Date post: | 19-Dec-2015 |
Category: |
Documents |
View: | 218 times |
Download: | 2 times |
Service Discovery in Pervasive Computing
Environments
Matt MutkaDept. of Computer Science & Engr.Michigan State UniversityEast Lansing, Michigan [email protected]
2
Outline
Supermedia Networking not today’s main topic
Service Discovery in Pervasive Computing Environments today’s main topic
The “Master Key”
3
Collaborators
Lionel Ni (HKUST) Ning Xi (MSU ECE), Ranjan Mukherjee (MSU ME) Students
Feng Zhu, Zhiwei Cen, Amit Goradia, Michael Huntwork, Clayton Haffner, Chad Klochko
4
Supermedia - The Idea!Supermedia - The Idea!
Robots
Sensors
USA
Japan
Hong Kong
Internet
Commands
Video, Haptic & Temperature
Internet
Video, Haptic & Temperature
Internet
Commands
Internet
Non-contact Temperature Sensor
Force/Torque Sensor
Temperature Rendering Device
6
Internet Based Tele-cooperationInternet Based Tele-cooperation
USA
Japan
Hong Kong
Internet
Internet
7
Outline
Supermedia Networking Service Discovery in Pervasive
Computing Environments The “Master Key”
9
Network Services Everywhere
Office
Location-based service
Mobile Commerce
Mobile entertainment
Home
10
Why Service Discovery? Traditional Distributed Service Access
Administrative overhead DNS and DHCP servers Driver installation/update Manually configure server name and port number
Difficult to handle partial failure Device, service, network failure
Users are interested in services not administration Service discovery facilitates service usage towards
zero administration Especially important in pervasive computing
environments Manual configuration is impossible
11
Some Service Discovery Protocols
Jini – Sun Microsystems UPnP – Microsoft Rendezvous – Apple Computer Salutation – Salutation Consortium Bluetooth – Bluetooth SIG SLP – IETF INS and INS/Twine – MIT SSDS – UC Berkeley Deapspace – IBM research
14
New Challenges
Services at a place belong to different owners User mobility Service mobility Many user identities for different user roles
If no identity is required, access control is violated If service discovery is device-based, access
control may be violated If an identity is required, difficult to implement on
devices, usability problems, possibly miss opportunities
15
Dark Side
Users expose personal information of devices one is carrying to other users
Users expose service request information
Services expose information of the domains provided
Exposed devices have increased potential for attacks: man-in-middle, replay, DOS, SPAM, …
16
Our Goals Maintain the good usability of service discovery Protecting Sensitive Information
As an owner Control services Protect service information Protect owner’s presence information
As a user Protect identities Protect service queries Protect user’s presence information
No existing secure service discovery protocol meets these requirements so far
17
Status quo – 4 Approaches
Insecure service discovery Apply traditional access control solutions
UPnP Security Trusted central servers
Secure Service Discovery Service (SSDS) Automated service provider discovery and
credential management PrudentExposure
18
UPnP Security Support various authorization methods
Access control lists, authorization servers, authorization certificates, and group definition certificates
Generic method to differentiate an owner’s devices from others Example: Bob discovers his MP3 player Service accesses are limited to device owners Inefficient Privacy problem
Existing Secure Service Discovery Protocols
19
Existing Secure Service Discovery Protocols (cont’d)
SSDS Many built-in security features
Authentication, authorization, data and service privacy, and integrity Manage services centrally
Enterprise environments Example
Why centralized approaches are not fit pervasive environments For users
Exposes personal services to central servers? Which user role?
For directories (servers) Accepts any service registrations? Who manages access control?
