Presentation is loading. Please wait.

Presentation is loading. Please wait.

Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center 2014 www.know-center.at Security.

Published byAugustine Stone Modified over 9 years ago

Similar presentations

Presentation on theme: "Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center 2014 www.know-center.at Security."— Presentation transcript:

1 gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center 2014 www.know-center.at Security Concepts for a Distributed Architecture for Activity Logging and Analysis

2 © Know-Center 2014 2 Overview  Activity Logging and Analysis  Use case  Privacy concerns  Focus here: prevent unauthorised access  System Architecture  Security analysis  Assets  Vulnerabilities  Attackers  Threats  Security concepts

3 © Know-Center 2014 3 Activity Logging and Analysis  From data to activity

4 © Know-Center 2014 4 Activity Logging and Analysis  Use Case: Support Time Management  Help people to reflect on time management issues  Detect „Types of Activity“  E.g. Application Use, Travelling, Communicating, Reading, Writing  Trigger reflection  Show history of activities  Reflection diary

5 © Know-Center 2014 5 Activity Logging and Analysis  Privacy Concerns  Data is highly sensitive  Need Privacy-Respecting Systems  Privacy-Respecting Systems  Protect user identity  Control what kind of data is collected  Control data collection  Protect against unauthorised access

6 © Know-Center 2014 6 Activity Logging and Analysis  Privacy Concerns  Data is highly sensitive  Need Privacy-Respecting Systems  Privacy-Respecting Systems  Protect user identity  Control what kind of data is collected  Control data collection  Protect against unauthorised access

7 © Know-Center 2014 7 System Architecture  Sensors  Log data  From Hardware Sensors  E.g. accelerometer  By itself  E.g. logging foreground windows  Send data to Sensor Hub

8 © Know-Center 2014 8 System Architecture  Sensors  Sensor Hub  Sensor configuration  Local data storage  Data transmission to server

9 © Know-Center 2014 9 System Architecture  Sensors  Sensor Hub  Server  Receives data from Sensor Hub, Client Services and Applications  Stores data  Answers requests from Client Services and Applications

10 © Know-Center 2014 10 System Architecture  Sensors  Sensor Hub  Server  Client Services and Applications  Access/Modify data on the server

11 © Know-Center 2014 11 Security Analysis  Asset = Data  Vulnerabilities  Physical access  Logical access  Physical access  Log into or steal device  Network cable infrastructure  Logical access  Installation of Malware

12 © Know-Center 2014 12 Security Analysis  Asset = Data  Vulnerabilities  Physical access  Logical access  Physical access  Log into or steal device  Network cable infrastructure  Logical access  Installation of Malware Who will be attackers with a strong motivation?

13 © Know-Center 2014 13 Security Analysis - Attackers

14 © Know-Center 2014 14 Security Analysis - Attackers

15 © Know-Center 2014 15 Security Analysis - Threats High Risk Threats  By Management  Physical access of victim‘s device  Read/Modify logged data

16 © Know-Center 2014 16 Security Analysis - Threats High Risk Threats  By Management  Physical access of victim‘s device  Read/Modify logged data  By Management + Sys. Admin.  Physical access of victim‘s device and server  Read/Modify logged data

17 © Know-Center 2014 17 Security Analysis - Threats High risk Medium risk  By Management + Sys. Admin.  Intercept network communication  More effort to implement  Limited to information sent

18 © Know-Center 2014 18 Security Analysis - Threats High risk Medium risk  By Management + Sys. Admin.  Intercept network communication  More effort to implement  Limited to information sent  By Management + Sys. Admin.  Intercept communication between sensors and hub  More effort to implement

19 © Know-Center 2014 19 Security Analysis - Threats High risk Medium risk Low risk  By Cyber Criminal  Malware reads logged data

20 © Know-Center 2014 20 Security Concepts – Data Collection I  Hub encrypts data prior storing  Using a stream cipher  Initialisation with server‘s public key  Pro‘s  Protects against unauthorised reads  Need only one key pair  Private key resides on the server  Con‘s  User can not edit data locally  No protection against Malware

21 © Know-Center 2014 21 Security Concepts – Data Collection II  Encrypted storage of data  Use stream cipher  Initialisation with user‘s public key  Pro‘s  Protects against unauthorised reads  User can edit data locally  Con‘s  Security depends on password strength of user‘s private key  No protection against Malware

22 © Know-Center 2014 22 Security Concepts – Communication  Encrypted data communication  Standard HTTPS  Data Collection I  Authentication at server  Authentication of Sensor Hub  On start up  Prior to sending data

23 © Know-Center 2014 23 Security Concepts – Server I  Encrypted storage of data  Trusted Platform Module  Pro‘s  High security  Protection against unauthorised reads + Malware  No user interaction for data decryption necessary  Con‘s  Relatively new technology  Harder to implement

24 © Know-Center 2014 24 Security Concepts – Server II  Encrypted storage of data  Pro‘s  Easier to implement  Con‘s  User interaction required on server start up  No Malware protection

Download ppt "Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center 2014 www.know-center.at Security."

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)

2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

Similar presentations

Ads by Google