Pervasive computing and its Security Issues
-
Upload
phearin-sok -
Category
Technology
-
view
4.164 -
download
2
description
Transcript of Pervasive computing and its Security Issues
![Page 1: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/1.jpg)
1
Pervasive Computing
SOK PhearinDepartment of Computer Science
MBC Lab., Konkuk University
![Page 2: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/2.jpg)
2
Outline
I. Overview of Pervasive Computing
II. Architecture
III. Wireless Communication Technologies in Pervasive Computing and Security Issues
IV. Wireless Vulnerabilities
V. Conclusion
![Page 3: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/3.jpg)
3
Pervasive Computing Overview
Mark D. Weiser (July 23, 1952 – April 27, 1999)
“Ubiquitous computing names the third wave in computing, just now beginning. First were mainframes, each shared by lots of people. Now we are in the personal computing era, person and machine staring uneasily at each other across the desktop. Next comes ubiquitous computing, or the age of calm technology, when technology recedes into the background of our lives.”
“The Computer for the 21st Century” - September, 1991
![Page 4: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/4.jpg)
4
Pervasive Computing Overview
Development of computing technologies:
1st wave : Mainframe computing era
2nd wave : Personal computing era
3rd wave : Pervasive computing era(initially called ubiquitous computing)
![Page 5: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/5.jpg)
5
Integration of Information and Communications Technology (ICT) into people’s lives and environments, made possible by the growing availability of microprocessors with inbuilt communication facilities.
Goals:People OrientedImplicitly use of computersPeople will focus on task, not tool
What is Pervasive Computing
![Page 6: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/6.jpg)
6
Three converging areas of ICT components:Computing devices: communicate with each other and
act intelligently Sensors: input devices Processors: interpret and analyze data Actuators: output devices
Communications: serve pervasive computing applications
Ex. Zigbee, Bluetooth, WiFi, Wimax /LTE /3G /4G …
User Interfaces: point of contact between ICT and human Active: Users overtly control PC technologies and devices Passive: PC covertly control in the background Coercive: both Active and Passive
Pervasive Computing Components
![Page 7: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/7.jpg)
7
ArchitectureApplication
Middleware and Security Interface
Mobile Computing
Context-Aware
Affective Computing
Inte
llig
en
t C
om
pu
tin
g
Embedded Operating System
Hardware
Various applications such as Smart Room, Intelligent Navigation… can be built and used
![Page 8: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/8.jpg)
8
Not only: Heterogeneity Scalability Programming
interface
But also: Service Discovery Context-aware
ArchitectureApplication
Middleware and Security Interface
Mobile Computing
Context-Aware
Affective Computing
Inte
llig
en
t C
om
pu
tin
g
Embedded Operating System
Hardware
![Page 9: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/9.jpg)
9
ArchitectureStructure of Middleware and Security Interface
Security Mechanism
……
Extend Module
Service Description
Context-aware service
API
![Page 10: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/10.jpg)
10
Application
Middleware and Security Interface
Mobile Computing
Context-Aware
Affective Computing
Inte
llig
en
t C
om
pu
tin
g
Embedded Operating System
Hardware
Architecture
An important aspect of the difference between pervasive computing and desktop computing
![Page 11: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/11.jpg)
11
ArchitectureMobile Computing: • Automatic configuration, dynamic addressing and
tracking system• Free switch between heterogeneous networksAffective Computing is the computing that relates to,
arises from, or deliberately influences emotions. – Rosalind W. Picard
• computer science, sensor technology, psychology, physiology
• Key technologies: face recognitions, emotional signal measurements and analysisContext-aware Computing: senses environment
context and human context changes.Key technologies: Location awareness, activities
recognition
![Page 12: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/12.jpg)
12
Application
Middleware and Security Interface
Mobile Computing
Context-Aware
Affective Computing
Inte
llig
en
t C
om
pu
tin
g
Embedded Operating System
Hardware
ArchitectureHardware:
Fast processing speed Small size
Embedded Operating System: Real-time services Rational allocation
