170 likes | 287 Views
GeoVault: Secure Location Tracking. Final Project Review. Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara. System Overview. System Overview. Location data is transmitted from either cell phone or computer to the GeoVault Server.
E N D
GeoVault: Secure Location Tracking Final Project Review Nathan Franz Emily Nelson Thomas Petr Shanka Wijesundara
System Overview • Location data is transmitted from either cell phone or computer to the GeoVault Server. • The server is where the resolution and access settings are stored and can be applied to the updated location. • The location is transmitted from the server to the distributed database and then to the specific node by secret sharing. • The data can also be transmitted from the server to a third party via OAuth. • Emails are sent from the server to the user via emial. • The users device directly interfaces with the google map API to display their location on a map.
Feedback From CDR • Network was complicated • Lots of secret sharing • Trying to cover military and civilian has too many conflicts • Demo should include threats • Limitations in existing system
Timing of Secret Sharing • Not as fast as other encryption methods • Chosen because of its threshold scheme.
Political Boundaries • Used U.S. Census Data • Region selected by most overlapping area of accuracy circle • Able to see down to • Country • State • County (Massachusetts only for now) • Town (Massachusetts only for now)
OAuth • Tokens are used to grant a third party website temporary access to GeoVault. • They regulate • What the third party has access to • How long they have access Location Data GeoVault Twitter OAuth
Snooping Idle Timeouts Database Secret Sharing Passwords Distributed Database Database Encryption Database
Impersonation Idle Time Outs Passwords Unrealistic Travel check
DDOS CAPTCHA’s Failed Login Attempt Delay Update Delay
Cross Site Request Forgery Protection GeoVault Session ID Verification Malicious Website
Man in the Middle Attack HTTPS