Presentation is loading. Please wait.

Presentation is loading. Please wait.

Electrical and Computer Engineering GeoVault: Secure Location Tracking Final Project Review Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Electrical and Computer Engineering GeoVault: Secure Location Tracking Final Project Review Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara."— Presentation transcript:

1 Electrical and Computer Engineering GeoVault: Secure Location Tracking Final Project Review Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara

2 2 Electrical and Computer Engineering System Overview

3 3 Electrical and Computer Engineering System Overview Location data is transmitted from either cell phone or computer to the GeoVault Server. The server is where the resolution and access settings are stored and can be applied to the updated location. The location is transmitted from the server to the distributed database and then to the specific node by secret sharing. The data can also be transmitted from the server to a third party via OAuth. Emails are sent from the server to the user via emial. The users device directly interfaces with the google map API to display their location on a map.

4 4 Electrical and Computer Engineering Feedback From CDR Network was complicated –Lots of secret sharing Trying to cover military and civilian has too many conflicts Demo should include threats Limitations in existing system

5 5 Electrical and Computer Engineering Timing of Secret Sharing Not as fast as other encryption methods – Chosen because of its threshold scheme. ThresholdTime (us) 3135 4212 5308 6423 7549 8693 9858 101054

6 6 Electrical and Computer Engineering Political Boundaries Used U.S. Census Data Region selected by most overlapping area of accuracy circle Able to see down to – Country – State – County (Massachusetts only for now) – Town (Massachusetts only for now)

7 7 Electrical and Computer Engineering OAuth Tokens are used to grant a third party website temporary access to GeoVault. They regulate – What the third party has access to – How long they have access GeoVaultTwitter OAuth Location Data

8 8 Electrical and Computer Engineering Motivation for Attacks ImpersonationSnoopingDenial of Service CSRF Fool others to think a user is in different location Fool that users followers Obtaining information to blackmail/gain competitive advantage Tracking trends for marketing purposes Spouses spying on each other Denying service to GeoVault to encourage user to go to a similar website Trick user to update their location Update their website unknowingly, increase network traffic and thus advertising prices will go up

9 9 Electrical and Computer Engineering Attacks & Countermeasures SnoopingImpersonationCSRFMan in the Middle Denial of Service Encryption Distributed Database Secret Sharing Idle Timeouts Difficult to statistically determine position Idle Timeout Delays Unrealistic Travel Check Session Id number check HTTPS CAPTCHA’s Failed login attempt delay

10 10 Electrical and Computer Engineering Demo

11 11 Electrical and Computer Engineering Division of Labor Emily (CSE)Frontend Implementation, Threat Modeling, Documentation Tom (CSE)Multiparty Computation, Django, Backend implementation, Project Manager, OAuth Nate (EE)HTML5, CAPTCHAs, Idle Time outs, Failed Login Delay, Update Delay, OAuth Shanka (EE)Django, Backend Implementation, Political Boundaries, CSRF

12 12 Electrical and Computer Engineering Thank you!

13 13 Electrical and Computer Engineering Snooping Database Encryption Idle Timeouts Distributed Database Secret Sharing Passwords

14 14 Electrical and Computer Engineering Impersonation Idle Time Outs Unrealistic Travel check Passwords

15 15 Electrical and Computer Engineering DDOS CAPTCHA’s Failed Login Attempt Delay Update Delay

16 16 Electrical and Computer Engineering Cross Site Request Forgery Protection Session ID Verification GeoVault Malicious Website

17 17 Electrical and Computer Engineering Man in the Middle Attack HTTPS

Download ppt "Electrical and Computer Engineering GeoVault: Secure Location Tracking Final Project Review Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara."

Similar presentations

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Secure SharePoint mobile connectivity

Secure SharePoint mobile connectivity
Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug 2013 - scotthel.me.

Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug scotthel.me.
Location Based Trust for Mobile User – Generated Content : Applications, Challenges and Implementations Presented By : Anand Dipakkumar Joshi USC.

Location Based Trust for Mobile User – Generated Content : Applications, Challenges and Implementations Presented By : Anand Dipakkumar Joshi USC.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Electrical and Computer Engineering GeoVault: Secure Location Tracking Comprehensive Design Review Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara.

Electrical and Computer Engineering GeoVault: Secure Location Tracking Comprehensive Design Review Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara.
Electrical and Computer Engineering Location Tracking Platform Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara Advisor: Professor Burleson.

Electrical and Computer Engineering Location Tracking Platform Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara Advisor: Professor Burleson.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Electrical and Computer Engineering Secure Location Tracking Platform Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara Advisor: Professor Burleson.

Electrical and Computer Engineering Secure Location Tracking Platform Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara Advisor: Professor Burleson.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
1 Securing Passwords Against Dictionary Attacks Base on an article by Benny Pinkas & Tomas Sander 2002 Presented by Tomer Conforti.

1 Securing Passwords Against Dictionary Attacks Base on an article by Benny Pinkas & Tomas Sander 2002 Presented by Tomer Conforti.
Electrical and Computer Engineering Location Tracking Platform Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara Advisor: Professor Burleson Preliminary.

Electrical and Computer Engineering Location Tracking Platform Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara Advisor: Professor Burleson Preliminary.
Bonrix Track & Trace System A GPS Based Vehicle Tracing System (SMS, GPRS/3G, Offline) Bonrix Software Systems Ahmedabad (INDIA) Website:

Bonrix Track & Trace System A GPS Based Vehicle Tracing System (SMS, GPRS/3G, Offline) Bonrix Software Systems Ahmedabad (INDIA) Website:
NETWORK SECURITY WITH GEO-LOCATION Using geo-location as a part of an authentication scheme Fan Zhang, Zhiqi Chen 12/11/2012.

NETWORK SECURITY WITH GEO-LOCATION Using geo-location as a part of an authentication scheme Fan Zhang, Zhiqi Chen 12/11/2012.
Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.

Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.
Freenet. Anonymity  Napster, Gnutella, Kazaa do not provide anonymity  Users know who they are downloading from  Others know who sent a query  Freenet.

Freenet. Anonymity  Napster, Gnutella, Kazaa do not provide anonymity  Users know who they are downloading from  Others know who sent a query  Freenet.
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Similar presentations

Ads by Google