Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Architecture for Privacy-Sensitive 1 1/15/2015 Urban Sensor Security Challenge University Central of Florida Class: EEL6788 Date: April 21, 2010 By.

Similar presentations

Presentation on theme: "An Architecture for Privacy-Sensitive 1 1/15/2015 Urban Sensor Security Challenge University Central of Florida Class: EEL6788 Date: April 21, 2010 By."— Presentation transcript:

1 An Architecture for Privacy-Sensitive 1 1/15/2015 Urban Sensor Security Challenge University Central of Florida Class: EEL6788 Date: April 21, 2010 By Cindy Nguyen H

2 An Architecture for Privacy-Sensitive 2 1/15/2015 University Central of Florida 1.Introduction 2.Case Study 3.Security Issues 4.Conclusion Outline

3 An Architecture for Privacy-Sensitive 3 1/15/2015 University Central of Florida  Science and technology comes into almost every aspect of our lives, helping us to solve problems and create opportunities.  Despite the achievements, we face very real economic and environmental challenges that require a new level of effort and success.  While today, much security research is about defending against the attacks on security and privacy, there has been theoretical work in computer security, along with the beginnings of a science base for security. Introduction

4 An Architecture for Privacy-Sensitive 4 1/15/2015 University Central of Florida  Urban sensing wireless network systems that utilize mobile phones which enable individuals and communities to collect and share data with unprecedented speed, accuracy and granularity.  In the work place, home or nursing-homes, pervasive networks may assist residents and their caregivers by providing continuous medical monitoring, memory enhancement, control of home appliances, medical data access, and emergency communication.  Employing mobile handsets as sensor nodes poses new challenges for privacy, data security, and ethics. Introduction

5 An Architecture for Privacy-Sensitive 5 1/15/2015 University Central of Florida  M-Commerce  Health monitoring 2004  Health Care Application  Emergency Medical Response 2005 Case Study

6 An Architecture for Privacy-Sensitive 6 1/15/2015 University Central of Florida Case #1 M-Commerce

7 An Architecture for Privacy-Sensitive 7 1/15/2015 University Central of Florida M-Commerce The emergence of mobile devices and wireless networks has created a new path in the field of E-commerce: “M-commerce”. Significant research is needed in the field of service discovery to support M-commerce applications.

8 An Architecture for Privacy-Sensitive 8 1/15/2015 University Central of Florida  Wireless Application Protocol (WAP)  Created by WAP Forum –Founded June 1997 by Ericsson, Motorola, Nokia, –500+ member companies –Goal: Bring Internet content to wireless devices  Wireless Transport Layer Security (WTLS)  Control: WAP Gap –Data in the clear at gateway while re-encryption takes place  Link Layer: LAN: 802.11, Bluetooth, WAN: Analog / AMPS  Devices: Cell phone, Palm, WinCE, Blackberry M-Commerce - (WAP)

9 An Architecture for Privacy-Sensitive 9 1/15/2015 University Central of Florida Basic WAP Architecture Web Server WTLSSSL Internet WAP Gateway WTLS: Wireless Transport Layer Security SSL: Secure Socket Layer

10 An Architecture for Privacy-Sensitive 10 1/15/2015 University Central of Florida Less processing power on devices – Slow Modular exponentiation and Primality Checking (i.e., RSA) – Crypto operations drain batteries (CPU intensive!) Less memory (keys, certs, etc. require storage) Few devices have crypto accelerators, or support for biometric authentication No tamper resistance (memory can be tampered with, no secure storage) Primitive operating systems w/ no support for access control (Palm OS) Security Challenges

11 An Architecture for Privacy-Sensitive 11 1/15/2015 University Central of Florida  The intermediate entity can potentially attack communications between two parties. Typically attacks involve altering the content or the order of messages and replaying messages sent earlier.  In applications based on cell phones, by definition, the cell phone will know the physical location of client device. This creates privacy risks Privacy and Authenticity

12 An Architecture for Privacy-Sensitive 12 1/15/2015 University Central of Florida  Link Layer Security – GSM: A3/A5/A8 (auth, key agree, encrypt) – CDMA: spread spectrum + code seq – CDPD: RSA + symmetric encryption  Application Layer Security – WAP: WTLS, WML, WMLScript, & SSL – iMode: N/A – SMS: N/A Wireless Security Approaches WTLS: Wireless Transport Layer Security SSL: Secure Socket Layer WML: Wireless Markup Language GSM: Global System for Mobile CDMA: Code Division Multiple Access CDPD - Cellular Digital Packet Data

