Center for WirelessInnovation Norway      cwin.noCWI  Norway              IDC Enterprise Mobility                        B...
Outline!   About the Center for Wireless Innovation (CWI) Norway!   Mobile Network Evolution    –   From People    –   To ...
Center for Wireless Innovation                                                             CWI A facilitator for industry ...
Generations of Mobile Networks                                                      Service view                          ...
Generations of Mobile Networks                                                      Service view                 Security ...
IoT paradigm                         • The present "Internet of PCs" will move towards an "Internet of                    ...
[Source: J. Schaper, FI PPP Constituency Event Nice, March 2010] Josef Noll                                               ...
The IoT technology andapplication domainbusiness          reliabilitydecisions                                            ...
Outline!   About the Center for Wireless Innovation (CWI) Norway!   Mobile Network Evolution    –   From People    –   To ...
The security challenge of the     Internet   How come these guys didn’t think of that?                                    ...
Security in the Internet of Things?                                                    Source: L. Atzori et al., The      ...
Security in the Internet of Things?                                                    Source: L. Atzori et al., The      ...
Security challenges!   Sensors everywhere                                   Request                                       ...
Measurable Security!   Value of information                                         is &                                  ...
Security Challenges in sensor-    enabled clouds!   Security, here    –   security (S)                                    ...
SPD Metrics specification                                                                   Factor                    Valu...
Outline!   About the Center for Wireless Innovation Norway!   Security in Mobile Networks    –   Privacy    –   Dependabil...
Use case:    SPD in heterogeneous systems!   Nano-Micro-Personal-M2M Platform     – identity, cryptography,       dependab...
The IoT ecosystem                                                                   Trust   ?!   Creating business    –   ...
Internet usage across Europe  [Robert Madelin, Directorate-General for Information Society and Media, EU commission, Aug 2...
Pr                                                      i                                                                 ...
Conclusions• The mobile system is evolving  – bring your own devices, heterogeneity  – from sensors to business decisions•...
CWIMy special thanks to• JU Artemis and the Research          • Sarfraz Alam (UNIK) and Geir  Councils of the participatin...
Upcoming SlideShare
Loading in …5
×

Measurable Security in Mobile Systems

3,362 views

Published on

The Presentation focusses on the development from current mobile networks into the future sensor-driven mobile networks. A special focus is given on security aspects, especially measurable security of systems. The presentation was given at the IDC Mobility Series 2012 in Budapest.

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,362
On SlideShare
0
From Embeds
0
Number of Embeds
2,586
Actions
Shares
0
Downloads
19
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Measurable Security in Mobile Systems

