gefördert durch das Kompetenzzentrenprogramm
DI Alfred Wertner
19. September 2014
Ubiquitous Personal Computing© Know-Center 2014
www.know-center.at
Security Concepts for a Distributed Architecture for Activity Logging and Analysis
© Know-Center 2014
2
Overview
Activity Logging and Analysis
Use case
Privacy concerns
Focus here: prevent unauthorised access
System Architecture
Security analysis
Assets Vulnerabilities Attackers Threats
Security concepts
© Know-Center 2014
4
Activity Logging and Analysis
Use Case: Support Time Management
Help people to reflect on time management issues
Detect „Types of Activity“
E.g. Application Use, Travelling, Communicating, Reading, Writing
Trigger reflection
Show history of activities Reflection diary
© Know-Center 2014
5
Activity Logging and Analysis
Privacy Concerns
Data is highly sensitive
Need Privacy-Respecting Systems
Privacy-Respecting Systems
Protect user identity
Control what kind of data is collected
Control data collection
Protect against unauthorised access
© Know-Center 2014
6
Activity Logging and Analysis
Privacy Concerns
Data is highly sensitive
Need Privacy-Respecting Systems
Privacy-Respecting Systems
Protect user identity
Control what kind of data is collected
Control data collection
Protect against unauthorised access
© Know-Center 2014
7
System Architecture
Sensors
Log data
From Hardware Sensors E.g. accelerometer
By itself E.g. logging foreground
windows
Send data to Sensor Hub
© Know-Center 2014
8
System Architecture
Sensors
Sensor Hub
Sensor configuration
Local data storage
Data transmission to server
© Know-Center 2014
9
System Architecture
Sensors
Sensor Hub
Server
Receives data from Sensor Hub, Client Services and Applications
Stores data
Answers requests from Client Services and Applications
© Know-Center 2014
10
System Architecture
Sensors
Sensor Hub
Server
Client Services and Applications
Access/Modify data on the server
© Know-Center 2014
11
Security Analysis
Asset = Data
Vulnerabilities
Physical access
Logical access
Physical access
Log into or steal device
Network cable infrastructure
Logical access
Installation of Malware
© Know-Center 2014
12
Security Analysis
Asset = Data
Vulnerabilities
Physical access
Logical access
Physical access
Log into or steal device
Network cable infrastructure
Logical access
Installation of Malware
Who will be attackers with a strong motivation?
© Know-Center 2014
15
Security Analysis - Threats
High Risk Threats
By Management
Physical access of victim‘s device
Read/Modify logged data
© Know-Center 2014
16
Security Analysis - Threats
High Risk Threats
By Management
Physical access of victim‘s device
Read/Modify logged data
By Management + Sys. Admin.
Physical access of victim‘s device and server
Read/Modify logged data
© Know-Center 2014
17
Security Analysis - Threats
High risk
Medium risk
By Management + Sys. Admin.
Intercept network communication
More effort to implement
Limited to information sent
© Know-Center 2014
18
Security Analysis - Threats
High risk
Medium risk
By Management + Sys. Admin.
Intercept network communication
More effort to implement
Limited to information sent
By Management + Sys. Admin.
Intercept communication between sensors and hub
More effort to implement
© Know-Center 2014
19
Security Analysis - Threats
High risk
Medium risk
Low risk
By Cyber Criminal
Malware reads logged data
© Know-Center 2014
20
Security Concepts – Data Collection I
Hub encrypts data prior storing
Using a stream cipher
Initialisation with server‘s public key
Pro‘s
Protects against unauthorised reads
Need only one key pair
Private key resides on the server
Con‘s
User can not edit data locally
No protection against Malware
© Know-Center 2014
21
Security Concepts – Data Collection II
Encrypted storage of data
Use stream cipher
Initialisation with user‘s public key
Pro‘s
Protects against unauthorised reads
User can edit data locally
Con‘s
Security depends on password strength of user‘s private key
No protection against Malware
© Know-Center 2014
22
Security Concepts – Communication
Encrypted data communication
Standard HTTPS
Data Collection I
Authentication at server
Authentication of Sensor Hub
On start up
Prior to sending data
© Know-Center 2014
23
Security Concepts – Server I
Encrypted storage of data
Trusted Platform Module
Pro‘s
High security
Protection against unauthorised reads + Malware
No user interaction for data decryption necessary
Con‘s
Relatively new technology
Harder to implement