1 / 11

Threats, Risk Assessment, and Policy Management in UbiComp

This workshop focuses on the evaluation and management of threats, risks, and policies in Ubiquitous Computing (UbiComp) environments. It discusses different types of threats and provides insights into risk assessment and policy management in UbiComp applications.

susanae
Télécharger la présentation

Threats, Risk Assessment, and Policy Management in UbiComp

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Threats, Risk Assessment, and Policy Management in UbiComp Workshop on Security in UbiComp UBICOMP 2002, 29th Sept. Göteborg, Sweden Philip Robinson, SAP Corporate Research & Telecooperation Office

  2. Management & Access Scope of UbiComp Environments and Applications Closed/ Embedded Personal Static Groups Ad Hoc Groups Public

  3. Point of Alert Static Threat = Unsolicited interactive access to system by non-group member Closed Threat = Unsolicited access to system location Personal Threat = Unsolicited possession of system (tangible access) Ad Hoc Threat = Unsolicited use of special services – access beyond role and rights Public Threat = “unsolicited modification/ misuse of system “Access to a system or its resources/ information is the first line of attack”

  4. Risk – all about Context • Information and Resources have no value without a particular Context. • Context information changes the awareness and evaluation of risks • Awareness of risks changes the utility of and contribution to the Context information 4999 910 876 1234 Credit Card #:

  5. Meeting and Discussion in Session, and topic is… Elicited/ Meta-level Context Information Office Computed/ Partial Context Information Occupied Movement Sensor/ Low-level Context Information (cues) temperature location acceleration When is the risk pending? Data

  6. Attacker listens in on communications channel. Attacks on confidentiality & privacy! Attack by embedding false sensor and actuator devices into environment – attack on context derivation integrity Attack by falsifying the physical environment’s signals – attack on context reading integrity Attack by abusing lack or excess of computational capacity – denial of service or malicious code attacks Attack Profile ATTACK C O N T E X T Interactive (Stimuli & Response) R E S O U R C E S ATTACK Perceptive (Sensors & Actuators) Computational (Memory, Power & Processing) ATTACK Communicational (Reception & Transmission) ATTACK

  7. data Physical environment emission Interpretation Analog signal Digital signal Computation transmission A/D Policy ManagementAdministrative Distribution • Definition • Document encoded • Application encoded • Entity encoded • Enforcement • Security Mechanism selection • Physical vs. Logical • Modification & Dissolution • Static vs. Dynamic • Consistency & notification • Auditing • Centralized vs. Distributed Behavioral policy, relational policy Authorization policies Signal integrity policy Communication policies Context-based policies Computational policies

  8. Summary • Identify access scope of UbiComp application • Determine point-of-alert based on access scope • Determine when the context creates a manageable risk • Perform a Threat Analysis • Define policy model to circumvent threats • Implement mechanisms to enforce policy • Establish methodology for managing policy information

  9. Policy Enforcement

  10. Policy Dissolution

  11. Policy Modification

More Related