Professional Documents
Culture Documents
What time you go to bed, get up What time you leave for, come from work That you have a brand new $5,000 plasma TV Your password to your computer The combination to your safe All your important numbers
Introduction
Smart environment (space) - extensively equipped sensors, actuators, computing Exploit combinations of small distributed sensing & computational nodes to identify & deliver personalized service User interacts & exchanges information with environment * Must be secure, private, trustworthy *
3
Vast amount of personal information What about safety? These issues may delay or stop acceptance of smart environments Cost + less privacy
3.
4.
Ubiquity: everywhere Invisibility: users won't know when they are "using" a computer Sensing: inputs everything you do & say Memory Amplification: all can be stored, queried, replayed * Sounds like a "bad" sci-fi movie! *
5
Today, can often see boundaries RE: security, privacy, trust - can identify end points; i.e. who get information Smart Environment
Don't know what's collected Don't know where it goes End points not visible
6
Technology Categories
1.
Window open or closed Sensed information vs. supplied e.g. computer, air conditioner
2.
3.
4.
Security
Need same as other computer systems, network Ensure information is not stolen, modified, access denied Respect privacy Trustworthy interactions Can "system" become an unwitting spy? What about visitors?
8
Terminology
Security: confidentiality, integrity, availability Confidentiality: protecting information/service from unauthorized access Integrity: protecting information/service from unauthorized changes (errors) Availability: ensure information/service remains accessible
9
More on Security
Still
Hard to locate malicious mobile users Invisible - hard to secure network, can't see Denial-of-service attacks
11
Device Security
Device arrives from unknown domain Has device been altered? Theft - not just device Can malicious user masquerade as sensor? Limited battery life - intentionally run down
12
Privacy
Personalization of environment contributes to privacy problems Lot of information collected; subject to misuse 1984 - George Orwell - Big Brother
13
Terminology
Privacy: individuals* ability to determine when, how & what information is communicated to others
Protecting private information * Includes organizations Set & enforce rules How managed is adaptively based on changes in disclosure & location (mobility)
14
4.
Openness/transparency - no secret records Individual participation - can see records Collection limits - appropriate collection Data quality - accurate & relevant
15
Principles #2
5.
6.
7.
Use limits - only for specified purpose & authorized users Appropriate security - reasonable efforts Accountability - record keepers
Not a one-way responsibility (system to user) in smart environments User must be aware
16
From W3C - consortium Aims to define open standards for web sites to enhance user control User can describe own privacy preferences Aimed at e-commerce So far, not adapted to smart environments
Privacy Guidelines
1. 2.
Based on principles & accidental invasion of privacy Notice: make user aware, awareness infrastructure Choice & consent:
Get explicit consent Once notified, allow user to choose to participate Invisible vs. less invisible Natural vs. less natural
hide user identity Contrary to "personalization"
3.
Privacy Guidelines #2
4.
Related to filtering & multicasting Information only distributed to those in guidelines Encryption vs. small devices Use encryption wisely Good practice in collection & distribution of data
19
5.
Adequate security
6.
Trust
Not well defined How can you trust a mobile entity when you may not even know them? Cryptography protects data, privacy but who do you communicate with? Consider in your smart home
Your kids friends A repairperson The date of your friend who comes to a party
20
Trust
Traditional security doesn't really cover the smart environment Identification & Authentication
21
Terminology
Trust: difficult to define Subjective: depends on context Linked to risk, benefits Intransitive
Trust Aspects
System Trust: system measures in place to encourage successful interactions Dispositional Trust: expectations of the trustworthiness of others Situational Decision to Trust: situation specific nature of trust & formation of trust to an entity Trust is emotional; emotion modeling not well understood
23
A unified approach to specifying & interpreting security policies, credentials, & relationships that follow direct authorization of security-critical actions (Blaze)
Viewed as assignment of privileges e.g. PolicyMaker, KeyNote e.g. (extension) REFEREE Trust Management System
Inflexible, credential problems
24
Based on utility, risk, importance Formulas for trust values [-1, 1) Very limited; not fully inclusive
Abdul-Rahman
Decentralized trust management Incorporates trust levels & dynamics Based on reputation, recommendations, & experience (of truster)
25
New Approaches #2
Josang
Based on subjective logic & subjective beliefs Involves propositional logic, probability, consensus Dynamics of trust in light of personal experience Trust-negative & trust-positive evidence
26
New Approaches #3
Trust management must be evaluated/analyzed SULTAN - Simple Universal Logic-oriented Trust Analysis Notation Includes trust establishment, analysis, risk, specification General trust model Allows for application specific domains Based on historical behavior
27
SECURE Project
Other issues
28