Download presentation
Presentation is loading. Please wait.
1
1 Secure Zero Configuration in a Ubiquitous Computing Environment Shenglan Hu and Chris J. Mitchell Information Security Group Royal Holloway, University of London 10 February 2005
2
Secure ZeroConf in UbiComp 10 February 2005 2 Agenda Security Issues Our Goal Ongoing and Future Work Possible Solutions What and why
3
Secure ZeroConf in UbiComp 10 February 2005 3 What is Zero Configuration The IETF Zero Configuration Networking (ZeroConf) Working Group has defined a ZeroConf protocol as follows: “A ZeroConf protocol is able to operate correctly in the absence of either user configuration or external configuration from infrastructure services such as conventional DHCP or DNS servers. ZeroConf protocols may use configuration, when it is available, but do not rely on it being present.”
4
Secure ZeroConf in UbiComp 10 February 2005 4 Areas IP host configuration Multicast address allocation Host name to IP address resolution Service discovery Getting Addresses, Names and Services A link-local technology suitable for use in small wired or wireless local-area networks
5
Secure ZeroConf in UbiComp 10 February 2005 5 Zero Configuration is a highly desired goal in Ubiquitous Computing Why Zero Configuration is Needed? In a ubiquitous computing environment: Dynamic topology of networks (e.g. ad hoc networks) No centralised servers or administration exist No infrastructure can be relied on Growing number of devices Static configuration or pre-configuration infeasible No skilled administrators or experts available From users’ point of view: Configuration should be as little/easy as possible
6
Secure ZeroConf in UbiComp 10 February 2005 6 Our Goal Devices can be configured automatically and be connected to the networks without any centralised servers or user intervention. Devices can automatically discover the services available in the network without any user administration or centralised service discovery servers. All this should be done in a secure way!
7
Secure ZeroConf in UbiComp 10 February 2005 7 Security Issues (1) Wireless networking is widely used in ubiquitous computing. Network bandwidth is limited; Wireless links are vulnerable to both passive and active attacks. Devices are varied and numerous. Some have very limited capabilities and physical protection.
8
Secure ZeroConf in UbiComp 10 February 2005 8 Security Issues (2) Central servers and user administration might not exist. Key generation, distribution and maintenance become very difficult. Ubiquitous computing environments can be highly dynamic and decentralised. Any security solution involving static configuration of a node is inappropriate because of the dynamic topology of the network.
9
Secure ZeroConf in UbiComp 10 February 2005 9 Possible Solutions Trust based zero configuration solutions in ubiquitous computing Application of distributed security architecture without central entities
10
Secure ZeroConf in UbiComp 10 February 2005 10 Ongoing and Future Work Secure Zero Configuration protocols for: –IP address autoconfiguration –Service discovery Trust modeling and management in UbiComp. Countermeasures to denial-of-service attacks. Distributed security architecture or framework for zero configuration.
11
11 Thank you very much!
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.