1. Small Worlds and the Security of Ubiquitous Computing From ： IEEE CNF Author ： Harald Vogt Presented by Chen Shih Yu

2. Outline  Introduction  Ubiquitous small worlds ▪ Small-world properties in ubicomp ▪ Small worlds and security: problems and possibilities  A application to communication security  Conclusion

3. Introduction  Small world phenomenon ▪ Connection between any two people with only few intermediaries. ▪ Mean that interaction with any other entity is always possible. ▪ Keep appearing in many distinct areas, such as Internet.  Hub ▪ Heavily connected entities. ▪ Responsible for the existence of small-world properties. ▪ Small child, parents, real world.

4. Introduction  Ubiquitous computing ▪ The result of technological, social, and economic development. ▪ Tightly connect to processes going on in human-centered societies. ▪ Computational entities, such as web services, sensor networks…, are increasingly pervading all aspects of life.  A common theme in ubicomp ▪ Restrictions on resources available on devices, such as energy supplies. ▪ Two principles: collaboration and reliance on infrastructure.

5. Ubiquitous Small Worlds  Small-world properties in ubicomp Small-world graph ▪ Sparse, a node has few connection. ▪ Clustered, nodes that have a common neighbor tend to be neighbors of each other. ▪ The distance between any two nodes is small. ▪ Graphs with small diameters, which is due to the existence of shortcut links that connect remote clusters to each other. ▪ Smart object environments, sensor networks.

6. Ubiquitous Small Worlds  Problems and possibilities ▪ Random failures and educated attacks. ▪ The failure of large numbers of nodes can be tolerated while performance may suffer slightly. ▪ The spreading of infectious diseases is facilitated.  Some fundamental security properties Confidentiality ▪ Short time & short paths. ▪ Behave according to security policy. ▪ Only very few failing nodes can be tolerated.

7. Ubiquitous Small Worlds  Some fundamental security properties Integrity ▪ Can mutually assure the integrity of data since their data sources are likely to be correlated. ▪ A verifying node can be found by other nodes with relatively little effort. ▪ Thus, false information can be identified. Availability ▪ Can be resilient against attacks. ▪ Redundancy and diversity of paths.

8. An Application to Communication Security  Secure communication ▪ Mutually shared keys or a public-key infrastructure. ▪ Public-key operations are too costly for small nodes. ▪ The capacity for storing keys is limited.  Communication scheme ▪ Based on the small-world properties. ▪ High clustering coefficient ▪ random shortcut links.

9. An Application to Communication Security  Edges ： communication links  Shaded nodes ： trusted by A (they share a key)

10. An Application to Communication Security  An interleaved authentication path ▪ May not be possible to find a trusted node located in the neighborhood of the target node. ▪ Need a means to span larger distances. ▪ The source selects its trusted peer, closest to the target, and sends the message on its way, together with a MAC that allows the trusted node to verify the integrity of the message. ▪ Each node on the path checks if it has an own trusted node that is even closer to the target. ▪ If successful, the message will be sent to the next node, together with an according MAC.

11. An Application to Communication Security 1 2 3 4 5 6 7 8 9 10 11 12 ▪ 1Message + MAC 1.6 ▪ 4Message + MAC 1.6 + MAC 4.8 ▪ 6Use MAC 1.6 to verify the integrity of the message ▪ 7Message + MAC 4.8 + MAC 7.11 ▪ 8 Use MAC 4.8 to verify the integrity of the message ▪ 11Use MAC 7.11 to verify the integrity of the message

12. Conclusion  A lightweight, collaborative authentication scheme that provides security guarantees approximating end-to-end guarantees.  By exploiting small-world properties of a system, we can improve security guarantees.