Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protecting People Location Information September 29, 2002 Urs Hengartner & Peter Steenkiste.

Published byAllan O’Neal’ Modified over 9 years ago

Similar presentations

Presentation on theme: "Protecting People Location Information September 29, 2002 Urs Hengartner & Peter Steenkiste."— Presentation transcript:

1 Protecting People Location Information September 29, 2002 Urs Hengartner & Peter Steenkiste

2 2 Motivation Ubiquitous computing relies on location information. Location information is sensitive. –Location  activity Access to it needs to be protected in location policies. What properties need to be controllable in policies? How do different environments influence policy specification?

3 3 Overview Location policies Different environments Prototype of secure location system Conclusions

4 4 User vs. Room Policies Two types of queries: –User query Where is Alice? –Room query Who is in CMU Wean Hall 8220? Two types of policies: –User policy –Room policy

5 5 Controllable Properties Granularity –CMU Campus vs. CMU Wean Hall 8220 –Alice vs. someone Subject –Alice, Bob’s friends, tracking service

6 6 Controllable Properties (cont.) Time intervals –During weekdays only Location/Users –Return my location only if I’m in my office. –Return people in my office only if it is Alice or Bob. Additional properties should be possible!

7 7 Transitivity Should Bob be able to forward his access right ? Alice can locate Carol. Bob Bob can locate me. Carol

8 8 Transitivity (cont.) Should access rights be transitive? Depends on environment. Location system should selectively support transitivity. Non-transitivity can be circumvented.

9 9 Conflicting Policies Bob can locate people in my office Carol’s office Should Bob learn about Alice’s location? Who is in Carol’s office? Bob Bob cannot locate me Alice Bob cannot locate me Alice

10 10 Resolving Conflicts Prioritization: –Check user policy for user queries. –Check room policy for room queries. Intersection: –Check both room and user policy for any query. Synchronization: –Establish user and room policies in a synchronized way. Best approach depends on environment.

11 11 Individual vs. Institutional Definition Different entities can define policies: –Individuals: User policy  User Room policy  Room “owner” –Institution (central authority) Which one depends on environment. Combined specification should be possible.

12 12 Environments - Military Security based on labeling and clearances. Definition –Policies are specified by central authority. Transitivity –Policies are non-transitive. Conflicts –Both user and room policies need to be checked for any query.

13 13 Environments - Hospital Multilateral security model. Definition –Most policies are specified by central authority. –Patients can give additional people access in user policy. Transitivity –Patient policies can be transitive. Conflicts –Synchronization of user and room policies is not necessary.

14 14 Environments - University Institution cares less about security. Definition –User policies and room policies for offices are specified by individuals. Transitivity –User policies are transitive, room policies probably not. Conflicts –Have user and room policies become synchronized for lecture halls.

15 15 Prototype People location system for university environment. Multiple front ends. Digital certificates for expressing location policies. –transparent to users. Location system exploits –calendar information, –Finger service, –wireless network access points.

16 16 Status Emphasis on user queries Controllable properties –Subject, Granularity –Soon: Location, Time Transitivity –supported by back end Conflicts –configurable option Definition –by individuals

17 17 Evaluation Evaluation of prototype with real users (in progress). Questions: –What kind of policies are specified? –What features are used/requested? –How is location system used?

18 18 Conclusions Location information needs to be protected. Location policies should provide control over multiple properties. Policy-related issues are dealt with differently in different environments. Location policies and system thus need to be flexible. How should society deal with ubiquitous location information?

Download ppt "Protecting People Location Information September 29, 2002 Urs Hengartner & Peter Steenkiste."

Similar presentations

Managerial Ethics Part III A practical model for making good ethical decisions Copyright registered © 2002 Louis C. Gasper Audio.

Managerial Ethics Part III A practical model for making good ethical decisions Copyright registered © 2002 Louis C. Gasper Audio.
NRL Security Architecture: A Web Services-Based Solution

NRL Security Architecture: A Web Services-Based Solution
Pilot PaperTalent Workshop – End users. Content Training o Introduction PaperTalent o Dashboard o My Dashboard o My account o My learning Status o Organization.

Pilot PaperTalent Workshop – End users. Content Training o Introduction PaperTalent o Dashboard o My Dashboard o My account o My learning Status o Organization.
Performance Management Review FAQs

Performance Management Review FAQs
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
Administrative Policies in XACML Erik Rissanen Swedish Institute of Computer Science.

Administrative Policies in XACML Erik Rissanen Swedish Institute of Computer Science.
Welcome Front Desk Support Starfish Training Welcome Front Desk Support.

Welcome Front Desk Support Starfish Training Welcome Front Desk Support.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
© Prentice Hall 2002 14.1 CHAPTER 14 Managing Technological Resources.

© Prentice Hall CHAPTER 14 Managing Technological Resources.
1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.

1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.
Overview of Databases and Transaction Processing Chapter 1.

Overview of Databases and Transaction Processing Chapter 1.
1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.

1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.

CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.
CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 10 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 10 Jonathan Katz.
Audumbar Chormale Advisor: Dr. Anupam Joshi M.S. Thesis Defense

Audumbar Chormale Advisor: Dr. Anupam Joshi M.S. Thesis Defense

Similar presentations

Ads by Google