  1. 1. Center for WirelessInnovation Norway cwin.noCWI Norway IDC Enterprise Mobility Budapest, Nov 2012 Measurable Security in Mobile Networks Josef Noll Prof. at University of Oslo/UNIK Member of CWI Norway josef@unik.no
  2. 2. Outline! About the Center for Wireless Innovation (CWI) Norway! Mobile Network Evolution – From People – To Things! The way ahead: Internet of Things – connection of sensors to mobile – business decisions based on information! Security Challenges – BYOD “bring your own device” – Be aware of the value of information – Measurable security! Use case for – From Entertainment to Socialtainment – Sensor data fusion! Conclusions Measurable Security in Mobile Networks Nov 2012, Josef Noll 2
  3. 3. Center for Wireless Innovation CWI A facilitator for industry and seven research institutions to form strategic partnerships in wireless R&D n to t io o ra arc h B3G BS Sensor ab ese Networks Aggregation ll Sensor Network Abstraction & Home/Office Monitoring c o e r r o m at iv Sensor Networks F b o r Car la Offshore co l Sensor Networks Sensor Networks Nov 2012, Josef Noll
  4. 4. Generations of Mobile Networks Service view Personalised broadband 4G? LTE wireless services 3G: UMTS Multimedia communication 2G: GSM Mobile telephony, SMS, FAX, Data1G: NMT Mobile telephony 1970 1980 1990 2000 2010 [adapted from Per Hjalmar Lehne, Telenor, 2000] Measurable Security in Mobile Networks Nov 2012, Josef Noll 4
  5. 5. Generations of Mobile Networks Service view Security view IP security with Personalised broadband heterogeneous access, 4G? LTE wireless services sensors 3G: UMTS Multimedia communication Open, modular security architecture - force 2G 2G: GSM Mobile telephony, SMS, One way authentication, FAX, Data encryption visibility, “obscurity”1G: NMT Mobile telephony tap the line, connect in 1970 1980 1990 2000 2010 [adapted from Per Hjalmar Lehne, Telenor, 2000] Measurable Security in Mobile Networks Nov 2012, Josef Noll 4
  6. 6. IoT paradigm • The present "Internet of PCs" will move towards an "Internet of Things" in which 50 to 100 billion devices will be connected to the Internet by 2020. [CERP-IoT, 03.2010] • “We are entering a new paradigm where things have their own identity and enter into dialogue with both other things and humans mediated through processes that are being formed today. [IoT Europe 2010 conf., 06.2010] "Now subs we have c 30...5 ribers. I roughly 0 n 5! The speed of development – H Mio de some ye .2 Mio m ans C vices ar w obile 2010 hristi o e an H n the m will hav augli o e , CEO bile net “In 201 , Tele work 2 there nor O ”storage on single chip people were m bject on the ore dev s – Han mobile ic s Chris networ es than tian Ha k of Te ugli, CE lenor”. O, Tele nor Ob jects source: Gerhard Fettweis, TU Dresden Measurable Security in Mobile Networks Nov 2012, Josef Noll
  7. 7. [Source: J. Schaper, FI PPP Constituency Event Nice, March 2010] Josef Noll Nov 2012, 6 Measurable Security in Mobile Networks
  8. 8. The IoT technology andapplication domainbusiness reliabilitydecisions privacy Measurable Security in Mobile Networks Nov 2012, Josef Noll 7
  9. 9. Outline! About the Center for Wireless Innovation (CWI) Norway! Mobile Network Evolution – From People – To Things! The way ahead: Internet of Things – connection of sensors to mobile – business decisions based on information! Security Challenges – BYOD “bring your own device” – Be aware of the value of information – Measurable security! Use case for – From Entertainment to Socialtainment – Sensor data fusion! Conclusions Measurable Security in Mobile Networks Nov 2012, Josef Noll 8
  10. 10. The security challenge of the Internet How come these guys didn’t think of that? 1973 Kjeller ave ld h rnet wou Inte we ow “If n h ed, ...” k now elop Steve Crocker dev Jon Postel 1972 Vinton CerfExpo Berlin 2007 Source: http://www.michaelkaul.de/History/history.html ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft Measurable Security in Mobile Networks Nov 2012, Josef Noll 9
  11. 11. Security in the Internet of Things? Source: L. Atzori et al., The Internet of Things: A survey, Comput. Netw. (2010), doi: 10.1016/ j.comnet.2010.05.010 Text Measurable Security in Mobile Networks Nov 2012, Josef Noll 10
  12. 12. Security in the Internet of Things? Source: L. Atzori et al., The Internet of Things: A survey, Comput. Netw. (2010), doi: 10.1016/ j.comnet.2010.05.010 Trust Text * context-aware, * “privacy” * personalised Measurable Security in Mobile Networks Nov 2012, Josef Noll 10
  13. 13. Security challenges! Sensors everywhere Request Semantic layer Semantic layer – Service Oriented Mobile, Internet Proximity, Architecture Service Sensor e, Mobile/Proximity/ Service Registry hom ors al, ens Sensor services dic l s me ria ust sensors sensors ind! Bring your own device (BYOD) – 30-100 devices/employee Contacts Calendar – “phone in the cloud” SMS, ... ! virtualisation PC, MA C, phone, tab, ! security, e.g. apps pod, pa d, embedded... Measurable Security in Mobile Networks Nov 2012, Josef Noll 11
  14. 14. Measurable Security! Value of information is & lys na nt – Identify k A sme Ris ses – Analyse As – Evaluate Risk Measurable security sis! analy fit – “Banks are secure” -B ene – IETF working group: Better C ost than nothing security – Cardinal numbers? Measurable Security in Mobile Networks Nov 2012, Josef Noll 12
