1

Welcome

Hans AnderssonDer Yao LeongYee Jiun Song

Wendy TobagusYang Bei

Sherif Yousef

2

iSecurity Project Team

3

Overview

BackgroundBackgroundVision and GoalsAccomplishmentsFuture WorkSummary

4

Background

iSecurity Project– Joint project between KTH and Stanford

University– Security in an interactive environment

iSpace project – To create an international network of usable

augmented environments for collaborative, project-driven learning and working

iRoom & iLounge

5

Motivation

The iSpace project was conceived in an academic environment

Security issues have not been a high priority However, security is essential for widespread

deployment

6

Video

7

Security Requirements

Security is a very important issue in Interactive Workspaces

Our security system ensures privacy and integrity

Convenience, customizability, accessibility and accountability are also ensured by our security system

8

Overview

BackgroundVision and GoalsVision and GoalsAccomplishmentsFuture WorkSummary

9

Vision and Goals

Our vision is to deliver a non-intrusive and robust security system for interactive environments

Social model Technically feasible system design Implementation Auditing tools Testing and evaluation

10

Overview

BackgroundVision and GoalsAccomplishmentsAccomplishmentsFuture WorkSummary

11

Accomplishments

Social Model Technical Design Implementation Auditing and Logging Tools Evaluation

12

Social Model

Specify the nature of security in Interactive workspaces

Enumerate the objectives of the model Define the mechanisms by which these

objectives are accomplished.

13

Ubicomp Security

Transparent, open and dynamic environment– Users and devices interacting spontaneously and

in an ad hoc fashion

Different security concerns compared to traditional computer environment

14

Social Model Objectives

Integrity Privacy Availability Accountability Customizability Convenience

15

Security Mechanisms

Gatekeeper Trust Groups

– Implicit Trust Groups– Explicit Trust Groups

Security Policy Definition– Permissions– Owners– Delegation

Authentication Privacy Guarantee Enforcement

16

Technical Design

Map the ideas of the social model into a technical design that can be implemented

Specify the parts of the system and how they interact with each other

Specify authentication and security mechanisms Clear system and interface specifications, to allow

application design to proceed concurrently

17

Secure Event Heap

A new secure Event Heap, built on top of the existing event heap server

Users are required to log into the system All events are checked by the security module before

they are sent or received All events can be traced back to a particular user Programmatic support for the development of secure

applications

18

System Architecture

Event Heap

19

Implementation

Implemented our design using Java SSL and crypto packages, and added security checking elements into Event Heap

Achieved:– Backwards compatibility– Secure communication– Permission management

iRoom now uses the secure version of Event Heap – all original applications run fine

No major problem

20

Auditing and Logging Tools

Administrator should have the option of logging all activity

Provides traceability of security breaches Adapted a logging tool originally written by

Andy Szybalski Allows recording as well as browsing of logs,

also provides filtering capabilities

21

Logging Tool

22

Sample Applications

iPaint– Allows the sharing of a virtual whiteboard– All authenticated users can draw on it

Secure File Share– Allows the sharing of files– Three kinds of permissions (list, download,

upload)

23

iPaint

24

Secure File Share

25

Permission Manager

26

Evaluation

No detailed evaluation with real users Internal evaluation Useful security system that is easy to use More studies will be needed to determine if

our system fully meet users’ needs

27

Overview

BackgroundVision and GoalsAccomplishmentsFuture WorkFuture WorkSummary

28

Future Work

Performance improvement Flow Control Graphical User Interface Automatic monitoring and log-analysis tools

29

Overview

BackgroundVision and GoalsAccomplishmentsFuture WorkSummarySummary

30

Summary

iSpace infrastructure lacks security Ubicomp security issues are unique Our iSecurity system provides a non-

intrusive, robust security system for users System provides strong privacy and integrity

guarantees for users Rich area for future research work

31

Questions

For further information about this project please visit our homepage:

http://csd.ssvl.kth.se/~csd2003-team16/index.htm