20
Existing Secure Service Discovery Protocols (cont’d)
User Service provider
Matched code word
Code word using another hash function
Message 1:
Each bit represents a code word
Message 2:
00 00 0 0 0 0 0111111
00 00 0 0 0 0 011 0 0 0 0
User Service provider
PrudentExposure Software manages a user’s credentials Users and service providers exchange code words
21
A Chicken-and-egg Problem
From users’ point of view Interact with necessary service providers Ideally, service providers expose their information
first From service providers point of view
Interact with legitimate users Hiding by not responding Ideally, users expose their information first
23
The Progressive Approach
Strategy Progressively expose partial information
Predictable exposure The problem is false positive matches
Predictable overhead Protect sensitive information
Only expose to legitimate parties
24
Protect Sensitive Information from Illegitimate Parties
Protect identities via code words Protect service information via encryption
HMAC using MD5
Time variant parameter Shared secret
HMAC using SHA1Code word
One-time secret
... 000 ...00 111
For the 1st messageFor the 2nd message
For the Kth message
For the 1st message
For the Kth message
bytebyte...bytebytebyte
For the 2nd message
25
Basic Protocol
Check code word bits Check service info bits
Check code word bits Check service info bits
Send code word bits Send service info bits
Send code word bits Send service info bits
26
Predictable Exposure
p(user)
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
0 1 2 3 4 5 6 7 8 9
10
11
12
13
Number of bits exchanged after 1st message
p(n
ot
us
er|
ma
tch
)
0.001
0.002
0.004
0.008
0.016
0.032
0.064
0.128
0.256
0.512
0.75
)| ( matchusernotp) |( usernotmatchp
)(userp
27
Predictable Exposure Cont’d
p(service)
00.10.20.30.40.50.60.70.80.9
1
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
Number of bits exchanged after the 1st message
p(n
ot
se
rvic
e|m
atc
h)
0.0010.0020.0040.0080.0160.0320.0640.1280.2560.5120.75
)| ( matchservicenotp )(servicep) |( servicenotmatchp
services#
services 320 hasprovider service A
28
Experiments
Compaq iPAQs ARM SA1110 206 MHz processor 64MB RAM An expansion pack D-Link DCF-650W wireless card 802.11 ad hoc mode and 2Mbps Microsoft eMbedded Visual C++ 3.0 Microsoft PocketPC 3.0
Average time of 100 experiments
30
Outline
Supermedia Networking Service Discovery in Pervasive
Computing Environments The “Master Key”
31
Entity Authentication
Keys – the most common form 4000 years of history since
ancient Egypt Today we also use
Magnetic stripe cards Smart cards RFID tags Remote Keyless Entry systems
(RKE) Other tokens
32
Traditional Master Keys
Picture from: M. Blaze, "Rights Amplification in Master-Keyed Mechanical Locks," IEEE SECURITY & PRIVACY, vol. 1, pp. 24-32, 2003
One key opens many locks Convenient
Delegation problem Revocation problem
33
Multiple Access Tokens
No delegation & revocation problems Improved usability
Lock & unlock a car, RKE Unlock a hotel door, magnetic stripe cards
Difficult to manage if too many
34
The Master Key
Aggregate all digital credentials
Automatically supply credentials
Advantages of the traditional master keys and multiple access tokens One device No revocation problem No delegation problem
Potential Master Key devices
35
Presentation Outline
Related work The Master Key design System analysis and evaluation Discussion Conclusion and future work
36
Magnetic Stripe Technology
Since early 1960s Widely used
Bank cards Hotel room locks
Not secure enough Loss due to counterfeit
cards in UK is £130 million in 2004
37
Smart Cards
Since late 1960s Processing capability
and storage capacity Secure! (Cryptography) Contact & contact less Wide application
Prepaid transit cards ID cards Health cards Passports
38
RFID Tags
Passive ID tags are vulnerable No processing
capabilities for cryptography
Example, MIT card
39
Remote Keyless Entry Systems
Widely used on cars and garage-doors
Limited security A “rolling code” for
authentication
40
iButtons
Secure Wide application
Keys E-cash Asset management
devices Example
200,000 iButton owners accessing 10,000 buildings in New York
41
Other Related Work
Public key operations are possible on tiny devices, Berkeley/Crossbow Mica2 mote
Location-based or proximity-based authentication Zero-Interaction Authentication (ZIA) Biometric recognition: fingerprint, iris, hand
geometry, and voice recognition Personal Servers as digital keys
42
Presentation Outline
Related work The Master Key design System analysis and evaluation Discussion Conclusion and future work
43
Discover Locks
The Master Key
LockLock Lock
1
1 1
2 3
1. Broadcast message: any lock in this set nearby?2. Unicast message: this lock is nearby.3. Unicast message: this is the key.
Many locks and keys Automatically find a key via discovery
44
Private Authentication
Key – lock pairs speak code words No explicit identities exchanged
Code word 1
Code word 2
46
Code Word Length
Partial code word The few bits the
less exposure –privacy
The more bits the less false positive overhead
47
The Master Key Protocols
Mutual authentication in 3 messages TVPs are challenges
Exposure order can be changed Keys expose first or locks expose first
The Master Key Lock
1. TVP1 + code words (TVP1)
2. The last bit of the matched code word + another code word (TVP1) + TVP 2
3. Code word (TVP2)
49
Performance Measurements
The Master Key Compaq iPAQ, 206 MHz processor, 64MB RAM,
and a D-Link DCF-650W wireless card A Lock
Dell AXIM X5, 400 MHz processor, 64MB RAM, and a Dell TrueMobile 1180 wireless card
0.5 second to unlock in a extreme case The Master Key specifies 820 code words and the
lock has 500 key owners.