13 An Architecture for Privacy-Sensitive 13 1/15/2015 University Central of Florida Case #2 Health Monitoring System

14 An Architecture for Privacy-Sensitive 14 1/15/2015 University Central of Florida  Developing network architecture for smart healthcare will provide new opportunities for continuous monitoring for assisted and independent- living. This will preserve resident comfort, security and privacy for individuals while also providing a managing network for medical history records.  Integration with existing medical practice and technology, real-time and long term monitoring, wearable sensors and assistance to chronic patients, elders or handicapped people Health Monitoring Application (HMA)

15 An Architecture for Privacy-Sensitive 15 1/15/2015 University Central of Florida Example: Smart Health Home Layout of the experimental smart health home Current configuration of the medical test-bed

16 An Architecture for Privacy-Sensitive 16 1/15/2015 University Central of Florida Example: Smart Health Home This architecture is multi-tiered, with heterogeneous devices ranging from lightweight sensors, to mobile components, and more powerful stationary devices. “MicaZ with MTS310 sensor board” Portability and unobtrusiveness Ease of deployment and scalability Real-time and always-on Reconfiguration and self-organization

17 An Architecture for Privacy-Sensitive 17 1/15/2015 University Central of Florida Experimental Smart Health Home  These system is single hop, as the radio range covers all of the facility. A multi-hop protocol will be necessary for access of multiple floors, or if transmission power is reduced.  Data communication is bi-directional between the motes and the Star gate. Time- stamping is done by the PC when motion events are received.

18 An Architecture for Privacy-Sensitive 18 1/15/2015 University Central of Florida  When the data association mechanisms are not sufficient, or integrity is considered critically important, some functionalities of the system can be disabled.  This preserves only the data which can claim a high degree of confidence.  In an environment where false alarms cannot be tolerated, there is a tradeoff between accuracy and availability. Data Integrity - HMA

19 An Architecture for Privacy-Sensitive 19 1/15/2015 University Central of Florida  The system is monitoring and collecting patient data that is subject to privacy policies.  For example, the patient may decide not to reveal the monitored data of certain sensors until it is vital to determine a diagnosis and therefore, authorized by the patient at the time of a doctor visit. Security and privacy mechanisms must be throughout the system. Security and privacy - HMA

20 An Architecture for Privacy-Sensitive 20 1/15/2015 University Central of Florida Case #3 Health Care Application

21 An Architecture for Privacy-Sensitive 21 1/15/2015 University Central of Florida  The use of wireless sensor networks (WSN) in healthcare applications is growing at a fast pace. Numerous applications such as: –Heart rate monitor, –Blood pressure monitor and –Endoscopic capsule are already in use.  To address the growing use of sensor technology in this area, a new field known as Wireless Body Area Networks (WBAN or simply BAN) has emerged. Health Care Application (HCA)

22 An Architecture for Privacy-Sensitive 22 1/15/2015 University Central of Florida Architecture in Healthcare Application Architecture of Wireless Sensor Networks in Healthcare Applications

23 An Architecture for Privacy-Sensitive 23 1/15/2015 University Central of Florida Security Issues - HCA  Many sensor networks applications used in healthcare are heavily relied on technologies that can pose security threats like eavesdropping and denial of services.  There are concerns of health hazards for the implanted sensor devices. The concerns have far reaching social implications.  The social implications and issues that are directly related to the above mentioned application scenarios can be categorized into three major areas security, privacy and legal issues. Besides these, there can be more issues such as economic and political issues.

24 An Architecture for Privacy-Sensitive 24 1/15/2015 University Central of Florida Case #4 Emergency Medical Response

25 An Architecture for Privacy-Sensitive 25 1/15/2015 University Central of Florida Emergency Medical Response (EMR)  Systems need to communicate with hospitals from the field and exchange information about:  Patient condition,  Expected time of patient arrival, and  Occasionally inquire about the ability to accept more patients.  An ideal EMS system should provide real-time information and tracking of patients, staff and emergency vehicles.