memories
![Page 13: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/13.jpg)
13
Architecture
Network Interface
I/O DeviceSensors
Real-time Embedded Operating System
Pervasive Computing Hardware
Structure of Embedded Operating System and Hardware
![Page 14: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/14.jpg)
14
Wireless CommunicationMany existing and emerging wireless
technologies serve in Pervasive Computing:
•Zigbee and Bluetooth - sensors and actuators - low energy consumption, short distances (up to 10
meters)
•Wi-Fi - devices - middle ranges (several hundreds of meters)
•Wimax /LTE /3G /4G - a home gateway to Internet - long ranges (several to tens of kilometres)
![Page 15: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/15.jpg)
15
Common vulnerabilities existing in wireless technologies:
Physical jamming
Passive eavesdropping and traffic analysis
Message injection and active eavesdropping
Message deletion and interception
Insider attacks to breach data confidentiality
Denial of service (DoS) attacks
Security Issues
![Page 16: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/16.jpg)
16
Various types of Attack to a Pervasive
Computing can:
Compromise users’ data,
Crash an entire system
Render services unavailable
Potentially lead to the loss of property
Harm users and even lives
Security Issues
![Page 17: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/17.jpg)
17
Carrier Sense Multiple Access with Collision
Avoidance (CSMA/CA)
DoS attack: Clear Channel Assessment-Jamming
Virtual carrier sense
DoS attack: Repeat forged RTS/CTS messages with
large NAV leading network slowdown
Wireless VulnerabilitiesWi-Fi MAC Protocol Attacks
![Page 18: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/18.jpg)
18
802.11 state machine
DoS attack: forge deauthentication or disassociation frames
Wireless Vulnerabilities
![Page 19: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/19.jpg)
19
Wireless VulnerabilitiesWi-Fi Security Protocol Attacks
![Page 20: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/20.jpg)
20
Wireless VulnerabilitiesWi-Fi Security Protocol Attacks
Pre-Robust Security Network Association (Pre-RSNA): security mechanisms in the IEEE 802.11-1997
Attacks on Wired Equivalent Privacy(WEP):Shared Key management – key can be easily obtained
from the attackersWeak RC4 encryption implementation – key can be
easily broken by the brute force attack
![Page 21: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/21.jpg)
21
Wireless Vulnerabilities
Robust Security Network Association (RSNA):
security mechanisms in the IEEE 802.11-2007,
consisting of 3 security algorithms:
Data confidentiality and integrity protocols
RSNA security association management
key management procedures
![Page 22: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/22.jpg)
22
Wireless VulnerabilitiesAttacks on RSNA
• Security level rollback attack: “Pre-RSNA only”
beacons to force the network to use WEP
• EAP attack: forged association requests - disconnect
legitimate users.
• Four-way handshake DoS attack: forged first
unauthenticated message - parallel incomplete
Handshakes - exhaust queue space
![Page 23: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/23.jpg)
23
Wireless VulnerabilitiesAttacks on RSNA (Cont.)
• RSN IE poisoning: fake beacons - fail at stage 3
• Reflection attack against four-way handshake:
transmitted data sent back to originator .
• Dos attack against TKIP: intercepted and modified
packet - AP and the client suspend their
communication
![Page 24: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/24.jpg)
24
Confidentiality, Integrity, and Availability (CIA)
are essential to pervasive computing applications
since sensitive and real-time information may
flow over any type of wireless links
Many challenges and attacks have been proved.
Each operation and policy should be carefully
examined against any possible attacks.
Conclusion
![Page 25: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/25.jpg)
25
Liu, Y. & Li, F., PCA: A Reference Architecture for Pervasive Computing, 2006 1 st International Symposium on Pervasive Computing and Applications, IEEE 04079121
Zhou, B, Marshall, A. & Lee, T. H., Wireless Security Issues in pervasive computing, 2010 Fourth International Conference on Genetic and Evolutionary Computing, IEEE 05715481
2006, Pervasive Computing, Parliamentary Office of Science and Technology
Reference
![Page 26: Pervasive computing and its Security Issues](https://reader036.fdocuments.in/reader036/viewer/2022062702/554a1cbeb4c90507558b5763/html5/thumbnails/26.jpg)
26
Thank You