Security and Privacy in Emerging Aerospace Scenarios - Pierangela Samarati
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Security and Privacy in Emerging Aerospace Scenarios - Pierangela Samarati

on

  • 445 views

Press Conference, Rome 21 Dec 2012.

Press Conference, Rome 21 Dec 2012.
Pierangela Samarati, Milano University - Professor Department of Information Technologies

Statistics

Views

Total Views
445
Views on SlideShare
445
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Security and Privacy in Emerging Aerospace Scenarios - Pierangela Samarati Presentation Transcript

  • 1. Security and Privacy in Emerging Aerospace Scenarios Pierangela Samarati Dipartimento di Tecnologie dell’Informazione Università degli Studi di Milano pierangela.samarati@unimi.it ESTEL Conference presentation Rome, Italy - December 21, 2011c Pierangela Samarati 1/14
  • 2. The modern Information Society • Computers, mobile smart devices, and space technology are at the basis of the modern Information Society for enhancing the quality of life • Space technology in ICT: ◦ provide communications ◦ provide broadcast services ◦ deliver services (e.g., e-learning, e-health, e-commerce) to remote regions ◦ observe the Earth (e.g., environmental monitoring, urban planning, disaster management) ◦ provide time and space localization (GPS) ◦ study near-Earth space and explore the solar system and the distant universe ◦ ...c Pierangela Samarati 2/14
  • 3. Security in Aerospace Systems
  • 4. Aerospace security • Guaranteeing security requires protecting the aerospace infrastructure (satellites, planes, ground stations), communications, and applications, to ensure: ◦ integrity of data and resources ◦ confidentiality of information (privacy) ◦ availability (no denial of services)c Pierangela Samarati 4/14
  • 5. Security techniques • Some protection can be achieved by applying classical techniques, e.g.: ◦ authentication of users and devices ◦ access control ◦ firewalls ◦ antiviruses and intrusion detection systems ◦ encryption for protecting data in storage and communications • In emerging scenarios there are new challenges, e.g.: ◦ integrity and privacy in data management ◦ privacy in location-based applicationsc Pierangela Samarati 5/14
  • 6. Integrity and Privacy in Data Management
  • 7. Integrity and privacy in data management • The evolution of technologies for data management applies also to satellite and aerospatial data stored and processed at base stations • Outsourcing data and services to external servers can provide + significant cost savings and service benefits + higher availability and more effective disaster protection than in-house operations =⇒ natural evolution to move to the cloud environment • In addition to classical challenges, a major problem is: − data are not under the data owner’s controlc Pierangela Samarati 7/14
  • 8. Privacy in outsourced and cloud environment • Some data can be sensitive and cannot be known by parties different than the owner (honest-but-curious servers) =⇒ need to identify what information is sensitive and protect it from the eyes of the storing and processing servers ◦ store and process data in encrypted form − manage encrypted data, indexing for query execution, access control enforcement, protect confidentiality of accesses ◦ break sensitive associations by storing data in the form of non linkable fragments − e.g., association between an image taken by a satellite and the corresponding location datac Pierangela Samarati 8/14
  • 9. Integrity in outsourced and cloud environment • External lazy/malicious servers can misbehave =⇒ data in storage can be compromised (e.g., altered data, missed updates) ◦ digital signatures ◦ authenticated data structures =⇒ queries might be not performed properly returning an incorrect or incomplete result ◦ authenticated data structures (e.g., Merkle tree) ◦ probabilistic approaches (e.g., data replications, marker tuples)c Pierangela Samarati 9/14
  • 10. Privacy in Location-based Applications
  • 11. Location-based services in the Information Society • Location-based services are becoming part of our daily life ◦ positioning of objects and persons (e.g., car navigation via a GPS device) ◦ searching for information on objects or services on a map (e.g., locating a specific supermarket) ◦ tagging resources with geographic information (e.g., geo-tags in Twitter) =⇒ may raise privacy concernsc Pierangela Samarati 11/14