  15. 15. Security Challenges in sensor- enabled clouds! Security, here – security (S) Cloud services – privacy (P) Intelligence challenge: Overlay physics – dependability (D) Network! across the value chain challenge: – from sensors to physics Sensors, services Embedded Systems! measurable security? can be Could be composed Is made by Components and SPD Components, System SPD functionalities functionalities Measurable Security in Mobile Networks Nov 2012, Josef Noll 13
  16. 16. SPD Metrics specification Factor Value Elapsed Time <= one day 0 Minimum attack potential value to <= one week <= one month 1 4 exploit a vulnerability <= two months 7 <= three months 10 = SPD value <= four months 13 Factors to be <= five months 15 considered <= six months 17 > six months 19 Expertise where •Elapsed Time Layman 0 Calculated attack •Expertise Proficient Expert 3*(1) 6 potential •Knowledge of Multiple experts 8 functionality Knowledge of functionality •Window of opportunity Public 0 with •Equipment Attack scenarios Restricted Sensitive 3 7 Critical 11 SPD SPD SPD Window of level attributes threats Unnecessary / unlimited 0 access Easy 1Essential to build Moderate 4 Difficult 10 Base of knowledge Unfeasible 25**(2) Equipment Functio Standard 0 SPD System nality system Specialised 4(3) Bespoke 7 Multiple bespoke 9 [source: Andrea Fiaschetti, pSHIELD project, Sep 2011] Measurable Security in Mobile Networks Nov 2012, Josef Noll 14
  17. 17. Outline! About the Center for Wireless Innovation Norway! Security in Mobile Networks – Privacy – Dependability! The way ahead: Internet of Things – connection of sensors to mobile – business decisions based on information! Security Challenges – BYOD “bring your own device” – Be aware of the value of information – Measurable security! Use case for – From Entertainment to Socialtainment – Sensor data fusion! Conclusions Measurable Security in Mobile Networks Nov 2012, Josef Noll 15
  18. 18. Use case: SPD in heterogeneous systems! Nano-Micro-Personal-M2M Platform – identity, cryptography, dependability! SPD levels through overlay functionality – answering threat level – composing services! Policy-based management – composable security! Integration into Telecom Platform – from information to business decisions Measurable Security in Mobile Networks Nov 2012, Josef Noll 16
  19. 19. The IoT ecosystem Trust ?! Creating business – openness, competitive infrastructure: Consumers broadband, – climate for innovation adaptation mobile Business! Public authorities climate: market – trust, confidence Public Creative Authorities – demand demand IoT - Business programmers Ecosystem software! Consumers Academia – (early) adapters research, – education Entrepreneurs Sensor education ideas! Infrastructure providers – broadband, mobile – competition Measurable Security in Mobile Networks Nov 2012, Josef Noll 17
  20. 20. Internet usage across Europe [Robert Madelin, Directorate-General for Information Society and Media, EU commission, Aug 2010] * “use of IT in a proper way can increase effectiveness with 30-40%” IS * “we are good in technology development. But access to venture 95,1% capital is bad in Europe as compared to the USA”. [Aftenposten, 3. October 2011] gunhild@aftenposten.no NO 94,8% SE % of people used the Internet DK 93,2%100 90,7% IT EU90 HE 58,8% 73,7%80 47,5%70605040 Tyrkia Romania Hellas Bulgaria l Kypros Kroatia Italia Malta Litauen Polen Ungarn Spania Latvia Slovenia Tsjekkia Irland EU snitt Østerike Estland e Belgia Slovenia Tyskland nia Finland k ourg nd Sverige Norge Island Portuga Danmar Frankrik Nederla Storbrita Luxemb Measurable Security in Mobile Networks Nov 2012, Josef Noll 18
  21. 21. Pr i 0 30 60 90 wi vate tPhr b ho w iva oa mer 41 ith te db s br ho and 83 oa m db es 61 WWir ir us oue eles and le ed tsis s P de 3 ou s Pof C us ts C hom ed 39 id e e o 13 Greece Int Norway ern f h In et om EU-average te Ba e 6 rn nk et ing 84 Ba nk 36 On in O lin g Internet service usage t n too plin e cMeasurable Security in Mobile Networks e 16 pu ubli onta bl cc se ct 77 ic ont rv se ac ices 41 rv t eC ic eC m es - -b oo m 12 bougm erc ou hm e 71 gh t er t ce 40 19 Nov 2012, Josef Noll
  22. 22. Conclusions• The mobile system is evolving – bring your own devices, heterogeneity – from sensors to business decisions• Building the IoT architecture – Cross-layer intelligence & knowledge – Accounting for security The wo rld is w i reless• Measurable security – Metrics describing threats – Overlay description for system of systems• Building the Ecosystem – Human perspective: trust, privacy, context – Security based on measures of components, attacks and human interaction Measurable Security in Mobile Networks Nov 2012, Josef Noll 20
  23. 23. CWIMy special thanks to• JU Artemis and the Research • Sarfraz Alam (UNIK) and Geir Councils of the participating Harald Ingvaldsen (JBV) for the countries (IT, HE, PT, SL, NO, HU, train demo ES) • Zahid Iqbal and Mushfiq• Andrea Fiaschetti for the semantic Chowdhury for the semantics middleware and ideas • Hans Christian Haugli and Juan• Inaki Eguia Elejabarrieta,Andrea Carlos Lopez Calvet for the Morgagni, Francesco Flammini, Shepherd ® interfaces Renato Baldelli, Vincenzo Suraci • and all those I have forgotten to for the Metrices mention• Przemyslaw Osocha for running the pSHIELD project, Luigi Trono for running nSHIELD Nov 2012, Josef Noll 21

×