Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dan Boneh with Monica Lam, David Mazieres, John Mitchell, and many students. Security for Mobile Devices NSF Site Visit, June 2010.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Dan Boneh with Monica Lam, David Mazieres, John Mitchell, and many students. Security for Mobile Devices NSF Site Visit, June 2010."— Presentation transcript:

1 Dan Boneh dabo@cs.stanford.edu with Monica Lam, David Mazieres, John Mitchell, and many students. Security for Mobile Devices NSF Site Visit, June 2010 POMI 2020

2 POMI Research Agenda Applications Data & Computing Substrate PrPl, Junction and Concierge Radio technology Economics Cinder: Energy aware, secure OS secure apps UI HW Platform Network Substrate Software Defined Network & OpenFlow Handheld Infrastructure

3 platform security secure apps POMI mobile security work Snap2Pass and Snap2Pay [DSBL’10] A password manager for mobile devices [BBBB’09] Android security: ASLR on Android [BB’10] Unlocking phones using cheap tokens [BB’10] Preventing tap-Jacking attacks on mobile web sites [RBB’10]

4 Joint work with Arvind Narayanan, Narendran Thiagarajan, and Mugdha Lakhani Location services without big brother

5 Location-based social networking Finally taking off?

6 Proximity Alerts Detect when friends are nearby (e.g. Loopt) Today: 24/7 user tracking by server Our privacy goals: When not nearby, friends don’t see your location Server never sees your location Building block for more complex functionality

7 Proximity alerts: applications Granularity must be user-configurable

8 How we arrived at this problem POMI barrier #1: reliance on big brother PrPl effort: social networks with privacy Many discussions with PrPl participants: Can we make location-based services private? Similarly, can we do private targeted advertising? (NDSS’10) Other results from the interaction: QR codes for better user authentication [DSBL’10] Unlocking a phone using cheap tokens [BB’10]

9 Reducing proximity test to equality test

10 Equality testing Space of possible locations is small! (32 bits) Method 1: protocol based on public-key encryption (Lipmaa) Heavy computation: impractical for proximity of all friends xy = ? Requires shared secret keys between pairs of friends

11 Our approach An efficient protocol with server participation Trust assumption: server does not collude with your friends x y r ( x – y ) Total traffic: 24 bytes, easy computation ?? no one knows r

12 Problem: online brute-force attack If only there were a way to verify that a user really is where they claim to be… Solution: location tags (for small granularity)

13 Properties of location tags Location tag = vector + matching function i.e., space-time fingerprint Unpredictability cannot produce matching tag unless nearby Reproducibility two devices at same place & time produce matching tags (not necessarily identical)

14 Location tags using WiFi packets Discard packets like TCP that may originate outside local network DHCP, ARP, Samba etc. are local 15 packets/sec on CS/EE VLAN Two different devices see about 90% of packets in common Comparing location tags: privately test if intersection > 90%

15 Android implementation

16

17

18 Future work Many location privacy questions: Private location based advertising Private location based search Private location statistics

Download ppt "Dan Boneh with Monica Lam, David Mazieres, John Mitchell, and many students. Security for Mobile Devices NSF Site Visit, June 2010."

Similar presentations

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.

Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Efficient Private Techniques for Verifying Social Proximity Michael J. Freedman and Antonio Nicolosi Discussion by: A. Ziad Hatahet.

Efficient Private Techniques for Verifying Social Proximity Michael J. Freedman and Antonio Nicolosi Discussion by: A. Ziad Hatahet.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
SCRUB: Secure Computing Research for Users’ Benefit David Wagner 1.

SCRUB: Secure Computing Research for Users’ Benefit David Wagner 1.
LAAC: A Location-Aware Access Control Protocol YounSun Cho, Lichun Bao and Michael T. Goodrich IWUAC 2006.

LAAC: A Location-Aware Access Control Protocol YounSun Cho, Lichun Bao and Michael T. Goodrich IWUAC 2006.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Guru Parulkar Knowledge Transfer and Impact NSF Site Visit, June 2010 POMI 2020.

Guru Parulkar Knowledge Transfer and Impact NSF Site Visit, June 2010 POMI 2020.
POMI in Education NSF Site Visit, June 2010 Paul Kim Stanford University POMI 2020.

POMI in Education NSF Site Visit, June 2010 Paul Kim Stanford University POMI 2020.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
G22.3250-001 Robert Grimm New York University Using Encryption for Authentication in Computer Networks.

G Robert Grimm New York University Using Encryption for Authentication in Computer Networks.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Expedition Overview NSF Site Visit, June 2010 Nick McKeown Stanford University POMI 2020.

Expedition Overview NSF Site Visit, June 2010 Nick McKeown Stanford University POMI 2020.
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.

Similar presentations

Ads by Google