  • 12. Privacy issues in location services • GPS tracking devices may be used for safety and security reasons and for monitoring users’ activities used to allow parents to keep track of their children’s whereabouts used for monitoring aging parents with Alzheimer’s disease ! used for physical surveillance for gathering information needed for investigations ! used by car rental companies for tracking their cars and charging drivers in case of agreement infringements ! used by employers for tracking the vehicles driven by their employees − exploited by marketing companies for providing location-based advertisementsc Pierangela Samarati 12/14
  • 13. Privacy in location-based applications • Different aspects: ◦ protect the identity of users located in specific positions (identity privacy) =⇒ enlarge the area to include at least other k-1 users (k-anonymity) protect the location of users (location privacy) =⇒ obfuscate the area so to decrease its precision or confidence protect the location path of users (trajectory privacy) =⇒ block tracking by mixing trajectoriesc Pierangela Samarati 13/14
  • 14. Privacy in location-based applications • Different aspects: ◦ protect the identity of users located in specific positions (identity privacy) =⇒ enlarge the area to include at least other k-1 users (k-anonymity) protect the location of users (location privacy) =⇒ obfuscate the area so to decrease its precision or confidence protect the location path of users (trajectory privacy) =⇒ block tracking by mixing trajectoriesc Pierangela Samarati 13/14
  • 15. Privacy in location-based applications • Different aspects: ◦ protect the identity of users located in specific positions (identity privacy) =⇒ enlarge the area to include at least other k-1 users (k-anonymity) protect the location of users (location privacy) =⇒ obfuscate the area so to decrease its precision or confidence protect the location path of users (trajectory privacy) =⇒ block tracking by mixing trajectoriesc Pierangela Samarati 13/14
  • 16. Privacy in location-based applications • Different aspects: ◦ protect the identity of users located in specific positions (identity privacy) =⇒ enlarge the area to include at least other k-1 users (k-anonymity) ◦ protect the location of users (location privacy) =⇒ obfuscate the area so to decrease its precision or confidence protect the location path of users (trajectory privacy) =⇒ block tracking by mixing trajectoriesc Pierangela Samarati 13/14
  • 17. Privacy in location-based applications • Different aspects: ◦ protect the identity of users located in specific positions (identity privacy) =⇒ enlarge the area to include at least other k-1 users (k-anonymity) ◦ protect the location of users (location privacy) =⇒ obfuscate the area so to decrease its precision or confidence protect the location path of users (trajectory privacy) =⇒ block tracking by mixing trajectoriesc Pierangela Samarati 13/14
  • 18. Privacy in location-based applications • Different aspects: ◦ protect the identity of users located in specific positions (identity privacy) =⇒ enlarge the area to include at least other k-1 users (k-anonymity) ◦ protect the location of users (location privacy) =⇒ obfuscate the area so to decrease its precision or confidence protect the location path of users (trajectory privacy) =⇒ block tracking by mixing trajectoriesc Pierangela Samarati 13/14
  • 19. Privacy in location-based applications • Different aspects: ◦ protect the identity of users located in specific positions (identity privacy) =⇒ enlarge the area to include at least other k-1 users (k-anonymity) ◦ protect the location of users (location privacy) =⇒ obfuscate the area so to decrease its precision or confidence ◦ protect the location path of users (trajectory privacy) =⇒ block tracking by mixing trajectoriesc Pierangela Samarati 13/14
  • 20. Privacy in location-based applications • Different aspects: ◦ protect the identity of users located in specific positions (identity privacy) =⇒ enlarge the area to include at least other k-1 users (k-anonymity) ◦ protect the location of users (location privacy) =⇒ obfuscate the area so to decrease its precision or confidence ◦ protect the location path of users (trajectory privacy) =⇒ block tracking by mixing trajectoriesc Pierangela Samarati 13/14
  • 21. Privacy in location-based applications • Different aspects: ◦ protect the identity of users located in specific positions (identity privacy) =⇒ enlarge the area to include at least other k-1 users (k-anonymity) ◦ protect the location of users (location privacy) =⇒ obfuscate the area so to decrease its precision or confidence ◦ protect the location path of users (trajectory privacy) =⇒ block tracking by mixing trajectoriesc Pierangela Samarati 13/14
  • 22. Conclusions • Space technology in ICT: + enable new services and applications enhancing the quality of life + promote social and economic development ◦ require addressing security and privacy issues to ensure correctness of applications and social acceptabilityc Pierangela Samarati 14/14