190 likes | 399 Views
Ubiquitous Systems Security. Boris Dragovic Boris.Dragovic@cl.cam.ac.uk Systems Research Group Computer Laboratory University of Cambridge, UK. Ubiquitous Systems Security. What is Ubiquitous Computing? What are the Security & Privacy issues? The CASPEr project EU initiative
E N D
Ubiquitous Systems Security Boris Dragovic Boris.Dragovic@cl.cam.ac.uk Systems Research Group Computer Laboratory University of Cambridge, UK
Ubiquitous Systems Security • What is Ubiquitous Computing? • What are the Security & Privacy issues? • The CASPEr project • EU initiative • Concluding remarks
What is Ubiquitous Computing? (1) “Each person is continually interacting with hundreds of … interconnected computers” -- “Some computer science issues in Ubiquitous computing.”, CACM, 1993. which ideally “weave themselves into the fabric of everyday life until they are indistiguinshable from it” -- Mark Weiser, “The computer of the 21st century.”, Scientific American, 1991.
What is Ubiquitous Computing? (2) • “Wirelessly networked processors embedded in everyday objects” • Smart environments characterized by: • Transparent interaction • Automated capture • Context awareness • Proactive and reactive • Example projects • AT&T Active bat/badge, HP Cooltown, Microsoft Aura, Intel Place Lab and PersonalServer, EQUATOR
What is Ubiquitous Computing? (3) • Where do we currently stand? • Ubiquitous devices (always “at hand”): • Mobile phones, Personal Digital Assistants, Laptops, etc. • Ubiquitous networks (always available): • (W)LAN/MAN (Ethernet & IEEE 802.11) • GSM/GPRS/3G • PANs (Bluetooth, IrDA, AudioNet etc.) • Ubiquitous services • Currently mostly “location-based”
What is Ubiquitous Computing? (4) Reference: Alan Daniel, Georgia Institute of Technology. http://www.cc.gatech.edu/classes/cs6751_97_fall/projects/gacha/daniels_essay.html
What is Ubiquitous Computing? (5) • Effects (always-on, always-available) • economy & businesses • productivity • competitiveness • growth • etc. • private lives
Security & Privacy Issues (1) • The “Old Model” – a Castle • Security perimeter, inside and outside • Firewalls for access control • Static security policy • Static trust model • Tendency to focus on network layer • Pre-evaluated, non- or slowly-evolving threat model.
Security and Privacy Issues (2) • Relevant UbiComp characteristics: • wireless media supporting from personal-area to wide-area networks • ad-hoc device association at different layers • location and context considerations in policy management • heterogeneity of content encoding • variability in processing and storage capabilities of devices • heterogeneity of security & privacy policies
Security and Privacy Issues (3) • The “New Model” • Authentication • secure transient associations • proximity • Recognition vs. Authentication • activities/behaviour • situation interpretation • Identity Management
Security and Privacy Issues (4) • The “New Model” • Confidentiality • eavesdropping on wireless links not a major issue • device capabilities (processor, battery etc.) • confidentiality of data and meta data on devices real problem • Integrity • again, not messages in transit but devices • tamper resistance/evidence
Security and Privacy Issues (5) • The “New Model” • Availability • jamming communications channels • sleep deprivation • Dynamic Trust Model • localised decisions • context aware • Context-awareness • Generalised RBAC • Location-based access control
Security and Privacy Issues (6) • The “New Model” • Security policies • prevent formation of “evidence”: forming a link between contexts, objects, users and objectives. • e.g. number, “credit card”, “foo bar”, credit limit • Location information privacy • One of the burning issues
The CASPEr projectContainment Aware Security for Pervasive Environments • Goal: Data Protection in the UbiComp enhanced World • A new paradigm • protection of individual data objects • as they switch contexts • by being contained on mobile devices and communication channels in dynamic environments • and thus threat models • through proactive data format management
The CASPEr projectContainment Aware Security for Pervasive Environments • Strong analogy to human behaviour • Real-world examples, applications: • persistant storage on mobile devices • environmental displays (PersonalServer) • communications channels trust • email attachments • etc. • Humans unable to cope with complexity • an automatic, proactive mechanism needed
The CASPEr projectContainment Aware Security for Pervasive Environments • Overview: • security policy (external): • containment attributes and values • respective data format transformations • containment manager: • determines current containment attribute values • data object tracking system: • system-wide data-object location • policy enforcement: • format transformation
The CASPEr projectContainment Aware Security for Pervasive Environments • Variable level of application awareness • granularity of format transformations • Orthogonal to traditional access control • traditional AC: ID x Obj x Action -> Perm • CASPEr: ObjType x Containment -> Format • Current activities: • OS Level implementation • GPRS/WLAN/LAN testbed implementation • Audio containment and location analysis
EU Cybersecurity Efforts • European Commission • Joint Research Council (JRC) • Institute for Prospective Technological Studies – Information and Communications Technologies. • Series of proposals and directives • OECD • Guidelines for data protection, information systems security and networks, crypto etc. • Council of Europe • Conventions on cybercrime, automatic data processing etc.
Conclusion • In the Ubiquitous World enterprise borders disappear. • Traditional, “Old Model”, approaches to protecting Security & Privacy are too rigid. • Need for a “New Model” which is flexible, adaptable, robust, effective and un-obtrusive. • Data-centric protection mechanism, CASPEr, promising.