1 / 20

Presented By : Anand Dipakkumar Joshi

USC. Location Based Trust for Mobile User – Generated Content : Applications, Challenges and Implementations. Presented By : Anand Dipakkumar Joshi. USC. Paper. Vincent Lenders Emmanouil Koukoumidis Pei Zhang Margaret Martonosi DEPT. of Electrical Engineering Princeton University. USC.

urbana
Download Presentation

Presented By : Anand Dipakkumar Joshi

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. USC Location Based Trust for Mobile User – Generated Content : Applications, Challenges and Implementations Presented By : Anand Dipakkumar Joshi

  2. USC Paper Vincent Lenders Emmanouil Koukoumidis Pei Zhang Margaret Martonosi DEPT. of Electrical Engineering Princeton University

  3. USC Agenda Introduction Application Verification System for Mobile contents Localization / Certificate Services Implementation

  4. USC Introduction • Advance in Web 2.0 • You Tube , Facebook , Flickr , Wikipedia , Blogger , Orkut etc …. • Advance in Gadgets • Mobiles , PDA , Camcorder , High end cameras etc …. • User generated contents • Blogs • Podcasts • Sharing of video on you tube • etc …. • Social Networking with sharing of videos , pictures , data etc ….

  5. USC Introduction (cont …) YOU TUBE Content Producer Content Consumer

  6. USC Introduction (cont …) Protection from malicious producers Protection from malicious consumers How to trust authenticity and quality of published information ? How to provide consumer a level of trust for the content provided by the mobile user ? How to protect the identity and privacy of the content producer ?

  7. USC Introduction (cont …) • Solution : • Application of traditional identity based security. • Application of trusted geotagging service. • Benefits • Consumers know where and when the data has been actually published. • Trust relation between the content providers and consumers in this open system. • Protection from Sybil attack.

  8. USC Application NEWS Photo Sharing Distributed Sensing Filtering Email Spam Mapping Data Traffic Updates

  9. USC Verification System for mobile contents • Design Goals • Generality • Scalability • Retain user privacy / anonymity • Support for user’s mobility • Support for content mobility

  10. USC Verification System for mobile contents (cont …) Localization / Certificate Authorities Ask to verify certificate / CA’s public key SHA DLT Certificate Untrusted Network Content Producer Content Consumer System Overview

  11. USC Verification System for mobile contents (cont …) • Trust Model • Content producers • They can verify the location from the certificate issued to them by CA. • They trust the certificate issuing authority that they do not store and revel information about the content producers and maintain their privacy and anonymity. • Content consumers • They trust the certificate issuing authority that they only issue certificate to genuine content producers. • Privacy Issues • Producer at risk of potential attack • Producer has lot of contents • Content created is not at heavily populated location. • Solution • Needs to specify the level of accuracy and anonymity for location and time values. • Accuracy of coordinates depends on privacy E.g.: blurring of coordinates and time values.

  12. USC Verification System for mobile contents (cont …) • Possible Attacks • Mobility Attack • Botnet Attack • Delay Attack • Mobility Considerations • Assign multiple DLT to content, allowing one to track the mobility of the content over the creation time. • Helps to know the path on which the content is captured before its delivered to content consumers.

  13. USC Verification System for mobile contents (cont …) Verify Data SHA Untrusted Network Content Producer Content Consumer Alternative Certificate Mechanisms

  14. USC Localization Service Implementation • Secure Wireless Location • Satellite Based positioning • GPS based systems to determine location • Tower localization • Use of cell phone towers to determine location. • 802.11 access points • Hybrid • GPS / infer location information from past data using cell location • Used by Yahoo!‘s ZoneTag

  15. USC Certificate Service Implementation S • Certificate Authority • Centralized • Implicit trust given to central authority. • Central server is responsible for verifying the location the generator is claiming to have and issues corresponding DLT certificate. • It assumes that the content producer have an access to the server by any means. • The certificate makes possible for the authority to track him and invade his privacy. • More susceptible to denial of service attack.

  16. USC Certificate Service Implementation (cont …) • Certificate Authority • Decentralized • Users ask multiple devices to obtain multiple DLT certificate. • The generating device will keep track of the trustworthy level of the other nodes. • Receivers of the data query the DLT certificate source nodes to validate the data, or simply work offline if the certificate resources are known. • Here the public key is device specific and not user specific. • System more scalable than the centralized method. • Difficult to fake an authentication. • Overhead of the system is high. • Prone to Sybil attack if the community contains more fake devices. • To verify the certificate the receiver device must be online as well as the sender device also must be online

  17. USC Certificate Service Implementation (cont …) • Certificate Authority • Community Model • Somewhat similar to distributed method. • Community of devices will vote and decide on trust level of certificates. • Multiple certificate issuers are voted on by its users. • This decides different weights and trust levels associated with them • Scheme adopted by Digg and reputation scheme in eBay. • Community gets votes on each other’s trust level. • Super Users can boast or reduce the trust level.

  18. USC Conclusion Beneficial to many applications where trust is associated with time and location. Tagging of a content is done using location and time and not on user’s identity. Hence user privacy is maintained. System increases the difficulty to tag the contents with false locations unless they move to that location to tag it. Thus by limiting various attack, it proves to be a good verification service based on location and time for user generated data.

  19. USC References • Paper : "Location-based Trust for Mobile User-Generated Contents: Applications, Challenges and Implementations”, Vincent Lenders, Emmanouil Koukoumidis, Pei Zhang and Margaret Martonosi, The 9th IEEE Workshop on Mobile Computing Systems and Applications (HotMobile 2008), Feb 2008 • Web Resources • http://www.flickr.com/tour/maps/ • http://www.wunderground.com/wundermap/ • http://www.wikipedia.org/

  20. Questions ???

More Related