26 An Architecture for Privacy-Sensitive 26 1/15/2015 University Central of Florida Architecture Emergency Medical Response A local command site for field coordination A central command site for global resource management A web services architecture to process, interpret, aggregate and present information Cellular/Satellite wireless links for real time communication between local and remote sites A wireless infrastructure for real-time data transport between motes and local PDAs and tablet PCs Patient sensors (a pulse oximetry sensor integrated with a GPS receiver, micro- processor, data storage & transmitter) for patient vital sign and location monitoring

27 An Architecture for Privacy-Sensitive 27 1/15/2015 University Central of Florida  While web services provide powerful and flexible service oriented architectures, they also introduce overheads such as the extraction of the SOAP envelope and parsing of the contained XML information.  These are the issues known over a wired internet. It is possible that these problems increase exponentially over a wireless internet, where there are bandwidth and connectivity issues.  There are in the process of conducting quantitative empirical studies to test web services over a wireless internet.  The latency and through-put will be tested while the vehicle is standing still and at varying speeds.  The data types and lengths will also be varied. Security Issues - HCA

28 An Architecture for Privacy-Sensitive 28 1/15/2015 University Central of Florida  It must be possible to erase data stored on a device that is stolen or lost?... If not, that data may fall into the wrong hands.  Look for centralized management features that allow administrators to purge data remotely from a missing device. Security Issues - Lost or Stolen Device

29 An Architecture for Privacy-Sensitive 29 1/15/2015 University Central of Florida  Authentication service consists of association processing among nodes. It is an efficient method against impersonation attacks.  How effective is the solution’s approach to authenticating individuals using the device and guarding against fraud?  Strong password protection, two-factor authentication, and best-practice password policies are all elements of an effective data security plan. Security Issues - Authentication

30 An Architecture for Privacy-Sensitive 30 1/15/2015 University Central of Florida  This security service prevents the attacker from replaying the old frames that it eavesdropped by using nonce or time token.  Wireless networking is revolutionizing the way people work and play. By removing physical constraints commonly associated with high- speed networking, individuals are able to use networks in ways never possible in the past. Security Issues - Protection

31 An Architecture for Privacy-Sensitive 31 1/15/2015 University Central of Florida  Wireless Users have many more opportunity in front of them, but those opportunities open up the user to greater risk.  The risk model of network security has been firmly entrenched, in the concept that the physical layer is at least somewhat secure.  There is no physical security. The radio waves that make wireless networking possible are also what make wireless networking so dangerous.  An attacker can be anywhere nearby listening to all the traffic from your network in your yard, in the parking lot across the street, or on the hill outside of town. By properly engineering and using your wireless network, you can keep attackers at bay. Security Issues

32 An Architecture for Privacy-Sensitive 32 1/15/2015 University Central of Florida  One of the biggеѕt threats to security, may be technological progress itself, as organizations embrace new technologies without taking the associated risk into account.  To maintain and improve security, you need more than just the right blend of technology, policy and procedure.  Distinctions between –Speech and action, –Traditional concept of property, –Definitions of jurisdictional authority, and –Enforcement powers are poorly understood in the new-networked world.  To the extent that laws are the embodiment of ethical beliefs, the lack of agreement on what is ethical makes developing legal codes extremely difficult. Privacy and Integrity Issues

33 An Architecture for Privacy-Sensitive 33 1/15/2015 University Central of Florida Conclusion  Industry best practices and regulatory mandates place a high premium on securing electronic data and protecting it against theft or unauthorized viewing.  To be effective, data security needs to be integrated into the solution, becoming an integral part of each communication channel, data storage medium and network link.  To meet privacy and data integrity concerns, security should provide an umbrella of protection that extends end-to-end, from the handheld computing device across the Internet to the back-end data servers.

