An Engineering for Security Touchy Pervasive Processing.

Uploaded on:
Make new sorts of omnipresent registering applications that can accumulate and convey ... Companions, Family. Over-security. Social commitments. Humiliation ...
Slide 1

An Architecture for Privacy-Sensitive Ubiquitous Computing By: Cindy Nguyen University Central of Florida Professor: Dr. Lotzi Bölöni Class: EEL6788 Date: Feb 15, 2010

Slide 2

Introduction System Requirements CONFAB System Architecture Evaluation Conclusion Related Work Future Work Outline

Slide 3

Presents Significant advances : Wireless systems Sensors Devices of all structure variables. Make new sorts of omnipresent processing applications that can accumulate and impart data at extraordinary levels, all progressively. Presentation Find a Friend Call E911

Slide 4

The issue – Privacy Risks : The same advances likewise make new protection dangers. Security is a troublesome outline issue that is turning out to be progressively critical as we push into universal processing situations. Ordinary Risks Extreme Risks Friends, Family _________________________________ Over-assurance Social commitments Embarrassment Employers _________________________________ Over-observing Discrimination Reputation Government __________________________ Civil freedoms Stalkers, Muggers _________________________________ Well-being Personal security Introduction

Slide 5

The reasons requirement for protection in universal registering : Privacy concerns exist wherever interestingly identifiable information identifying with a man or people are gathered and put away, in computerized structure or something else. Now and again these worries allude to how information is gathered, put away, and related. In different cases the issue is who is offered access to data. Engineers presently have little backing in planning programming structures Creating collaborations that are powerful in consummation clients deal with their security. Presentation

Slide 6

The larger part of past work on protection : Providing namelessness Keeping individual data Messages mystery From programmers, governments, and faceless partnerships. While obscurity and mystery are plainly essential, they just address a moderately limit part of security and don\'t cover the numerous circumstances in regular life where individuals would like to impart data to others. Past Work

Slide 7

The issue is that it is still hard to plan and actualize security delicate ubicomp applications. Past work, for example, The PARCTab framework The Context Toolkit iROS Provide support for building ubicomp applications, yet don\'t give components to overseeing security. Thus, framework designers have little direction or programming support in making models and UIs that are compelling in consummation clients deal with their security. Past Work

Slide 8

To address the security issue : Confab , a toolbox for encouraging the advancement of protection delicate pervasive processing applications. Confab gives a system and an extendable suite of security components that permit designers and end-clients to bolster a range of trust levels and protection needs. Where individual data is caught, put away, and prepared on the end-client\'s PC however much as could be expected. Security Solution

Slide 9

Confab encourages the making of three essential collaboration designs for protection delicate applications Optimistic - where an application offers individual data and identifies manhandle of course Pessimistic - where it is more vital for an application to avoid mishandle Mixedinitiative - where choices to share data are made intelligently by end-clients. CONFAB System Requirements

Slide 10

Optimistic - permit more prominent access to individual data yet less demanding to recognize mishandle sometime later with logs and notices. For instance: AT&T mMode\'s Find Friends [1] gives a notice every time a companion demands your area. Hopeful access control is helpful in situations where openness and accessibility are more essential than complete assurance. Idealistic access control is likewise less demanding to use, since it is troublesome for individuals to foresee the majority of the conceivable use situations they may wind up in, and therefore the greater part of the vital authorizations. CONFAB System Requirements Call E911

Slide 11

Pessimistic - end-clients set up inclinations already to anticipate manhandle , setting strict necessities on when individual data can stream to others. Blended activity - end-clients are hindered when somebody asks for their own data and must settle on a choice without even a second\'s pause. A case is picking regardless of whether to answer a telephone call given the character of the guest. CONFAB System Requirements

Slide 12

End User Needs Clear esteem recommendation Simple and suitable control and criticism Plausible deniability Limited maintenance of information Decentralized control Special exemptions for crises Application Developer Needs Support for idealistic, negative, and blended activity applications Tagging of individual data Mechanisms to control the entrance, stream, and maintenance of individual data Mechanisms to control the exactness of individual data uncovered Logging CONFAB System Requirements Alice\'s Location Bob\'s Location

