1 / 17

Security Challenges in Opportunistic Sensing: Navigating Privacy, Integrity, and Availability

This paper examines the emerging paradigm of opportunistic sensing, which utilizes small devices carried by individuals to collect data linked to human activity and environmental conditions. While the advantages include leveraging millions of mobile devices for data collection without manual deployment, significant security challenges persist. Key issues addressed include confidentiality and privacy concerns, data integrity, and availability challenges. By exploring existing solutions and proposing future research directions, the paper aims to enhance the effectiveness and security of urban sensing applications while safeguarding user privacy.

dasha
Télécharger la présentation

Security Challenges in Opportunistic Sensing: Navigating Privacy, Integrity, and Availability

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Opportunistic Sensing: Apu Kapadia MIT Lincoln Laboratory David Kotz Dartmouth College Nikos Triandopoulos Boston University Security Challenges for the New Paradigm Michael Betancourt UCF - EEL 6788 Dr. Turgut

  2. Overview • Introduction • Urban Sensing Examples • Applications Examples • Security Challenges      a. Confidentiality and Privacy Issues     b. Integrity Issues     c. Availability Issues     d. Challenges in Participatory Sensing 5.  Conclusion

  3. Introduction • Opportunistic people centric sensing • Small devices carried by people that sense information • Direct or indirect relation to human activity • Environmental conditions • Advantages • Leverage millions of devices • No need to manually deploy • Highly mobile and accessible • Disadvantages • High risks in security • Data integrity

  4. Urban Sensing Examples CarTel • Maps traffic patterns BikeNet • Bicycle network infrastructure CenceMe • User activity social networking CarTel Interface CenceMe Interface BikeNet Interface

  5. Application Examples • Urban data collection and processing • Large scale online data collection • Being able to locate lost objects • Measuring the flow of bicycles in an urban center • Environmental monitoring at the human level •  Optimize energy usage for heating and cooling •  Personal Environmental Impact Report

  6. Security Challenges Overview Challenges • Context privacy • Anonymous tasking • Anonymous data reporting • Reliable data readings • Data authenticity • System integrity • Preventing data suppression • Participation • Fairness

  7. Confidentiality and Privacy IssuesContext Privacy Problems • It is cumbersome for users to specify fine grain policies • Once the data is on the server who can access the h/w Solutions • Virtual walls • Group settings in categories • Only information outside the wall can be seen • Faces • Data changes according to who is viewing • Future Research • Determining what data can be used without being able to infer other data • Grabbing only enough data for application purpose without sacrificing usability

  8. Confidentiality and Privacy IssuesAnonymous Tasking Problems • By tasking specific users it is possible to gain personal information • Determining reliability of participants could reduce anonymity Solutions • Tasking Service • Users download all tasks and selectively choose which to do •  Attribute based authentication • Users reveal only their attributes

  9. Confidentiality and Privacy IssuesMasking Users' Location • Blind Tasking • Transfer data to other nodes before uploading • Overall routing structure must be protected • Data needs to be encrypted to not be intercepted • Hitchhiking • Only include characteristics about location • Disadvantageous for limited popularity • Introduce blur and random jitter • Decreases accuracy • Amount of error needs to be constrained •  Automatic Spatiotemporal Blurring • Generalize location through large geographical tiles • Only upload data when enough sets are available

  10. Integrity IssuesReliable Data Storage Problems • Any participant with an appropriately configured device can report falsified data • Devices are controlled by users • Incentives to mask private information Solutions • Redundancy • Task cloning • Fixed sensor ground truth • Game Theory • Reputation based system

  11. Integrity IssuesData Authenticity Problems • Tampered data during transit • Current schemes correspond to fixed sensors where there is a stable topological tree that spans sensors Solutions • Cryptographoically enhanced error-correcting techniques • Encrypted data that shows if it has been tampered with • Group signatures • Allows multiple groups to use a single verifying signature • Cracked signatures and be redistributed without taking down the entire infrastructure

  12. Integrity IssuesSystem Integrity Problems • Tasks need to have their source verified • Data received needs to be accurate and temporally relevant Solutions • Task specific languages • Secure crytographic states • Provide topological, temporal and user-related parameters to validate the information received.

  13. Availability IssuesPreventing Data Suppression • Denial of Service (DoS) due to devices ignoring task requests • Network availability of devices • Data consuming applications could be killed by users • If users are unable to control the data access, they are less likely to carry the device or permit tasks to be performed Distributed DoS (DDoS) Attack

  14. Availability IssuesParticipation Problems • Users must have incentives to gain mass participation • Difficult to convince giving away private information with little to no benefit Solutions • Convenience is key to appeal • Provide incentives that are compatible with users' needs and interests • Privacy-aware hybrid payoff model • Beneficial services vs privacy loss they experience

  15. Availability IssuesFairness • People centric applications provide direct benefits to users • Users will try to cheat to gain better service for themselves • Tasking others to complete their tasks • Not contributing back to the community BitTorrent Inc. Logo Battlefield 2142 Cover Art

  16. Challenges in Participatory Sensing • Users are tasked and have to manually partake in gathering information • Additional security challenges arise as the user may leak more information than the task specifies • Taking a picture of a menu on a table • Integrity becomes difficult as the user can fabricate sensor data or not provide the correct results of the task • Ratings of a restaurant 4 Rivers Smokehouse Google User Review

  17. Conclusion • Opportunistic people centric sensing • Most applications contain personal information • Securing that information becomes key • Providing a service that people would want to participate • Keepings users data secure as to not be harmed • Even obscuring the data may not be enough for complete anonymity • Participatory sensing needs additional security thought • Questions?

More Related