming communications channels sleep deprivation sleep deprivation Dynamic Trust Model Dynamic Trust Model localised decisions localised decisions context aware context aware Context-awareness Context-awareness Generalised RBAC Generalised RBAC Location-based access control Location-based access control

Security and Privacy Issues (6) The “New Model” The “New Model” Security policies Security policies prevent formation of “evidence”: forming a link between contexts, objects, users and objectives. prevent formation of “evidence”: forming a link between contexts, objects, users and objectives. e.g. number, “credit card”, “foo bar”, credit limit e.g. number, “credit card”, “foo bar”, credit limit Location information privacy Location information privacy One of the burning issues One of the burning issues

The CASPEr project Containment Aware Security for Pervasive Environments Goal: Data Protection in the UbiComp enhanced World Goal: Data Protection in the UbiComp enhanced World A new paradigm A new paradigm protection of individual data objects protection of individual data objects as they switch contexts as they switch contexts by being contained on mobile devices and communication channels in dynamic environments by being contained on mobile devices and communication channels in dynamic environments and thus threat models and thus threat models through proactive data format management through proactive data format management

The CASPEr project Containment Aware Security for Pervasive Environments Strong analogy to human behaviour Strong analogy to human behaviour Real-world examples, applications: Real-world examples, applications: persistant storage on mobile devices persistant storage on mobile devices environmental displays (PersonalServer) environmental displays (PersonalServer) communications channels trust communications channels trust attachments attachments etc. etc. Humans unable to cope with complexity Humans unable to cope with complexity an automatic, proactive mechanism needed an automatic, proactive mechanism needed

The CASPEr project Containment Aware Security for Pervasive Environments Overview: Overview: security policy (external): security policy (external): containment attributes and values containment attributes and values respective data format transformations respective data format transformations containment manager: containment manager: determines current containment attribute values determines current containment attribute values data object tracking system: data object tracking system: system-wide data-object location system-wide data-object location policy enforcement: policy enforcement: format transformation format transformation

The CASPEr project Containment Aware Security for Pervasive Environments Variable level of application awareness Variable level of application awareness granularity of format transformations granularity of format transformations Orthogonal to traditional access control Orthogonal to traditional access control traditional AC: ID x Obj x Action -> Perm traditional AC: ID x Obj x Action -> Perm CASPEr: ObjType x Containment -> Format CASPEr: ObjType x Containment -> Format Current activities: Current activities: OS Level implementation OS Level implementation GPRS/WLAN/LAN testbed implementation GPRS/WLAN/LAN testbed implementation Audio containment and location analysis Audio containment and location analysis

EU Cybersecurity Efforts European Commission European Commission Joint Research Council (JRC) Joint Research Council (JRC) Institute for Prospective Technological Studies – Information and Communications Technologies. Institute for Prospective Technological Studies – Information and Communications Technologies. Series of proposals and directives Series of proposals and directives OECD OECD Guidelines for data protection, information systems security and networks, crypto etc. Guidelines for data protection, information systems security and networks, crypto etc. Council of Europe Council of Europe Conventions on cybercrime, automatic data processing etc. Conventions on cybercrime, automatic data processing etc.

Conclusion In the Ubiquitous World enterprise borders disappear. In the Ubiquitous World enterprise borders disappear. Traditional, “Old Model”, approaches to protecting Security & Privacy are too rigid. Traditional, “Old Model”, approaches to protecting Security & Privacy are too rigid. Need for a “New Model” which is flexible, adaptable, robust, effective and un- obtrusive. Need for a “New Model” which is flexible, adaptable, robust, effective and un- obtrusive. Data-centric protection mechanism, CASPEr, promising. Data-centric protection mechanism, CASPEr, promising.