selected Pervasive Computing edited 05.pdf

Security and Privacy in
Pervasive Computing

Security and privacy issues in pervasive computing
Why Security?
People (enterprises) want to hide certain things from others -
Privacy reasons
People (enterprises) want to protect their property - Economic
reasons
Security in pervasive environment is critical because in many
pervasive applications, we interact with agents that are not in
our “home” or “office” environment
• Much of the work in security for distributed systems is not
directly applicable to pervasive environments
• Need to build analogies to trust and reputation relationships
in human societies
• Need to worry more about privacy!

What is Security?
Security is about
• Threats (bad things that may happen, e.g. your
money getting stolen)
• Vulnerabilities (weaknesses in your defenses, e.g.
your front door being made of thin wood and
glass)
• Attacks (ways in which the threats may be
actualized, e.g. a thief breaking through your
weak front door while you and the neighbors are
on holiday)

Assessing security
Estimating costs for the threats
Estimating probabilities for the
attacks given the vulnerabilities
Developing appropriate
 Safeguards a priori “vaccines” and
 Countermeasures a posteriori remedy

Properties of Security?
Security is expressed in terms of
Confidentiality (Privacy)
Integrity
 Norepudiation
Availability (Denial of Service)
Authentication is a foundations of security
In its absence, security properties can be violated

Confidentiality
The property that is violated whenever
information is disclosed to unauthorized
Wireless networking is more vulnerable to
passive attacks than cable based solutions as
information is radiated to anyone within range
Confidentiality in pervasive computing is
more serious because of threats to Privacy

Integrity
Integrity is violated whenever information is altered in an
unauthorized way.
This applies both to information within a host and to
information in transit between hosts.
The pervasive computing vision of unattended devices
ready to communicate with whoever comes in range clearly
makes it likely that an attacker will sooner or later tamper
with such unattended devices if this can bring him any
benefits.
• Imagine that the sensor is monitoring patient’s temperature in a
clinic or it is part of an alarm system for a nuclear power plant.

Nonrepudiation
Nonrepudiation is the property of data that the sender
should not be able to falsely deny (repudiate) sending the
data.
Important in electronic commerce because vendors do not
want clients to be able to deny that they made purchases
and thus must pay for any services or goods they received
• Online vendors would want nonrepudiation to prevent
customers from claiming that they never made a purchase
• A law enforcement investigator who finds an incrimination
email message sent from a suspect must be able to prevent the
suspect from denying that s/he sent the message (claiming
forgery by his/her name)

Availability
Availability is the property of a system which
always honours any legitimate (authorized)
requests
It is violated when an attacker succeeds in denying
service to legitimate users, typically by using up all
the available resources (Denial of Service)
The fact that ubiquitous computing implies
unattended devices opens the door to many abuses
Denial of service might be caused by malicious
programs that lock up the host device

Privacy (More on confidentiality)
Pervasive system is a distributed surveillance
system that can capture too much information
about users
This can be exploited by intruders, malicious
insiders, or even curious system administrators to
track particular users as threats to their privacy.
In some environments, like homes and clinics,
there is usually an abundance of sensitive and
personal information that must be secured, but,
if exposed it becomes threat to privacy.

Challenges in securing pervasive computing
The focus of current research in pervasive computing
is on how to connect new devices and build useful
applications to improve functionality
Security and privacy issues in such environments
have not been explored in any depth
While traditional distributed computing research
attempts to abstract away physical location of users
and resources, pervasive computing applications
often exploit physical location and other context
information about users and resources to enhance the
user experience

Trust based collaboration models
The notion of privacy has become one of
the main concerns as the technology of
smart artifacts develops
Trust based models are based on the
principle that interaction between
mutually unknown smart artifacts can
take place only if there is an adequate
level of trust between the parties.

Trust based …
There are two main sources of trust information
about another entity:
 Personal observations of the entity’s behavior are essential for
the subjective evaluation of trustworthiness; therefore the
outcome of interactions is recorded and made available as
evidence
 Recommendations from trusted third parties provide the
possibility for trust to be propagated between entities
Trustworthiness of an entity can be synthesized
from the history of its past interactions to be used by
other entities when allocating privileges

Trust based …
Problems
Not all sources and data are correct/accurate/reliable
No common sense: Person can evaluate a web site based on how
it looks, a computer cannot
No centralized party that could verify peer reliability or reliability
of its data: Device is reliable, malicious, ignorant or uncooperative
Distributed Belief
Need to depend on other peers
Evaluate integrity of peers and data based on peer distributed
belief
Detect which peer and what data is accurate
Detect malicious peers
Apply incentive model: if A is malicious, it will be excluded from
the network…

Trust based distributed belief model
Distributed Belief Model
Device sends a query to multiple peers
Ask its vicinity for reputation of untrusted peers that responded to the
query
Trust a device only if trusted before or if enough of trusted peers trust it
Use answers from (recommended to be) trusted peers to
determine the answer
Update reputation/trust level for all devices that responded
A trust level increases for devices that responded according to final
answer
A trust level decreases for devices that responded in a conflicting way
Each device builds a ring of trust …

A: D, where is Bob?
A: C, where is Bob?
A: B, where is Bob?
By: Anupam Joshi,
http://www.cs.umbc.edu/~joshi/
Trust model scenario

C: A, Bob is at work.
D: A, Bob is home.
B: A, Bob is home.
By: Anupam Joshi,

A:
B: Bob at home,
C: Bob at work,
D: Bob at home
A: I have enough
trust in D. What
about B and C?
By: Anupam Joshi,

A: Do you trust C?
C: I always do.
D: I don’t.
B: I am not sure.
E: I don’t.
F: I do.
A:
I don’t care what C says.
I don’t know enough about B,
but I trust D, E, and F. Together,
they don’t trust C, so won’t I.
By: Anupam Joshi,

A: Do you trust B?
C: I never do.
D: I am not sure.
B: I do.
E: I do.
F: I am not sure.
A:
I don’t care what B says.
I don’t trust C,
but I trust D, E, and F. Together,
they trust B a little, so will I.
By: Anupam Joshi,

A: I trust B and D,
both say Bob is
home…
A: Increase trust in D.
A: Decrease trust in C.
A: Increase trust in B.
A: Bob is home!
By: Anupam Joshi,

selected Pervasive Computing edited 05.pdf

More Related Content

Similar to selected Pervasive Computing edited 05.pdf

More from KelemAlebachew

Recently uploaded

selected Pervasive Computing edited 05.pdf