34 An Architecture for Privacy-Sensitive 34 1/15/2015 University Central of Florida References [1] A. Perrig, J. Stankovic, and D. Wagner, invited paper, “Security in Wireless Sensor Networks”, Communications of the ACM, Volume 47, Number 6, pages 53-57, June 2004 [2] G. Virone, A. Wood, L. Selavo, Q. Cao, L. Fang, T. Doan, Z. He, R. Stoleru, S. Lin, and J.A. Stankovic, “An Advanced Wireless Sensor Network for Health Monitoring”, Department of Computer Science, University of Virginia, 2005 [3] Katie Shilton, Jeff Burke, Deborah Estrin, Mark Hansen, Mani B. Srivastava, “Achieving Participatory Privacy Regulation”: Guidelines for CENS Urban Sensing, Center for Embedded Networked Sensing, University of California Los Angeles. June 25, 2008 [4] Mani Srivastava, Mark Hansen, Jeff Burke, Andrew Parker, Sasank Reddy, Ganeriwal Saurabh, Mark Allman, Vern Paxson, Deborah Estrin, Wireless “Urban Sensing Systems, Center for Embedded Networked Sensing Systems”, UCLA, April 2006 [5] By Deep a Kundur, Senior Member IEEE, William Luh, Student Member IEEE,- Unoma Ndili Okorafor, Student Member IEEE, and Takis Zourntos, Member IEEE, “Security and Privacy for Distributed Multimedia Sensor Networks” - Vol. 96, No. 1, January 2008 [6] Laurent Eschenauer, Virgil D. Gligor: A “key-management scheme for distributed sensor networks”. ACM Conference on Computer and Communications Security, pages 41-47, November 18-22, 2002

35 An Architecture for Privacy-Sensitive 35 1/15/2015 University Central of Florida References [7] Shilton Katie, Burke Jeffrey A, Estrin D, Hansen Mark, & Srivastava Mani. “Participatory Privacy in Urban Sensing”, UC Los Angeles: Center for Embedded Network Sensing. 04-21-2008. [8] An Liu, Peng Ning, "TinyECC: “A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks”, in Proceedings of the 7th International Conference on Information Processing in Sensor Networks (IPSN 2008), SPOTS Track, pages 245-256, April 2008. [9] Apu Kapadia, Nikos Triandopoulos, Cory Cornelius, Dan Peebles and David Klotz. AnonySense, “Opportunistic and Privacy-Preserving Context Collection”. In Proceedings of the Sixth International Conference on Pervasive Computing (Pervasive), pages 280-297, May 2008 [10] Baik Hoh, Marco Gruteser, Ryan Herring, Jeff Ban, Dan Work, Juan-Carlos Herrera, Alexandre Bayen, Murali Annavaram, Quinn Jacobson. “Virtual Trip Lines for Distributed Privacy-Preserving Traffic Monitoring”, ACM Mobisys, 2008 [11] Peter Johnson, Apu Kapadia, David Kotz and Nikos Triandopoulos – “People-Centric Urban Sensing: Security Challenges for the New Paradigm” - Institute for Security Technology Studies, Dartmouth College, Dartmouth Computer Science Technical Report TR2007-586, February 2007. [12] Moshaddique Al Ameen, Jingwei Liu and Kyungsup Kwak – “Security and Privacy Issues in Wireless Sensor Networks for Healthcare Applications” - 18 December 2009 / Accepted: 16 February 2010

36 An Architecture for Privacy-Sensitive 36 1/15/2015 University Central of Florida References [13] John Crum – “Pay for Performance: The Answer to the Human Capital Crisis?” - The Public Manager, Vol. 32, 2003 [14] Prepared Statement on the National Security Personnel System – “U.S. Department of Defense Speeches” - June 4, 2003 [15] Dipanjan Chakraborty, Filip Perich, Sasikanth Avancha, Anupam Joshi – “Semantic Service Discovery for M-Commerce Applications” - University of Maryland, Baltimore County [16] Nada Hashmi, Dan Myung, Mark Gaynor, Steve Moulton – “A Sensor-based,Web Service-enabled, Emergency Medical Response System” - Boston University - 2005 [17] Eun-Kyeong Kwon1, Yong-Gu Cho2, and Ki-Joon Chae – “Security Enhancement on Mobile Commerce” - W. Kim et al. (Eds.): Human.Society@Internet 2001, LNCS 2105, pp. 164-176, 2001. Springer-Verlag Berlin Heidelberg 2001

37 An Architecture for Privacy-Sensitive 37 1/15/2015 University Central of Florida Question?

Download ppt "An Architecture for Privacy-Sensitive 1 1/15/2015 Urban Sensor Security Challenge University Central of Florida Class: EEL6788 Date: April 21, 2010 By."

Similar presentations

Ads by Google