Erosione della privacy nell’era dell’Ubiquitous Computing

Prof. Luigi V. ManciniDipartimento di Informatica

Università di Roma “La Sapienza”Via Salaria 113 - 00198 Roma

Tel 06-49918421

Title

Oggi

Wireless Network: Today and Tomorrow

• MEMS and Nanotechnology bring: new dimensions to wireless security new threats to privacy

• Wireless Sensor Network: Smart Dust

Accomplish an increasing number of personal transactions using portable devices;

Anywhere: every physical objects infused with computational and communication capabilities;

Trasparency: technology is invisible to the human user.

Web presence.

Ubiquitous computing

The purpose of computer is to help you

The best computer is a quiet, invisible servant

Augmented reality not virtual realityExample: kitchen cabinet + contents tracking

Ubiquitous computing: Principles

Applications of Interest•Business:

Domotica

Micropayments

Tracking of mobile assets and goods

Applications of Interest

•Health : monitoring, micro-dose drug release;

Applications of Interest: Law Enforcement• Research for Secure Europe: 1 billion euro per year

• Protecting against terrorism;

•Tracking the movement of threatening substances and persons;

• Safe driving.

• Detection of NBC agents;• Tactical communications (e.g. squad coordination);• Unattended surveillance (e.g. sealing);

Military Applications

A Wireless Sensor Networks (WSN) is a collection of sensors not relying on a fixed infrastructure to keep the network connected;

A WSN can be formed, merged or partitioned on the fly;

Sensors can be Mobile.

Wireless Sensor Networks

WSN Points of Strength- completely distributed architecture;

- virtually no single point of failure; -handled/wearable/dust devices;-peer to peer interactions;-highly redundant;-easily deployable; -low cost device.

Design to be invisible and ubiquitous

Automatic user recognition and tracking

Peer-to peer paradigm

Data-mining

Privacy issues

Digital video surveillance

Automatic user recognition and tracking

Per accedere ai servizi bisogna condividere le risorse personali con altri senza averne il controllo dei contenuti (come Cookies).

Esempio: segnalazione ad una stazione broadcast di eventi di congestione del traffico

Peer-to-peer paradigm

Estende le capacità di controllo

Accellera il processo di analisi ed inferenza dei dati

Data mining

Wireless Vs. Wired: physical eavesdropping is almost undetectable;

Very critical the scalability of the solutions

Resource constrained

battery constrained;

low processing power;

small amount of RAM;

limited communication range.

Ubiquitous Computing: Challenge

Garantire sicurezza e privacy con l’ubiquitous computing presenta grandi sfide

Attività che normalmente non lasciano traccia grazie alle nuove tecnologie potranno essere analizzate e correlate.

Come garantire la Privacy?

Utilizzo di Identificatori Anonimi ridondanti come concetto fondante della infrastruttura di rete;

I gestori della rete non hanno la possibilità di associare l’ID anonimo all’utente;

L’utente puo’ divulgare la propria identità se lo richiede;

Un’Autorità indipendente possiede l’associazione fra utente reale ed i suoi ID anonimi.

Esempio

Per i micropagamenti (un biglietto dell’autobus) e’ sufficiente autenticarsi con un Identificatore Anonimo non riconducibile all’utente reale;

Per transazioni importanti (e-banking) l’utente deve autenticarsi rivelando la propria identità reale al solo fornitore del servizio;

Non e’ necessario che il gestore della rete conosca l’identità dell’utente reale che effettua la transazione;

Security Objective: Achieving

ConfidentialityNaïve solution: provides each sensor with N-1 keys, where N is the number of ALL sensors in the wireless network.

Problems:

- N must be known in advance;

- Storing O(N) keys.

Solution does not scale!

Achieving Confidentiality

•Statically assign to each sensor k keys randomly chosen from a pool of P random keys;•if a key belong to both the key-ring of a and b use that key to encrypt the channel.

•Key discovery phase: Both nodes broadcasts k challenges, one per key, so that the other node can understand which keys are shared.

Achieving Confidentiality

IDEA: Random pre-deployment of Keys:

- Given a fixed pool P of pseudo-random keys;

-Assign to each of the sensor k keys from the pool P.

What is the probability that any two sensors share at least one key?

New Key Connectivity Result

A WSN of N, key ring size k>2 and pool size N/logN is connected with high probability.

Per esempio: Nodi= 10000, chiavi=4, pool size= 1100, range 33m, area 1 km2

Esempio

A WSN of size N=200, ring size k=4, range=0.2

Pool=50 Pool=100

Considerazioni Conclusive- “Nella veglia o nel sonno, al

lavoro o a tavola, in casa o fuori, a letto o in bagno, non c’era scampo. Nulla vi apparteneva, se non quei pochi centimetri cubi che avevate dentro il cranio.” George Orwell, 1984.

- Nuove norme che regolino l’ambiente virtuale globale poichè la privacy dell’utente sarà molto più esposta di oggi.

References Roberto Di Pietro, Luigi V. Mancini. Security and Privacy Issues

of Handheld and Werable Wireless Devices. Communication of the ACM, Vol 46, No 9, Sept 2003.

• Roberto Di Pietro, L.V. Mancini, and S. Jajodia. Providing secrecy in key management protocols for large wireless sensors networks. Journal of AdHoc Networks (Elsevier), vol. 1(4), pages 455-468, November 2003.

• Roberto Di Pietro, Alessandro Mei, and L.V. Mancini. Random Key Assignment for Secure Wireless Sensor Networks. In Proceedings of the ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '03). Fairfax-VA, USA, October 2003.

Further QUESTIONS ?