Download presentation
Presentation is loading. Please wait.
1
CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine [sirvine@cs.ucla.edu]
2
What is ubiquitous and pervasive computing? ● Weaving useful computation within the fabric of an environment so it becomes “invisible” to the user ● Ex: The smart office – The environment knows your schedule, tracks your location, schedules meetings, gives you universal access to your data etc. – Best of all, it does this without forcing you to exceedingly interact with it – The environment consists of a multitude of computing devices all connected via a network
3
Security issues common to conventional computing systems ● The usual suspects – Message integrity – Availability ● Network resources ● Computing resources – Confidentiality ● Private data stays private – Even in the face of necessary disclosure
4
New issues introduced by the paradigm ● High degree of device mobility – Authentication issues – Increased number of potential attackers ● Significantly constrained resources – Energy – Available computing resources – Network bandwidth
5
New security issues (cont.) ● Heterogeneous network resources – Bluetooth – 802.11 – Wired ● Extremely limited human administration ● Confidentiality and Privacy issues
6
Security issues in more detail
7
Device Mobility Problems ● Devices can move from one environment to another, potentially carrying malware along the way – Ex: Your cellphone becomes infected with a worm at an airport. You then go to lunch with your business partners and your phone proceeds to infect theirs. ● Devices frequently move to unknown environments and must interact with those environments
8
Resource Constraints ● Computational devices – Not all devices will have the CPU power to perform asymmetric key cryptography – Some might not even have the power to perform symmetric key cryptography ● Battery Life – DoS by repeated “Hello” messages in ad hoc protocols – Battery attacks by faking encrypted messages
9
Network heterogeneity ● Most devices are linked by wireless – Passive/active snooping – Injection attacks – DoS by jamming – Ad hoc network vulnerabilities ● Multiple physical layers to protect
10
Limited human interaction ● By definition, it isn't ubiquitous if people must spend time managing their devices ● Most users will not have the technical ability to administrate ● Even if users have the technical capability to administrate devices, they will not have the time to properly admin hundreds of devices ● Corrupt or misbehaving devices may not readily demonstrate “bad” behavior to the user
11
Confidentiality ● Sometimes devices must give out information that is sensitive – Ex: A user wishes to print a confidential document. The printer, which may or may not be trusted, can do what it pleases with this document. ● How can we maintain a degree of confidentiality on information even when it is necessary to have some degree of disclosure?
12
Privacy ● Identity and location privacy – Devices can monitor a user's location or identity at any given time ● Sometimes this is necessary to perform a requested service – What is to stop someone from using these devices to perform surveillance?
13
Existing Solutions
14
Mobility issues ● QED – Network resource manager that helps slow the spread of malware infections. ● When a mobile device joins a network protected by QED it is first placed in isolation and not allowed to communicate with other devices ● The security state of the devices is then examined ● If the device is found to be insecure it must fix the vulnerabilities present ● Once a device is “disinfected” it is then allowed to communicate with other devices and services
15
Authentication ● Physical proximity – Ugly duckling “birth” process ● Handoff authentication proxy model – Devices authenticate themselves through one device, which then hands off that session to others as required
16
Resource Management ● Security proxies – Devices with few energy or computational resources communicate through a more powerful proxy ● Device to proxy link must be secured and trusted ● Proxy to proxy link can be established with a variety of well known security protocols
17
Discussion Questions
18
Discussion questions ● How do we provide authentication, message integrity and message confidentiality to devices that do not have the power to do strong cryptography? – Can we exploit the time limited nature of certain device interactions? ● Tiny Encryption Algorithm (TEA) – Can we exploit physical locality?
19
Discussion questions ● How can we provide security administrative services without significant human interaction? – QED and device proxies provide part of the solution – Environmental intrusion detection systems – Environmental DoS detection systems ● Can we design clever protocols to avoid the battery drain DoS problem?
20
Discussion questions ● Location and identity privacy vs. the needs of the system to correctly identify attackers and misbehaving devices – Is obviously not possible to both protect a users privacy and let the system record his location/identity. – Is it feasible to reach a trade off ● E.g. Privacy is protected so long as a device behaves ● When the devices stop behaving we record identifiable information ● The recorded information is analyzed to locate the misbehaving entity/user
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.