WAWC’08

1. WAWC’08 • Security & Privacy in a Ubiquitous Screen • Were Oyomno & Pekka Jäppinen • 21.08.2008

2. Security & Privacy in Ubiquitous Information screen Outline Background Motivational concerns Vulnerabilties & mitigation Evaluations Conclusion

3. Security & Privacy in Ubiquitous Information screen Background Information screens Billboards, cafeterias, terminals, malls, firms .. Static, predefined, repeated, rushed, uncustomised infor ME, Digital Aura Ubicomp Mark Weiser Embeded inteligence, Context-Awareness Proliferation of digital inteligence

4. Security & Privacy in Ubiquitous Information screen Background (2)‏ gold medals PR NYSE NHL PP PP PP PP

5. Security & Privacy in Ubiquitous Information screen Motivational concerns Right, accurate, up-to-date, timely (15 sec) infor Proliferation of mobile devices & Bluetooth Canalys(2008), Gatner(2005)‏ Constraint devices Personal information handling Malicious entities

6. Security & Privacy in Ubiquitous Information screen Vulnerabilties & mitigation (1)‏

7. Security & Privacy in Ubiquitous Information screen Vulnerabilties & mitigation (2)‏ Cryptographic mitigations Eavesdropping Keys establishment & exchange Rogue AP, MITM & impersonations Integrity Elliptic Curves Cryptosystems (ECC)‏

8. Security & Privacy in Ubiquitous Information screen Vulnerabilties & mitigation (3)‏ Ubicomp perspective Privacy perceptions Keys establishment & exchange Non crypto mitigations Tracking, hotlisting & profilling Anonymity Access control with ”faces & masks” Adjustable accuracy

9. Security & Privacy in Ubiquitous Information screen Vulnerabilties & mitigation (5)‏ PR

10. Security & Privacy in Ubiquitous Information screen Vulnerabilties & mitigation (6)‏

11. Security & Privacy in Ubiquitous Information screen Evaluation Performance N770 PDA 252Mhz - 64MB RAM P III Notebook 1133Mhz – 1GB RAM AMD Athlon 1700+ CPU – 757.4MB RAM Bluetooth radio v1.2 (10m) & v2.0 (100m)

12. Evaluation (2)‏ Security & Privacy in Ubiquitous Information screen

13. Evaluation (3)‏ Security & Privacy in Ubiquitous Information screen

14. Evaluation (4)‏ Security & Privacy in Ubiquitous Information screen

15. Evaluation (5)‏ Security & Privacy in Ubiquitous Information screen

16. Security & Privacy in Ubiquitous Information screen Evaluation (4)‏ Crypto evaluation Part (i)‏ PKI Part (ii)‏ Certificate Part (ii)‏ Attacking ECC X X X X X X X X X X X X X X X X X X X X X X X X X X X X

17. Security & Privacy in Ubiquitous Information screen Conclusion Complex personal infor & handling Ploriferation mobile devices & ubiquity Robust security Way forward Ontologies, sizes & anonymous BD_ADDR

18. Security & Privacy in Ubiquitous Information screen References Ben Wood, Carolina Milanesi, Ann Liang, Hugues De La Vergne, Tuong Huy Nguyen, and Nahoko Mitsuyama. Forecast: Mobile terminals, worldwide, 2000-2009. Technical report, Gatner Research, 2005. Adam Greenfield. Everyware, The dawning age of ubiquitous computing, volume 1.New Riders, 1 edition, 2006. Mark Weiser. The computer for the 21st century. In Scientific American Journal, pages 94 – 104, New York, NY, USA, 1991. ACM. Pekka Jäppinen. Mobile Electronic Personality. PhD thesis, Lappeenranta University Of Technology, 2004. Ian F. Blake, Gadiel Seroussi, and Nigel P. Smart. Advances in Elliptic Curve Cryptography, volume 1. Cambridge University Press., 2 edition, 2005 A. Lugmayr, T. Saarinen, and J.-P. Tournut. The digital aura - ambient mobile computer systems. Parallel, Distributed, and Network-Based Processing, 2006. PDP 2006. 14th Euromicro International Conference on, 1(1):7 pp.–, 2006.