slide1
Download
Skip this Video
Download Presentation
Hailiang Mei [email protected]

Loading in 2 Seconds...

play fullscreen
1 / 29

Health Management Scenario - PowerPoint PPT Presentation


  • 100 Views
  • Uploaded on

Security and Privacy Concern in Remote Personal Device Management Framework. Hailiang Mei [email protected] Outline. Background of RPDM Why RPDM is important Security threat Attack tree model and threat analysis Examining current RDM systems SNMP, VNC, MRDP, Web-based

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Health Management Scenario' - Jims


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
outline
Outline
  • Background of RPDM
    • Why RPDM is important
  • Security threat
    • Attack tree model and threat analysis
  • Examining current RDM systems
    • SNMP, VNC, MRDP, Web-based
  • Design of RPDM framework
    • Based on SyncML DM
  • Conclusion and future work
background of rpdm
Background of RPDM

Self observes problem

+ Remote diagnosis

+ Remote Repair

Remote server can be within local network or at service provider’s site

why rpdm is important
Why RPDM is Important?
  • Recent studies show that there are at least 4 times as many electronic machines in the world as there are people.
    • This gap is still increasing fast
    • New devices require maintenance, but personnel are expensive
  • An online survey shows 57% users feel befuddled by their computer, mobile phone, home security system, etc.
outline1
Outline
  • Background of RPDM
    • Why RPDM is important
  • Security threat
    • Attack tree model and threat analysis
  • Examining current RDM systems
    • SNMP, VNC, MRDP, Web-based
  • Design of RPDM framework
    • Based on SyncML DM
  • Conclusion and future work
threat analysis one example

Security requirement

Threat Analysis (one example)

Vulnerability Rating (VR): A Probable; B Highly Possible; C Possible; D Unlikely; E Impossible.

outline2
Outline
  • Background of RPDM
    • Why RPDM is important
  • Security threat
    • Attack tree model and threat analysis
  • Examining current RDM systems
    • SNMP, VNC, MRDP, Web-based
  • Design of RPDM framework
    • Based on SyncML DM
  • Conclusion and future work
evaluation factors
Evaluation Factors
  • System load & Network load
    • criteria related to performance
  • Expressive power
    • indicates the generalization of the technique
  • Device IQ
    • defines how intelligent the target device is when it is being managed
  • Security
    • the most important concern
web server
Web Server
  • The device runs a small web server application
  • A service runs on the device to generate run-time HTML file
  • The remote terminal manager access the device via the web browser and execute scripts on the device
syncml dm oma

Inside client

Server

WAP

client

root

client

DM protocol

proprietary

proprietary

Vendor

SyncML

upgrade

client

  • Data Synch protocol
  • Add
  • Get
  • Replace
  • Exec

X*

Logical tree for addressing purposes.

In scope of DM standard!

OMA DM

SyncML DM (OMA)

Over the air

syncml dm oma1

OMA DM

SyncML DM (OMA)
  • Server

<Get>

<CmdID>4</CmdID>

<Item>

<Target>

<LocURI>Vendor/Ring_signals/Default_ring</LocURI>

</Target>

</Item>

</Get>

  • Client

<Results>

<CmdRef>4</CmdRef>

<CmdID>7</CmdID>

<Item>

<Data>MyOwnRing</Data>

</Item>

</Results>

comparison of rdm systems

Evaluation factor

Weight

SNMPv3

VNC

Web-based

RDP

SyncMLDM

System load

20%

+/-

-

-

-

+/-

Network load

20%

+

-

+/-

+/-

+/-

Expressive power

25%

-

+

+/-

+

+

Security

25%

+

-

+

+/-

+

Device IQ

10%

+

-

+/-

-

+

Equal weight score

20% each

0.4

-0.6

0

-0.2

0.6

Weighted score

0.3

-0.5

0.05

-0.05

0.6

OMA DM

Comparison of RDM Systems

*We define “+”=1, “+/-”=0 and “-”=-1 to calculate the overall performance score

outline3
Outline
  • Background of RPDM
    • Why RPDM is important
  • Security threat
    • Attack tree model and threat analysis
  • Examining current RDM systems
    • SNMP, VNC, MRDP, Web-based
  • Design of RPDM framework
    • Based on SyncML DM
  • Conclusion and future work
rpdm overview

Security

  • Privacy
  • Performance
RPDM Overview
authentication manager
Authentication Manager
  • PKI based authentication
  • MD5 digest authentication
    • Digest = H(B64(H(serverrname:password)):nonce)
  • PKs database itself is a Mobj, and it can be managed as well if the access right is granted. E.g. a trusted management server can introduce a new management server by adding its public key or its hashed name string into the PKs database.
access control list tree
Access Control List Tree
  • Each node (object) is identified by an URI
  • Each node has a set of properties
  • This tree can be extended by “add” message or a new installations on the device
  • Leaf node can be either a value or a pointer to an executable command
conclusion
Conclusion
  • SyncML DM based system offers good system performance and security protection
  • Our C prototype is one of the first open implementations based on the SyncML DM specifications.
  • But, the network load is a bit heavy
    • A “Get” SyncML message is 709 bytes v.s. 81 bytes in SNMP
    • However, it becomes better for a more realistic and complex management session
future work
Future Work
  • Complete implementation
  • Think about management server?

?

ad