Protecting User Data in Ubiquitous Computing:

TowardsTrustworthy Environments

Yitao Duan and John Canny

UC Berkeley

Outline

• Background and motivation

• Existing solutions

• Our approach– Design principles– Enforcing scheme– Evaluation

• Conclusion and future work

Ubiquitous Computing

• One consequence of Ubicomp – Way more data about us can be gathered

(and used).– This is potentially a great thing

for collaborative algorithms

• But, it’s potentially a great problem because...

Issues Addressed

• Protection of the user data generated and maintained by the environment

• Privacy of individuals who use the env.• Ability of legitimate users to make use of data

recorded in the environment• Dealing with high-speed streams of data• Trustworthiness of the environments (in

progress)

Challenges

• Unfamiliar environments

• Dynamic and ad hoc and shared– difficult to determine access rights

• No central control

• High data rate – must be processed in real-time

• Collaborative applications

Existing Solutions

• Focus on access control• Based on authentication/authorization

model (e.g. RBAC)• Require a piece of running code to

actively check permissions • Inadequate for ubicomp

– Dynamic, distributed, environment– Protecting agent can be bypassed– Completely ignored the untrusted env issue

Our Approach

• Not rely on access control

• Make data secure by themselves

• In line with philosophy in cryptography:– Obscurity is not security– Assume the adversary has access to the

communication

Our Principle – Data Discretion

Data discretion: Users should always have access to, and control of (recorded or live) information that would be available to them in “real-world” situations. They should not have direct access in other situations.

• Matches “real-world” privacy norms

• Consistent with emerging legal principles

• Users are involved in decisions regarding data about them – users are in control of their data!

Smart room Testbed• Good example of ubicomp environment• RFID tag reader to establish who’s in the room• 4 cameras to record images• Smartborad to log electronic activity

Enforcing Scheme

• Assume all data are stored in files that represent short time intervals

• Data file is encrypted with a unique secret key

Enforcing Scheme

• The secret keys are encrypted with public keys of the people in the room (determined by the tag reader):

Enforcing Scheme

• User who were in the room can recover the keys and access the data while they were in the room

Key Embedding• Conceal who and how many users have access• Key set: fixed-length data structure with slots >

max number of users in the room

<Secret Key>K1

< Secret Key>K2

< Secret Key>K3

< Secret Key>K4

hj1 (Fi, K1)hj2 (Fi, K2)

… …hjn (Fi, Km)

Master Key Escrow

• Every encryption key is also encrypted with a master public key.

• The master private key is shared by say, 3 people. Any 2 of the 3 can unlock any of the images, but they have to cooperate.

General Access Structure

• Equal access may not be appropriate in some applications

• Can realize general access structure– Secret-share the secret key among users– Embed the shares in the key set

• An example: AND access– r1, r2, … rm-1 {0, 1}l, rm = r1 r2…rm-1ks

System Throughput

0

0.5

1

1.5

2

2.5

1 10 100 1000 10000

File Size (KB)

Th

rou

gh

pu

t (M

Bp

s)

Execution Time includes: Encryption (Triple-DES) + Disk I/O Platform: PIII 900MHz + Linux 2.4.18 Kernel

Performance Evaluation

What We Have Achieved?

• A principle that mimics real-world norms• A scheme to enforce it

– “Zero-knowledge”: cancels even the number of users who have access

– Efficient to deal with real-time data– Economical to be implemented using

commodity hardware

• Data sharing made safe– The encryption does not hinder

collaboration [Canny 02]

Not Enough

• The scheme works if the environment is honest

• Unfamiliar environments untrusted environments

• How can we be sure the system performs the encryption and does not leak data?

Dealing With Untrusted Env – Data Transparency

• Data Transparency: Encrypted data recorded or transmitted by a ubicomp system should be easily observable.Where possible, the data itself should demonstrate compliance with stated principles.

Dealing With Untrusted Env – Data Transparency

• Data observable, not comprehensible – Obscurity is not security!

• Security and privacy based on cryptography, not access control

• Makes it easy to verify systems’ compliance with any stated privacy policy

Towards Trustworthy Environments (In Progress)

• Trusted computing framework– Assume most components untrusted– Some devices (from 3rd party) more trusted– Exploit the mutual distrust between them to

build trusted system

• Verification– ZKP to guarantee access right

• The demo that the system does what it is supposed to is a ZKP itself

– Bit commitment to minimize leakage