50
Discussion
Susceptible to the mafia fraud attack May not have countermeasures by cryptography
alone May use location information Transmission time Multiple channels
Securing the Master Key is critical
52
Summary
Secure and Private Service Discovery Protect sensitive information
Protect service information, presence information, identities, service queries
Support multiple coexisting domains Help users to supply correct identities The Master Key, single device for various
entity authentication
53
Recent papers-Supermedia M. Huntwork, A. Goradia, N. Xi, C. Haffner, C. Klochko and M. Mutka, ``Pervasive Surveillance Using a Cooperative
Mobile Sensor Network,'' Proceedings of IEEE International Conference on Robotics and Automation (ICRA 2006), May 2006.
A. Goradia, Z. Cen, C. Haffner, N. Xi, and M. Mutka, ``Design, Implementation and Performance Analysis of Pervasive Surveillance Networks,'' Proceedings of the 19th International FLAIRS Conference (FLAIRS 2006), May 2006.
Z. Cen, M. W. Mutka, Y. Liu, A. Goradia, and N. Xi, ``QoS Management of Supermedia Enhanced Teleoperation via Overlay Networks,'' Proceedings of IEEE International Conference on Intelligent Robots and Systems (IROS 2005), August, 2005.
A. Chobanyan, M. Mutka, Z. Cen, N. Xi, "One Way Delay Trend Detection for Available Bandwidth Measurement," Proceedings of IEEE Globecom 2005, November, 2005.
Z. Cen, M. W. Mutka, Y. Liu, A. Goradia, and N. Xi, "QoS Management of Supermedia Enhanced Teleoperation via Overlay Networks," Proceedings of IEEE International Conference on Intelligent Robots and Systems (IROS 2005), August, 2005.
A. Goradia, Z. Cen, N. Xi, and M. W. Mutka, "Modeling and Design of Mobile Surveillance Networks Using a Mutational Analysis Approach," Proceedings of IEEE International Conference on Intelligent Robots and Systems (IROS 2005), August, 2005.
A. Goradia, N. Xi, M. Prokos, Z. Cen, and M. W. Mutka, "Cooperative Multi-Target Surveilance Using a Mutational Analysis Approach," IEEE/ASME International Conference on Advanced Intelligent Mechatronics (AIM 2005) July, 2005.
A. Chobanyan, M. W. Mutka, V. S. Mandrekar, and N. Xi, Modeling Available Bandwidth for an Efficient QoS Characterization of a Network Path,'' Proceedings of NETWORKING 2005, May, 2005.
Z. Cen, M. W. Mutka, D. Zhu, and N. Xi, ``Supermedia Transport for Teleoperations over Overlay Networks,'' Proceedings of NETWORKING 2005, May, 2005.
Z. Cen, A. Goradia, M. .W. Mutka, N. Xi, W.-K. Fung, and Y-H. Liu, ``Improving the Operation Efficiency of Supermedia Enhanced Internet Based Teleoperation via an Overlay Network,'' Proceedings of IEEE International Conference on Robotics and Automation (ICRA 2005), April, 2005.
54
Recent papers - Secure, Private Service Discovery F. Zhu, M. Mutka and L. Ni, ``A Private, Secure and User-centric Information Exposure Model
for Service Discovery Protocols,'' IEEE Transactions on Mobile Computing, vol 5, no. 4, April 2006.
F. Zhu, M. W. Mutka and L. Ni, ``The Master Key: A Private Authentication Approach for Pervasive Computing Environments,'' Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom2006), March 2006.
F. Zhu, M. W. Mutka and L. Ni, ``Service Discovery in Pervasive Computing Environments,'' IEEE Pervasive Computing. vol. 4, no. 4, pp. 81-90, October-December, 2005.
F. Zhu, M. Mutka and L. Ni, ``Facilitating Secure Ad hoc Service Discovery in Public Environments,'' Journal of Systems and Software, vol. 76, no. 1, pp. 45-54, April 2005.
F. Zhu, W. Zhu, M. Mutka and L. Ni, ``Expose or Not? A Progressive Exposure Approach for Service Discovery in Pervasive Computing Environments,'' Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom2005), March 2005.
F. Zhu, M. Mutka and L. Ni, ``PrudentExposure: A Private and User-Centric Service Discovery Protocol,'' Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom2004), pp. 329-338, March 2004.
F. Zhu, M. Mutka and L. Ni, ``Facilitating Secure Ad hoc Service Discovery in Public Environments,'' Proceedings of IEEE Computer Software and Applications Conference (COMPSAC 2003), pp. 433-438, November, 2003.
F. Zhu, M. Mutka and L. Ni, ``Splendor: A Secure, Private, and Location-aware Service Discovery Protocol Supporting Mobile Services,'' Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom2003), pp. 235-242, March, 2003.