Slide 13

Confab gives a structure to pervasive registering applications : Where individual data is caught, put away, and prepared on the end-client\'s PC however much as could reasonably be expected. This gives end-clients a more noteworthy measure of control and decision than past frameworks over what individual data is uncovered to others. CONFAB System Architecture

Slide 14

CONFAB High-Level Architecture Capture, store, and process individual information on my PC however much as could be expected (portable workstations and PDAs) Provide more prominent control and criticism over sharing

Slide 15

Usage Scenario Confab\'s Data Model Confab\'s Programming Model Extensions for Location Privacy Implementation CONFAB System Architecture

Slide 16

Scenario 1 – Find Friend Alice\'s work environment has set up another server that representatives can use to impart their area data to each other. Workers can share their area data by transferring overhauls to the server at the level they seek, for instance at the room level, at the floor level, or just "in" or "out". To relieve protection concerns, the server is additionally set up to give warnings to a man at whatever point their area is questioned, and to acknowledge inquiries just if the requestor is physically in the same building. Situation 2 – Mobile Tour Guide Alice is going by Boston surprisingly and needs to know more about the neighborhood. She as of now claims an area empowered gadget, so she should simply discover an administration that offers an intuitive area upgraded visit guide and connection her gadget to it. She looks online and finds an administration named Bob that offers such visit guides for various significant urban areas. She chooses to download it and give it a shot. City Level Neighborhood Level Street Level Usage Scenario Find a Friend Call E911

Slide 17

Usage Scenario Confab\'s Data Model Confab\'s Programming Model Extensions for Location Privacy Implementation CONFAB System Architecture

Slide 18

For instance : Confab\'s information model is utilized to speak to relevant data, for example, one\'s area or movement. Individuals, spots, things, and administrations (elements) are relegated infospaces , system addressable sensible stockpiling units that store connection information about those substances Confab\'s Data Model Figure 1. An infospace (spoke to by mists) contains logical information around a man, spot, or thing. Infospaces contain tuples (squares) that portray singular bits of logical information, for instance Alice\'s area or PDA-1138\'s proprietor. Infospaces are contained by Infospace servers (adjusted rectangles).

Slide 19

A man\'s infospace may have static data, for example, their name and email address, and in addition dynamic data, for example, their area and movement. Confab\'s Data Model Table 3. Confab underpins various types of setting information. Static connection information does not change or changes gradually, while dynamic setting information changes regularly. Inborn setting information speaks to data about that element itself, while outward connection information speaks to data around an element in relationship to another substance.

Slide 20

For instance: Confab\'s Data Model < ContextTuple dataformat =" " datatype ="location" description="location of a substance" entity-link="" entity-name="John Doe" timestamp-created="2003.Feb.13 16:06 PST"> <Values> <Value esteem ="523"/> </Values> <Sources> <Source datatype ="location" link="http://localhost/map.jsp" source="Location Simulator" timestamp="2003.Feb.13 16:06 PST" value="523"/> </Sources> < PrivacyTags > <Notify value=""/> < TimeToLive value="1 day"/> < MaxNumSightings value="5"/> < GarbageCollect > <Where requestor-location="not "/> </GarbageCollect > </PrivacyTags > </ContextTuple > Figure 2. An illustration tuple. Tuples contain metadata depicting the tuple (e.g., dataformat and datatype), one or more values, one or more sources portraying the historical backdrop of the information and how it was changed, and a discretionary security tag that depicts an enduser\'s protection inclinations.

Slide 21

Usage Scenario Confab\'s Data Model Confab\'s Programming Model Extensions for Location Privacy Implementation CONFAB System Architecture

Slide 22

Methods and Operators : Confab\'s Programming Model Table 4. Confab gives a few inherent administrators. Administrators can be added or evacuated to redo what individual data a tuple contains and how it streams to others.

Slide 23

The two Enforce Privacy Tags administrators are utilized to put the inclinations indicated in protection labels energetically. The out-administrator adaptation

View more...