1 / 11

Secure Zero Configuration in a Ubiquitous Computing Environment

Shenglan Hu and Chris J. Mitchell Information Security Group Royal Holloway, University of London 10 February 2005. Secure Zero Configuration in a Ubiquitous Computing Environment. Agenda. What and why. Our Goal. Security Issues. Possible Solutions. Ongoing and Future Work.

princessj
Download Presentation

Secure Zero Configuration in a Ubiquitous Computing Environment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Shenglan Hu and Chris J. Mitchell Information Security Group Royal Holloway, University of London 10 February 2005 Secure Zero Configuration in a Ubiquitous Computing Environment

  2. Agenda What and why Our Goal Security Issues Possible Solutions Ongoing and Future Work

  3. What is Zero Configuration • The IETF Zero Configuration Networking (ZeroConf) Working Group has defined a ZeroConf protocol as follows: “A ZeroConf protocol is able to operate correctly in the absence of either user configuration or external configuration from infrastructure services such as conventional DHCP or DNS servers. ZeroConf protocols may use configuration, when it is available, but do not rely on it being present.”

  4. Areas IP hostconfiguration Host name to IP address resolution Multicast address allocation Service discovery • Getting Addresses, Names and Services • A link-local technology • suitable for use in small wired or wireless local-area • networks

  5. Why Zero Configuration is Needed? • In a ubiquitous computing environment: • Dynamic topology of networks (e.g. ad hoc networks) • No centralised servers or administration exist • No infrastructure can be relied on • Growing number of devices • Static configuration or pre-configuration infeasible • No skilled administrators or experts available • From users’ point of view: • Configuration should be as little/easy as possible Zero Configuration is a highly desired goal in Ubiquitous Computing

  6. Our Goal Devices can be configured automatically and be connected to the networks without any centralised servers or user intervention. Devices can automatically discover the services available in the network without any user administration or centralised service discovery servers. All this should be done in a secure way!

  7. Security Issues (1) • Wireless networking is widely used in ubiquitous computing. Network bandwidth is limited; Wireless links are vulnerable to both passive and active attacks. • Devices are varied and numerous. Some have very limited capabilities and physical protection.

  8. Security Issues (2) • Central servers and user administration might not exist. Key generation, distribution and maintenance become very difficult. • Ubiquitous computing environments can be highly dynamic and decentralised. Any security solution involving static configuration of a node is inappropriate because of the dynamic topology of the network.

  9. Possible Solutions • Trust based zero configuration solutions in ubiquitous computing • Application of distributed security architecture without central entities

  10. Ongoing and Future Work • Secure Zero Configuration protocols for: • IP address autoconfiguration • Service discovery • Trust modeling and management in UbiComp. • Countermeasures to denial-of-service attacks. • Distributed security architecture or framework for zero configuration.

  11. Thank you very much!

More Related