Presentation is loading. Please wait.

Presentation is loading. Please wait.

UNIT I PART II R.S.Ponmagal. Pervasive Architecture Architecture is an abstraction of the system. Architecture defines the system elements and how they.

Published bySheila Logan Modified over 8 years ago

Similar presentations

Presentation on theme: "UNIT I PART II R.S.Ponmagal. Pervasive Architecture Architecture is an abstraction of the system. Architecture defines the system elements and how they."— Presentation transcript:

1 UNIT I PART II R.S.Ponmagal

2 Pervasive Architecture Architecture is an abstraction of the system. Architecture defines the system elements and how they interact. Architecture suppresses the local information about the elements. Defines the properties of the components Provided services, required services, performance characteristics, fault handling, resource usage

3 Pervasive Architecture Software components for pervasive computing Device heterogeneity Access control

4 Software Components The pervasive computing environment forces us to face the need for components and their boundaries more clearly. Pervasive services will have to be composed from individual “components” residing in the large number of heterogeneous computing elements. The hardware environment itself will force a natural boundary between components. This may be the most clear-cut definition of a component.

5 A component will be an independently deployable piece of software that resides on one hardware element and provides a service element. Of course, there may be more than one component on each hardware element. Example – WEB SERVICES

6

7 Moore's law: Capacity of microchips doubles in 18 months => capacity grows an order of magnitude (10x) in 5 years

8 Security What data do I wish to expose? To whom? Who can presently access my data? How can I retract data exposed? Who am I communicating with? How do can the privacy of my communication and communication patterns? Who do I trust as a source of information? How do I convince others that I am trustworthy? How to make systems simultaneously secure and usable?

9 1. Establish strong identity Goal: Cryptographically strong identity to devices (endpoints) Means: Host Identity Protocol (HIP) – Identify each communicating device with a cryptographic public key – Insert the key into the TCP/IP stack 2. Assign and manage trust and authority Goal: Decentralised means for managing authorisation Means: SPKI and KeyNote2 certificates Express delegation with signed statements Eventually integrate to the operating system 3. Enable build-up of trust and reputation based on experiences Goal: Creation of trustworthy behaviour Means: Micro economic mechanism design Design the rules for the game Make unsocial behaviour uneconomical

10 Device Heterogeneity The basic premise of pervasive computing—everything connected—guarantees heterogeneity at all levels: infrastructure, hardware, software, and people. All kinds of devices must be supported. Perhaps in some specific application scenarios it is possible to restrict the kinds of devices that are supported but, in general, the environment must anticipate the existence of a wide variety of devices. If we consider devices used by the user to interact with the system, they can range from standard ones such as laptops, PDAs, and phones, to emerging ones such as those embedded in clothing and eyeglasses.

11 The variety of available devices has several implications. One is the kind of input-output devices: textual and graphic input-output will not be the only forms of human-machine interaction. Audio, visual, and other sensory modes of communication will be prevalent. Another implication is the requirement that the environment must be prepared to adapt to the device currently used by the user. For example, if the user is requesting information and he is currently driving, the retrieved data should be relayed to him with an audio message through the car radio.

12 Access Control The wide availability of services and the high mobility of users among different environments require the provision of security mechanisms to ensure the safe usage of services by legitimate users and the protection of services from unauthorized uses. Because of the wide range of services, many diverse and flexible security models and mechanisms will be needed. Either standard security mechanisms will have to be embedded in the environment and used by all applications or each application will have to build its own security mechanisms. Most likely, a combination of the two will be needed.

13 One of the most important aspects of security is access control, to ensure that services are only available to authorized users and those authorized users are allowed appropriate privileges. For example, a guest at a hotel may be allowed to print on the hotel’s printer available in the lobby but not change the contents of the event display in the same lobby. Single-sign on policy

14 Securing Pervasive Networks Using Biometrics

15 Challenges in pervasive computing environments Computing devices are numerous and ubiquitous Traditional authentication including login schemes do not work well with so many devices Proposed Solution Use biometrics for authentication At the same time, ensure security of biometric templates in an open environment Contributions Propose a biometrics based framework for securing pervasive environment Implemented a novel scheme for securing biometric data in an open environment using symmetric hash functions

16 Aspects of a Pervasive Environment User Interaction User interacts with speech, gestures and movements The sensors and computing devices are ‘aware’ of the user and in the ideal case are also aware of his ‘intent’. Proactivity The computing devices should interact and query other devices on Transparency Technology has to be transparent. behalf of the user and his intent Device interaction Frequent Multiparty interactions No central authority or third party

17 Security and Privacy Consequences of a pervasive network Devices are numerous, ubiquitous and shared The network shares the context and preferences of the user Smart spaces are aware of the location and intent of the user Security Concerns Only authorized individuals need to be given access Authentication should be minimally intrusive Devices should be trustworthy Privacy issues User should be aware of when he is being observed The user context should be protected within the network Need to balance accessibility and security Should be scalable with multiple users operating in the network

18 Solution: Biometrics? Definition Biometrics is the science of verifying and establishing the identity of an individual through physiological features or behavioral traits. Examples Physical Biometrics Fingerprint Hand Geometry Iris patterns Behavioral Biometrics Handwriting Signature Speech Gait Chemical/Biological Biometrics Perspiration Skin composition(spectroscopy)

