Electrical and Computer Engineering

GeoVault:Secure Location Tracking

Comprehensive Design Review

Nathan Franz

Emily Nelson

Thomas Petr

Shanka Wijesundara

Advisor: Prof. Burleson

2Electrical and Computer Engineering

System Overview

GeoVault

EmailCell Phone Computer

3rd Party Server

Google Maps API

HTTPS HTTPS

Database

DatabaseDatabase

Access Controls

Resolution

OAuth

Map Queries

Map Queries

Notifications

Stored Location Data

Location Data

Location Data

Login Credentails

3Electrical and Computer Engineering

Feedback From MDR

•Timing: Oracle vs. PostgreSQL

•Threat Analysis

•Security as a competitive advantage

4Electrical and Computer Engineering

PostgreSQL

• Re-evaluated database choices• SQLite + SpatiaLite for self-hosted environment

– Extremely simple to setup

• PostgreSQL for production environment– Fast, easy to manage

• PostgreSQL is lighter-weight (faster) and provides all required features

• Insert 100,000 points across the USA– (average time per insert)

MySQL 5.1 26.258 ms

PostgreSQL 8.4 3.496 ms

Oracle 11g 199.670 ms

5Electrical and Computer Engineering

GeoVault: Threat Risk

Threats Consequences Countermeasures

Integrity Inaccurate locations of users

Confusion, loss of trust, or worse (depending on application)

Encryption / Shared Secrets

Distributed Database

Confidentiality Users location is revealed

User privacy is compromised, susceptible to attack

Secret Sharing / MPC

Identity Verification

Timing Measures

Denial of Service

Botnet attack

Rapid checkins / logins

Inability to track users

Rate limiting

Authentication Spoofing, identity theft

User privacy is compromised

Identity Verification

Idle time logouts

Reject delay for login

*Stallings, William. Network Security Essentails: Applications and Standards. New Jersey: Pearson Prentice Hall, 2007.

6Electrical and Computer Engineering

Other Systems: Threat Risk

Assets Vulnerabilities Defense Privacy issues

Google Latitude

•Location Data

•Friends Locations

•No Verification •Password/login

•Protection

•Approve Friends

•Limited access settings

Foursquare •Location Data

•Location Trends

•Friends Locations

•Create home/work location

•https

•Approve Friends

•Limited access settings

Gowalla •Location Data

•Location Trends

•Friends Locations

•Publishes location to the entire world

•Password/login

•Protection

•Approve Friends

•No access settings

Twitter •Location Data

•What you are doing

•Friends Locations

•Uneducated users

•3rd party services

•https

•OAuth

•Limited access settings

7Electrical and Computer Engineering

Why GeoVault is More Secure

• Secure Distributed Database

• Location only available to those the user trusts [unlike: Gowalla]

• Varied resolution [unlike: Twitter, Foursquare, Google Latitude, Gowalla]

• Integrity (user cannot lie about where they are) [unlike: Google Latitude]

• Only current location displayed (no trends) [unlike: Twitter, Gowalla]

8Electrical and Computer Engineering

Accuracy vs Permissions

• Handling geographic resolution • Permissions > Accuracy

– Contain accuracy circle in randomly placed permission circle

– Take into account (for FPR)• State Lines• Bodies of Water• Etc..

• Permissions < Accuracy– Expand permission radius to accuracy radius

9Electrical and Computer Engineering

Accuracy vs Permissions

Accuracy

Permissions

10Electrical and Computer Engineering

OAuth

GeoVault Twitter

Client

1. Get request token

2. Send request token

5. Exchange for access token

6. Get access token

3. Redirect to Twitter

4. Sign in and ask for GeoVault access

Grant 3rd party access to user information without sharing access permissions or full extent of data

11Electrical and Computer Engineering

Distributed Database

• Securely and robustly store location data

• Prevents a single point of failure– Secret sharing is a form of

encryption

GeoVault

Node

Node

Node

Node

Node

Node

12Electrical and Computer Engineering

Shamir’s Secret Sharing Scheme

(1, f(1)) = (1, 1494)

(2, f(2)) = (2, 1942)

(3, f(3)) = (3, 2578)

(4, f(4)) = (4, 3402)

(5, f(5)) = (5, 4414) GeoVault

Node 1 Node 2 Node 3 Node 4 Node 5

(1, 1494) (2, 1942) (3, 2578) (4, 3402) (5, 4414)f(x) = 94x2 + 166x + 1234

13Electrical and Computer Engineering

Demo

14Electrical and Computer Engineering

Milestones

Oct 26 PDR Specifications complete

Nov 9 Smart phone web client functional prototype

Dec 2 MDR Database configured / example of multiparty computation

Dec 21 Platform complete / server security/ OAuth

Jan 4 Web clients complete / security for hijacked devices (timing)

Jan 11 Platform input / output plugins complete

Jan 25 Bugfixes, Performance Testing

Feb 11 CDR Demo / show security and weakness in other systems / Threat Analysis

Mar 31 Political Boundaries/ Idle time logout/ Continued work with MPC/ Tweak backend/ Polish interface

Apr 5 FPR Project Complete

15Electrical and Computer Engineering

Technical Roles

Past Tasks Future Tasks

Tom (CSE) Backend / MPC / Secret Sharing

Secret Sharing

Nate (EE) OAuth / Authentication Middleware

Authentication Middleware

Shanka (EE) Backend / Django Access Controls

Emily (CSE) Frontend / Threat Analysis

Adding Political Boundaries

16Electrical and Computer Engineering

Thank You

Questions?