Classification of advanced mobile access control scenarios

  • 406 views
Uploaded on

Presentation for the Ecumict 2012 conference (KaHo Sint-Lieven, Ghent)

Presentation for the Ecumict 2012 conference (KaHo Sint-Lieven, Ghent)

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
406
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
3
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Faysal BoukayouaJan VossaertEcumictKaHo Sint-Lieven, GhentMarch 22nd 2012
  • 2.  Introduction MobCom Access control use cases Research challenges 2
  • 3. Time & location constraints in Privacy issues credentials? Inflexible credential issuance & revocation WeakMany authentication authentication tokens means 3
  • 4.  Trends & findings:  Increasing capabilities  Allows for more flexible solutions  Omnipresent  Mobile Internet penetration  Large backing from industry 4
  • 5.  “A Mobile Companion” IWT research project 2010-2014 Prestudy: gather relevant requirements  Interview SMEs & large companies  Generalise use cases  Analyse standards & state-of-the-art 5
  • 6. Flexible Access Control MobComContext- Loyalty aware Cards &services Vouchers 6
  • 7. User User’s mobile device 1. Request confidential data 2. Authentication prompt 3. Authenticate 4. Confidential data 7
  • 8.  Topics of interest  Distance bounding  Credential delegation to separate token  Biometrics ▪ Secure storage ▪ Secure matching 8
  • 9. Patient’s Caregiver’s Medical Credential mobile mobile caregiver issuer 1. Authenticate 2a. Request medical data 2b. Request medical data 3. Prompt for credentials 4. Display required credentials 5. Acknowledge 6. Authenticate 7. Request credentials 9. Credential properties 8. Credentials 10. Return medical data 9
  • 10.  Topics of interest  Break-the-glass policies  Credential/rights delegation  Realtime credential/rights retrieval 10
  • 11. Patient’s Caregiver’s Medical Credential door mobile caregiver issuer 1. Authenticate 2a. Request access to residence 2b. Request access to residence 3. Prompt for credentials 4. Display required credentials 5. Acknowledge 6. Authenticate 7. Request credentials 8. Issue credentials 9. Credential properties 10. Open door 11
  • 12.  Topics of interest  Remote versus local AC: ▪ Advanced versus simple decisions ▪ Revocation ▪ Requirement of network connectivity ▪ Single points of failure? ▪ Financial cost ▪ Remote upgrades 12
  • 13. Medical Caregiver’s mobile Patient’s door Credentialcaregiver issuer 1. Authenticate 2a. Request access to residence 2b. Request access to residence 3. Prompt for credentials 4. Review required credentials 5. Acknowledge 6. Set up secure authentic tunnel 7. Request credentials 8. Issue credentials 9. Credential properties 10. Open door 13
  • 14.  Typical use cases  Guests at hotels  Nurses in service flats  Cleaners in corporate environment More centralisation Remote upgrades easier No phone connectivity needed 14
  • 15. User User’s mobile User’s Credential Remote workstation issuer Server 1a. Request resource 1b. Request resource 2. Prompt for credentials 3. Forward prompt 4. Review credentials 5. Acknowledge 6. Set up secure authentic tunnel 7. Request credentials 8. Issue credentials 9. Set up secure authentic tunnel 10. Credential properties 11. Return resource 15
  • 16. 16
  • 17. 17