Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jaap-Henk Hoepman TNO ICT, Groningen, the Netherlands  Digital Security (DS) Radboud University Nijmegen, the Netherlands 

Published bySade Goodison Modified over 10 years ago

Similar presentations

Presentation on theme: "Jaap-Henk Hoepman TNO ICT, Groningen, the Netherlands  Digital Security (DS) Radboud University Nijmegen, the Netherlands "— Presentation transcript:

1 Jaap-Henk Hoepman TNO ICT, Groningen, the Netherlands  jaap-henk.hoepman@tno.nl Digital Security (DS) Radboud University Nijmegen, the Netherlands  jhh@cs.ru.nl /  www.cs.ru.nl/~jhh Privacy & The Internet of Things How to keep the good and make the bad less ugly

2 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // 5-2-2010Privacy and the Internet of Things

3 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Paradigm shift 5-2-2010Privacy and the Internet of Things

4 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // RFID = a lot of things..... 5-2-2010Privacy and the Internet of Things NFC

5 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // The Internet Of Things 5-2-2010Privacy and the Internet of Things The virtual world and the real world are no longer seperated

6 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Where do I come from.... 5-2-2010Privacy and the Internet of Things

7 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // The good 5-2-2010Privacy and the Internet of Things Timo Arnall : http://www.elasticspace.com/ http://www.nabaztag.com//

8 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen //... and where may this all go to? 5-2-2010Privacy and the Internet of Things

9 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // The bad 5-2-2010Privacy and the Internet of Things

10 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Privacy concerns xx-xx-xxxxPrivacy orwell / big brother chandler / little sister kafka / the trial

11 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Security concerns as well Confidentiality ● Corporate espionage Integrity ● Data out of sync Authenticity ● Cloning ● Detach/swap Availability ● Jamming ●... 5-2-2010Privacy and the Internet of Things

12 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // EC Recommendation 12-5-2009 5-2-2010Privacy and the Internet of Things Don’t kill the Internet of Things !

13 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // How to avoid the kill and make the bad less ugly Give people agency ● RFID Guardian ● Privacy Coach Use privacy enhancing technologies ● Mutual authentication ● Conditional access ●... 5-2-2010Privacy and the Internet of Things

14 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Agency 5-2-2010Privacy and the Internet of Things “Tags should not be used on people but used by people” former Commisioner Viviane Reding

15 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // The RFID Privacy Coach 04-12- 2009 The RFID Privacy Coach privacy preference privacy policy NFC enabled phone Goal – give consumers control over RFID http://www.privacy-coach.org

16 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Policies? Preferences? Example of a policy ● ACME Ltd registeres the type of pasta you buy when buy a can of peeled tomatoes ● ACME Ltd will offer discounts to people that wear a FOOBAR watch Example of a preference ● I do not want offers based on the tags I carry  (note that FOOBAR watches should give permission to ACME Ltd for reading their tags) ● I allow anonymous profiling 04-12- 2009 The RFID Privacy Coach

17 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // How does it work? 04-12- 2009 The RFID Privacy Coach network independent privacy policy provider tag number tag policy RFID tag database tag policies consumer preference

18 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Privacy enhancing technologies Limitations ● limited resources ● no central authority ● practicality  no key search Requirement ● acknowledge lifecycle! 5-2-2010Privacy and the Internet of Things

19 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Object-oriented model Object owner ● grants permission to object tag owner ● grants access to tag 5-2-2010Privacy and the Internet of Things caller

20 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Practical authentication protocol Symmetric key authentication ● using diversified access key Re-encryption of tag identifier t ● ● new id becomes ● tag only accepts when properly authenticated Protection against stolen readers ● Domain gets new re-encryption key for each epoch ● Tag stores last seen epoch ● Keep old keys for old 5-2-2010Privacy and the Internet of Things

21 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // 5-2-2010Privacy and the Internet of Things Reader Tag

22 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Properties No trusted hardware for tags ● Each tag has different symmetric key Reader does not have to search all keys ● Diversification Tags untraceable before/after succesful authentication ● Re-encryption Any reader can update all identifiers ● Universal re-encryption ● But reader needs to know at least one access key 5-2-2010Privacy and the Internet of Things

23 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // References IFIP WG 11.2 “Pervasive systems security” ● http://www.cs.ru.nl/ifip-wg11.2/ Council – a thinktank on the IoT ● http://www.theinternetofthings.eu 5-2-2010Privacy and the Internet of Things

24 Jaap-Henk Hoepman // TNO ICT / Radboud University Nijmegen // Discussion 04-12- 2009 The RFID Privacy Coach [Monty Python’s Argument Clinic sketch]

Download ppt "Jaap-Henk Hoepman TNO ICT, Groningen, the Netherlands  Digital Security (DS) Radboud University Nijmegen, the Netherlands "

Similar presentations

Chapter 8 Payment Systems: Getting the Money

Chapter 8 Payment Systems: Getting the Money
Doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.

Doc.: IEEE /087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.
1 SensorWebs and Security Experiences Dan Mandl Presented at WGISS Meeting in Toulouse, France May 11, 2009.

1 SensorWebs and Security Experiences Dan Mandl Presented at WGISS Meeting in Toulouse, France May 11, 2009.
CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE. CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE 2 Digital Watermarking Alliance Charter The Digital Watermarking.

CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE. CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE 2 Digital Watermarking Alliance Charter The Digital Watermarking.
Use of Public-Key Infrastructure (PKI) Erik Andersen Association for the Directory Information and Related Search Industry (EIDQ -

Use of Public-Key Infrastructure (PKI) Erik Andersen Association for the Directory Information and Related Search Industry (EIDQ -
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.
Mobile RFID Service and Its Security in Korea 17 Nov. 2005 Keon Woo Kim.

Mobile RFID Service and Its Security in Korea 17 Nov Keon Woo Kim.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
1 Hardware Security Organisational stuff Lejla Batina & Erik Poll Digital Security Radboud University Nijmegen.

1 Hardware Security Organisational stuff Lejla Batina & Erik Poll Digital Security Radboud University Nijmegen.
NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,

NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,
Secure Sockets Layer eXtended (SSLX) Next Generation Internet Security Overview Presentation April 2011.

Secure Sockets Layer eXtended (SSLX) Next Generation Internet Security Overview Presentation April 2011.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
What is Biometric identification 1 ? –Biometrics is the use of automated methods to recognize a person based on a physical characteristic. –Biometric technologies.

What is Biometric identification 1 ? –Biometrics is the use of automated methods to recognize a person based on a physical characteristic. –Biometric technologies.
Jaap-Henk Hoepman Security of Systems (SoS) group Institute for Computing and Information Sciences Radboud University Nijmegen, the Netherlands

Jaap-Henk Hoepman Security of Systems (SoS) group Institute for Computing and Information Sciences Radboud University Nijmegen, the Netherlands
A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.

A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
University of Nijmegen Jaap-Henk Hoepman Department of Computer Science University of Nijmegen, the Netherlands Secure.

University of Nijmegen Jaap-Henk Hoepman Department of Computer Science University of Nijmegen, the Netherlands Secure.

Similar presentations

Ads by Google