Slide 1IntroductionIntroductionSolutions availableIn depth classificationIn depth classificationContext privacyContext privacy Virtual WallAnonymous Tasking Mist RoutingAnonymous Tasking Mist RoutingAnonymous Tasking Mist RoutingAnonymous Tasking Mist RoutingAnonymous Tasking Onion Router mechanismAnonymous Tasking Onion Router mechanismAnonymous Tasking Onion Router mechanismAnonymous Tasking Onion Router mechanismAnonymous Tasking Onion Router mechanismAnonymous Tasking Hidden credentials methodAnonymous Tasking Hidden credentials methodAnonymous Tasking Hidden credentials MethodAnonymous Tasking Hidden credentials MethodAnonymous Data ReportingSlide 23Slide 24Data Integrity Reliable Data ReadingsSlide 26Slide 27Slide 28Slide 29Slide 30Data Integrity Data Authenticity LeapData Integrity Data Authenticity LeapData Availability FairnessData Availability FairnessData Availability participationConclusionMistakes done so far During first few weeksReferencesReferencesSurvey: The Urban Security and Privacy challengesPresented ByVignesh SaravanaperumalEEL 6788IntroductionUrban sensing: Risk Possessed:•Confidentiality and Privacy•Integrity•AvailabilityTraffic pattern Observed:•Continuous Monitoring – Health care application•Event Driven - Environmental apps •Query Driven - Context aware queriesGeneral Architecture observed• Server Tier• SAP Tier• Sensor TierIntroductionDifference between wireless sensor network and urban sensingSensor Networks W/O Urban sensingSensor Networks with Urban sensingSolutions available•Virtual Wall •Onion Routing Mechanism•Mist Routing•Hidden credentials method•Hot-Potato-Privacy-Protection Algorithm•Mixed-behavior models in multi-party computation•Multicast Authentication Scheme Confidentiality and PrivacyIntegrityIn depth classificationConfidentiality and Privacy•Context Privacy•Anonymous Tasking•Anonymous Data ReportingQSSQVirtual Wall Hot-Potato-Privacy-Protection Algorithm•Task specific users without knowing their current location•Trust Negotiation• Mist , Onion Routing•Hidden credential MethodIn depth classificationIntegrityReliable Data readingData authenticityAvailability:Fairness and Participation Mixed-behavior models in multi-party computationMulticast Authentication SchemeFree Rider ProblemContext privacyDigital footprintsTypes of Footprints:•Personal•General•Empty Information about users derived from sensorsTransparent wall Translucent wall Opaque wallContext privacyVirtual WallAnonymous Tasking Mist RoutingObjective: •Location privacy•Anonymous connections•ConfidentialityThis privacy protocol prevents insiders, system administrators and even the system itself from tracking users and detecting their physical locationThey do this by conceal the identity and location of communicating parties by rerouting packets among themselves using hop-to-hop handle-based routing.Anonymous Tasking Mist RoutingMist:Mist Routers are Hierarchical Structure based•Portal:•Mist Router – leaf node•Knowledge of user’s positions but not user’s ID•Lighthouse:•Mist Router – Portal’s ancestor •Knowledge of user’s ID but not user’s physical positionAnonymous Tasking Mist RoutingMist Circuit establishmentLocating Users•Web ServersAnonymous Tasking Mist RoutingMist communication setupAnonymous TaskingOnion Router mechanism•Messages are constantly encrypted and then sent through several network nodes called onion routers which creates a circuit of nodes. •Each onion router removes a layer of encryption with its symmetric key to reveal routing instructions, and sends the message to the next router where this is process is repeated. •“onion router” - It prevents these intermediary nodes from knowing the origin, destination, and contents of the message. It knows only know the successor or predecessor but not any other Onion Router.•Tor is a distributed overlay network which anonymizes TCP-based applications (e.g. web browsing, secure shell, instant messaging applications.)•Message are put in cells and unwrapped at each node or onion router with a symmetric key.Anonymous Tasking Onion Router mechanism•The sender picks nodes from a list provided by a special node called the directory . The chosen nodes are ordered to provide a path through which the message may be transmitted; this ordering of the nodes is called a chain or a circuit.•Using a symmetric key cryptography, the sender uses the public key of each chosen node to wrap the plaintext message in the necessary layers of encryption: The public keys are retrieved from an advertised list or by on-the-spot negotiation for temporary use, and the layers are applied in reverse order of the message's path from sender to receiver; with each layer, the client includes information for the corresponding node regarding the next node to which the onion should be transmitted.•As the onion passes to each node in the chain, a layer of encryption is peeled away by the receiving node (using the private key that corresponds to the public key with which the layer was encrypted), and then the newly diminished onion is transmitted to then next node in the chain.•The last node in the chain peels off the last layer and transmits the original message to the intended recipient.Anonymous TaskingOnion Router mechanism•Client proxy establish a symmetric session key and circuit with Onion Router #1Anonymous TaskingOnion Router mechanism•Client proxy extends the circuit by establishing a symmetric session key with Onion Router #2•Tunnel through Onion Router #1Anonymous TaskingOnion Router mechanism•Client proxy extends the circuit by establishing a symmetric session key with Onion Router #3–Tunnel through Onion Routers #1 and #2Anonymous TaskingHidden credentials method•A complex policy is an expression of one or more simple policies which must be satisfiedto decrypt a resource.•A simple policy is the pair (attr; Pub) where attr is a set of one or more attributes (notincluding identity) and Pub is the public key of the credential authority (CA) needed to verify those attributes.•Credential is a tuple (nym; attr; Pub; sig) where nym is the (pseudo-)identity of the credential holder. (attr; Pub) form a simple policy, and sig is the signature on both attr and nym made with the secret key corresponding to the public key Pub.•Based on Identity Based EncryptionIBE is a public-key encryption system in which an arbitrary
View Full Document
Unlocking...