19 Why Biometrics? Advantages of biometrics Uniqueness No need to remember passwords or carry tokens Biometrics cannot be lost, stolen or forgotten More secure than a long password Solves repudiation problem Not susceptible to traditional dictionary attacks

20 General Biometric System Database Biometric Sensor Feature Extraction Biometric Sensor Feature Extraction Matching ID : 8809 Authentication Enrollment Result

21 Framework for Authentication/Interaction Speaker Recognition Speech Recognition parsing and arbitration S1 S2 SK SN

22 Framework for Authentication/Interaction Speaker Recognition Speech Recognition parsing and arbitration Switch on Channel 9 S1 S2 SK SN

23 Framework for Authentication/Interaction Speaker Recognition Speech Recognition parsing and arbitration Who is speaking? Annie David Cathy S1 S2 SK SN “Authentication”

24 Framework for Authentication/Interaction Speaker Recognition Speech Recognition parsing and arbitration What is he saying? On,Off,TV Fridge,Door S1 S2 SK SN “Understanding”

25 Framework for Authentication/Interaction Speaker Recognition Speech Recognition parsing and arbitration What is he talking about? Channel->TV Dim->Lamp On->TV,Lamp S1 S2 SK SN “Switch”,”to”,”channel”,”nine” “Inferring and execution”

26 Speaker Recognition Speech Production Mechanism Speech production Model Impulse Train Generator Glottal Pulse Model G(z) Vocal Tract Model V(z) Radiation Model R(z) Impulse Train Generator Pitch AvAv ANAN Vocal Tract Modeling

27 Framework is Generic Face Recognition Gesture Recognition parsing and arbitration S1 S2 SK SN “Authentication”“Understanding”“Inferring and execution”

28 Security of Biometric Data Issues in biometrics Biometrics is secure but not secret Permanently associated with user Used across multiple applications Can be covertly captured Types of circumvention Denial of service attacks(1) Fake biometrics attack(2) Replay and Spoof attacks(3,5) Trojan horse attacks(4,6,7) Back end attacks(8) Collusion Coercion Fake Biometrics Threats to a Biometric System

29 Types of circumvention Denial of service attacks(1) Fake biometrics attack(2) Replay and Spoof attacks(3,5) Trojan horse attacks(4,6,7) Back end attacks(8) Collusion Coercion

30 Hashing Instead of storing the original password P, a hashed values P’=H(P) is stored instead. The user is authenticated if H(password) = P’. It is computationally hard to recover P given H(P) H() – one way hashing function Problem with biometrics Biometric data has high uncertainty Matching is inexact/probabilistic Therefore, hashing function should be error tolerant

31 Biometric Hashing Hashing Schema Hashing Personalized Hashing

32 Fingerprints Minutiae: Local anomalies in the ridge flow Pattern of minutiae are unique to each individual

33 Conclusion Smart spaces and pervasive computing are moving from concepts to implementations Security has to be incorporated in the design stage Traditional authentication and access control paradigms cannot scale to numerous and ubiquitous devices Biometrics serves as a reliable alternative for minimally intrusive authentication Biometrics solves key management and repudiation problem Securing biometrics is a major challenge in an open environment Biometric hashing can be used to create revocable biometric templates

Download ppt "UNIT I PART II R.S.Ponmagal. Pervasive Architecture Architecture is an abstraction of the system. Architecture defines the system elements and how they."

Similar presentations

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
High Performance Computing Course Notes 2007-2008 Grid Computing.

High Performance Computing Course Notes Grid Computing.
Security Challenges of Biometric Systems

Security Challenges of Biometric Systems
Access Control Methodologies

Access Control Methodologies
ELECTRONIC PRESCRIPTIONS Basia Korel Kendra Wadsworth.

ELECTRONIC PRESCRIPTIONS Basia Korel Kendra Wadsworth.
3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.

3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.
Chapter 1 – Introduction

Chapter 1 – Introduction
BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.

BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.
Towards Security and Privacy for Pervasive Computing Author : Roy Campbell,Jalal Al-Muhtadi, Prasad Naldurg,Geetanjali Sampemane M. Dennis Mickunas.(2002)

Towards Security and Privacy for Pervasive Computing Author : Roy Campbell,Jalal Al-Muhtadi, Prasad Naldurg,Geetanjali Sampemane M. Dennis Mickunas.(2002)
02/12/00 E-Business Architecture

02/12/00 E-Business Architecture
Think. Learn. Succeed. Aura: An Architectural Framework for User Mobility in Ubiquitous Computing Environments Presented by: Ashirvad Naik April 20, 2010.

Think. Learn. Succeed. Aura: An Architectural Framework for User Mobility in Ubiquitous Computing Environments Presented by: Ashirvad Naik April 20, 2010.
SECURITY IN MOBILE NETWORKS BY BHONGIRI ANAND RAJ VENKAT PAVAN RAVILISETTY NAGA MOHAN MADINENI.

SECURITY IN MOBILE NETWORKS BY BHONGIRI ANAND RAJ VENKAT PAVAN RAVILISETTY NAGA MOHAN MADINENI.
Biometrics II CUBS, University at Buffalo

Biometrics II CUBS, University at Buffalo
Biometric Authentication: Security Issues M. Fahim Zibran February 23, 2009.

Biometric Authentication: Security Issues M. Fahim Zibran February 23, 2009.
Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.

Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.

Similar presentations

Ads by Google