Security and Privacy Concern in Remote Personal Device Management Framework
Download
1 / 29

Health Management Scenario - PowerPoint PPT Presentation


  • 100 Views
  • Uploaded on

Security and Privacy Concern in Remote Personal Device Management Framework. Hailiang Mei [email protected] Outline. Background of RPDM Why RPDM is important Security threat Attack tree model and threat analysis Examining current RDM systems SNMP, VNC, MRDP, Web-based

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Health Management Scenario' - Jims


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Outline
Outline Management Framework

  • Background of RPDM

    • Why RPDM is important

  • Security threat

    • Attack tree model and threat analysis

  • Examining current RDM systems

    • SNMP, VNC, MRDP, Web-based

  • Design of RPDM framework

    • Based on SyncML DM

  • Conclusion and future work


Background of rpdm
Background of RPDM Management Framework

Self observes problem

+ Remote diagnosis

+ Remote Repair

Remote server can be within local network or at service provider’s site


Why rpdm is important
Why RPDM is Important? Management Framework

  • Recent studies show that there are at least 4 times as many electronic machines in the world as there are people.

    • This gap is still increasing fast

    • New devices require maintenance, but personnel are expensive

  • An online survey shows 57% users feel befuddled by their computer, mobile phone, home security system, etc.


Outline1
Outline Management Framework

  • Background of RPDM

    • Why RPDM is important

  • Security threat

    • Attack tree model and threat analysis

  • Examining current RDM systems

    • SNMP, VNC, MRDP, Web-based

  • Design of RPDM framework

    • Based on SyncML DM

  • Conclusion and future work


Attack tree model

We are going to prevent Management Framework

Attack Tree Model


Threat analysis one example

Security requirement Management Framework

Threat Analysis (one example)

Vulnerability Rating (VR): A Probable; B Highly Possible; C Possible; D Unlikely; E Impossible.


Outline2
Outline Management Framework

  • Background of RPDM

    • Why RPDM is important

  • Security threat

    • Attack tree model and threat analysis

  • Examining current RDM systems

    • SNMP, VNC, MRDP, Web-based

  • Design of RPDM framework

    • Based on SyncML DM

  • Conclusion and future work


Evaluation factors
Evaluation Factors Management Framework

  • System load & Network load

    • criteria related to performance

  • Expressive power

    • indicates the generalization of the technique

  • Device IQ

    • defines how intelligent the target device is when it is being managed

  • Security

    • the most important concern



Virtual network computing
Virtual Network Computing Management Framework


Virtual network computing1
Virtual Network Computing Management Framework


Web server
Web Server Management Framework

  • The device runs a small web server application

  • A service runs on the device to generate run-time HTML file

  • The remote terminal manager access the device via the web browser and execute scripts on the device


Web server example
Web Server (example) Management Framework


Syncml dm oma

Inside client Management Framework

Server

WAP

client

root

client

DM protocol

proprietary

proprietary

Vendor

SyncML

upgrade

client

  • Data Synch protocol

  • Add

  • Get

  • Replace

  • Exec

X*

Logical tree for addressing purposes.

In scope of DM standard!

OMA DM

SyncML DM (OMA)

Over the air


Syncml dm oma1

OMA DM Management Framework

SyncML DM (OMA)

  • Server

    <Get>

    <CmdID>4</CmdID>

    <Item>

    <Target>

    <LocURI>Vendor/Ring_signals/Default_ring</LocURI>

    </Target>

    </Item>

    </Get>

  • Client

    <Results>

    <CmdRef>4</CmdRef>

    <CmdID>7</CmdID>

    <Item>

    <Data>MyOwnRing</Data>

    </Item>

    </Results>


Comparison of rdm systems

Evaluation factor Management Framework

Weight

SNMPv3

VNC

Web-based

RDP

SyncMLDM

System load

20%

+/-

-

-

-

+/-

Network load

20%

+

-

+/-

+/-

+/-

Expressive power

25%

-

+

+/-

+

+

Security

25%

+

-

+

+/-

+

Device IQ

10%

+

-

+/-

-

+

Equal weight score

20% each

0.4

-0.6

0

-0.2

0.6

Weighted score

0.3

-0.5

0.05

-0.05

0.6

OMA DM

Comparison of RDM Systems

*We define “+”=1, “+/-”=0 and “-”=-1 to calculate the overall performance score


Outline3
Outline Management Framework

  • Background of RPDM

    • Why RPDM is important

  • Security threat

    • Attack tree model and threat analysis

  • Examining current RDM systems

    • SNMP, VNC, MRDP, Web-based

  • Design of RPDM framework

    • Based on SyncML DM

  • Conclusion and future work


Rpdm overview

  • Security Management Framework

  • Privacy

  • Performance

RPDM Overview



Connection manager
Connection Manager Management Framework


Authentication manager
Authentication Manager Management Framework

  • PKI based authentication

  • MD5 digest authentication

    • Digest = H(B64(H(serverrname:password)):nonce)

  • PKs database itself is a Mobj, and it can be managed as well if the access right is granted. E.g. a trusted management server can introduce a new management server by adding its public key or its hashed name string into the PKs database.


Access control list tree
Access Control List Tree Management Framework

  • Each node (object) is identified by an URI

  • Each node has a set of properties

  • This tree can be extended by “add” message or a new installations on the device

  • Leaf node can be either a value or a pointer to an executable command


View of prototype
View of Prototype Management Framework


Conclusion
Conclusion Management Framework

  • SyncML DM based system offers good system performance and security protection

  • Our C prototype is one of the first open implementations based on the SyncML DM specifications.

  • But, the network load is a bit heavy

    • A “Get” SyncML message is 709 bytes v.s. 81 bytes in SNMP

    • However, it becomes better for a more realistic and complex management session


Future work
Future Work Management Framework

  • Complete implementation

  • Think about management server?

?



ad