Notes:Primarily protecting against malware and malicious usersWe don’t want to put users at the risk of malware, but we don’t want to create a closed system like AppleUsability:An advantage webinos has is that it can present the same controls and interfaces across different devices. We’re still working on what these will be, but having a common policy model will be essential. Furthemore, the common policy model means users only need to define things once in some casesWe’ve implemented various design techniques to elicit misuse cases and misusability cases, which we hope will help us align user goals and security and privacy issuesInter-user, inter-device and inter-application communication can be managed. Management can be done on the most suitable device. Remote management of settings plannedIt would be easy to say ‘no’ to things like analytics, payment, etc. However, we’re trying to make a pragmatic system which provides a sensible trade-off.
OpenID Authentication – users authenticate by logging into their PZH through an OpenID provider. This avoids the need for any new passwords or identities for those users (we hope). It also provides a means for users to authentication outside of the personal zone.
webinos Security privacy
Security and privacy
Background webinos creates networks of personal devices and exposes them to web applications. – Potential attack vector for malware – Potential for a loss of privacy webinos must be designed to protect stakeholders (primarily users) and be implemented securely
This presentation1. Goals for security and privacy in webinos2. Focus on: 1. One device 2. The personal zone 3. Inter-user security and privacy3. Conclusions and future directions
Goals1. Protect user data, devices and services2. Balance security mechanisms against control and freedom3. Provide a consistent user experience4. Allow for management of applications, data and devices5. Take into consideration other stakeholders
Security and privacy onone device API access mediated by an XACML-based security policy architecture – Based on WAC and BONDI – Extended for multi-device scenarios – Extended with privacy controls (TBD) Application signing – Widgets – based on WAC and W3C drafts/standards – Websites – SSL certificates Local authentication
Personal zones Device authentication – Public key infrastructure for every device – PZH acts as a certificate authority – Enrolment of new devices Secure communication OpenID authentication of users Policy synchronisation PZH interface to manage zones
Communication betweenusers Personal zones can be bridged for inter- user communication Authentication – User identity expressed through OpenID / WebFinger / social network – Enables certificate exchange Authorisation – Policies mediate access to APIs and services
Conclusion Consistent, straightforward security framework Building on existing work, introducing personal zones In the future: – Interfaces – Better privacy management, expression – Integration of secure hardware? – More tools for users and developers