opportunistic sensing n.
Skip this Video
Loading SlideShow in 5 Seconds..
Opportunistic Sensing: PowerPoint Presentation
Download Presentation
Opportunistic Sensing:

play fullscreen
1 / 17
Download Presentation

Opportunistic Sensing: - PowerPoint PPT Presentation

dasha
82 Views
Download Presentation

Opportunistic Sensing:

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Opportunistic Sensing: Apu Kapadia MIT Lincoln Laboratory David Kotz Dartmouth College Nikos Triandopoulos Boston University Security Challenges for the New Paradigm Michael Betancourt UCF - EEL 6788 Dr. Turgut

  2. Overview • Introduction • Urban Sensing Examples • Applications Examples • Security Challenges      a. Confidentiality and Privacy Issues     b. Integrity Issues     c. Availability Issues     d. Challenges in Participatory Sensing 5.  Conclusion

  3. Introduction • Opportunistic people centric sensing • Small devices carried by people that sense information • Direct or indirect relation to human activity • Environmental conditions • Advantages • Leverage millions of devices • No need to manually deploy • Highly mobile and accessible • Disadvantages • High risks in security • Data integrity

  4. Urban Sensing Examples CarTel • Maps traffic patterns BikeNet • Bicycle network infrastructure CenceMe • User activity social networking CarTel Interface CenceMe Interface BikeNet Interface

  5. Application Examples • Urban data collection and processing • Large scale online data collection • Being able to locate lost objects • Measuring the flow of bicycles in an urban center • Environmental monitoring at the human level •  Optimize energy usage for heating and cooling •  Personal Environmental Impact Report

  6. Security Challenges Overview Challenges • Context privacy • Anonymous tasking • Anonymous data reporting • Reliable data readings • Data authenticity • System integrity • Preventing data suppression • Participation • Fairness

  7. Confidentiality and Privacy IssuesContext Privacy Problems • It is cumbersome for users to specify fine grain policies • Once the data is on the server who can access the h/w Solutions • Virtual walls • Group settings in categories • Only information outside the wall can be seen • Faces • Data changes according to who is viewing • Future Research • Determining what data can be used without being able to infer other data • Grabbing only enough data for application purpose without sacrificing usability

  8. Confidentiality and Privacy IssuesAnonymous Tasking Problems • By tasking specific users it is possible to gain personal information • Determining reliability of participants could reduce anonymity Solutions • Tasking Service • Users download all tasks and selectively choose which to do •  Attribute based authentication • Users reveal only their attributes

  9. Confidentiality and Privacy IssuesMasking Users' Location • Blind Tasking • Transfer data to other nodes before uploading • Overall routing structure must be protected • Data needs to be encrypted to not be intercepted • Hitchhiking • Only include characteristics about location • Disadvantageous for limited popularity • Introduce blur and random jitter • Decreases accuracy • Amount of error needs to be constrained •  Automatic Spatiotemporal Blurring • Generalize location through large geographical tiles • Only upload data when enough sets are available

  10. Integrity IssuesReliable Data Storage Problems • Any participant with an appropriately configured device can report falsified data • Devices are controlled by users • Incentives to mask private information Solutions • Redundancy • Task cloning • Fixed sensor ground truth • Game Theory • Reputation based system

  11. Integrity IssuesData Authenticity Problems • Tampered data during transit • Current schemes correspond to fixed sensors where there is a stable topological tree that spans sensors Solutions • Cryptographoically enhanced error-correcting techniques • Encrypted data that shows if it has been tampered with • Group signatures • Allows multiple groups to use a single verifying signature • Cracked signatures and be redistributed without taking down the entire infrastructure

  12. Integrity IssuesSystem Integrity Problems • Tasks need to have their source verified • Data received needs to be accurate and temporally relevant Solutions • Task specific languages • Secure crytographic states • Provide topological, temporal and user-related parameters to validate the information received.

  13. Availability IssuesPreventing Data Suppression • Denial of Service (DoS) due to devices ignoring task requests • Network availability of devices • Data consuming applications could be killed by users • If users are unable to control the data access, they are less likely to carry the device or permit tasks to be performed Distributed DoS (DDoS) Attack

  14. Availability IssuesParticipation Problems • Users must have incentives to gain mass participation • Difficult to convince giving away private information with little to no benefit Solutions • Convenience is key to appeal • Provide incentives that are compatible with users' needs and interests • Privacy-aware hybrid payoff model • Beneficial services vs privacy loss they experience

  15. Availability IssuesFairness • People centric applications provide direct benefits to users • Users will try to cheat to gain better service for themselves • Tasking others to complete their tasks • Not contributing back to the community BitTorrent Inc. Logo Battlefield 2142 Cover Art

  16. Challenges in Participatory Sensing • Users are tasked and have to manually partake in gathering information • Additional security challenges arise as the user may leak more information than the task specifies • Taking a picture of a menu on a table • Integrity becomes difficult as the user can fabricate sensor data or not provide the correct results of the task • Ratings of a restaurant 4 Rivers Smokehouse Google User Review

  17. Conclusion • Opportunistic people centric sensing • Most applications contain personal information • Securing that information becomes key • Providing a service that people would want to participate • Keepings users data secure as to not be harmed • Even obscuring the data may not be enough for complete anonymity • Participatory sensing needs additional security thought • Questions?