Presentation on theme: "SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation."— Presentation transcript:
SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation simple? What if we add location information to the policy and say “Grant access to all people present in the room”. STUDENTS
LOCATION BASED TRUST NEGOTIATION MOTIVATION Conventional trust negotiation mechanisms rely on the assumption that requestors’ profiles fully determine what they are authorized to do. A requestor’s profile is not the only thing that matters,his/her physical location may also play a pivotal role in determining access rights. Automated trust negotiation networks should be adapted to handle location based scenarios.
CHALLENGES Choosing the right location measurement technology Defining symbolic positions in a machine understandable way. Expressing and handling both absolute and relative locations. Proper treatment of volatile information. Handling dynamically changing information (Future Work)
LOCATION BASED PREDICATES Position Based Conditions: Conditions Based on the location of the user i.e. if he is located in a certain area, proximity to common landmarks etc. Movement Based Conditions: Conditions based on the mobility of the user like velocity, direction, acceleration etc. Interaction Based Conditions: Conditions relating multiple users like number of users in a particular area, two users in the same area etc. Identifying the kind of conditions that might be useful for to include in our policies is the first step. We identified three types of conditions
ARCHITECTURE The location service has the capability to understand information from wireless networks and GPS (Global Positioning Systems). CLIENT ENTITY SERVER ENTITY
WIRELESS NETWORKS Has limited coverage but extremely helpful in indoor environments( e.g buildings, malls, floors) Access points visible and signal strength will be the main parameters on which location identification will take place. Important characteristics of the network can be obtained like current access point, ssids of networks visible etc. Change in network statistics can be accounted for in the maps. The MoCA( Mobile Collaboration Architecture) system has all the facilities needed for such a situation
MoCA (MOBILE COLLABORATION ARCHITECTURE) A middleware architecture that supports the development and deployment of context-aware distributed applications for infra-structured wireless local networks, that is, IEEE 802.11b/g WLANs. Consists of a set of API's that enable easier and more effective application development by providing easy access to generic services useful for location identification. Consists of three main parts a) MoCA Monitor: Responsible for collecting all relevant data about the access points visible and signal strength and displaying it to the user. b) CIS (Context Information Service): Collects all the data that the monitor receives. c) LIS(Location Inference Service): Uses the data from CIS and other data from previously created reference points to determine location.
SIMPLE NEGOTIATION USING MoCA SERVICES CLIENT SERVER Request for resource MoCA Ask device identifier Supplies id Check Location Location Value Grant Access
GPS (GLOBAL POSITIONING SYSTEM) Ideal for outdoor environments NMEA sentences read from the receiver are used to compute location. Many other attributes other than position like elevation, time, direction etc can be obtained from the data. The complete path for a given duration of time can be obtained. Information can be used to plot location on any commercially available or custom made maps. The GPS Data is read from the serial port from where it is sent to the service to process the NMEA Data.
NEGOTIATION USING GPS $GPRMC,144020.9 81,V,,,,,,,070508,,,N *44 NMEA DATA POLICY ENGINE REPLY PLOT THE LOCATION
RESULTS AND POSSIBLE PREDICATES LOCATION RESULTS OBTAINED Access Points Visible: Check the access points which are visible from the client’s area. Position on Google Maps: Plotting the user’s current position on google maps using the static map API provided. Other information like signal strength, battery level, direction, elevation, current access point are also computed which can be used based on the need. REASONING PREDICATES Alone: Using this we can find out whether the user is alone in a particular area or not. Same Area: We can check whether two users are in the same area or not.
FUTURE WORK Adapting the system to make sure that any location changes during the course of the negotiation are taken into consideration Automation of the GPS location identification process. Design of custom maps which can be used to generate location automatically in case of GPS. Ability to compute relative location like for example. Proximity to a certain building, landmark.