ndn bms security requirements and solution
play

NDN-BMS Security: Requirements and Solution Wentao Shang (UCLA) - PowerPoint PPT Presentation

Oct 23, 2023 •271 likes •393 views

NDN-BMS Security: Requirements and Solution Wentao Shang (UCLA) Application scenario NDN-BMS collects sensor data from UCLA campus and publishes the data into an NDN repo Multiple users have access to the data Different users have

  1. NDN-BMS Security: Requirements and Solution Wentao Shang (UCLA)

  2. Application scenario • NDN-BMS collects sensor data from UCLA campus and publishes the data into an NDN repo • Multiple users have access to the data • Different users have different access privileges

  3. Security requirements • Authenticity & Integrity: each data packet is verifiable • Confidentiality: only authorized user can access BMS data • Scalability: security mechanism need to scale to a large number of users

  4. Current solution • Authenticity & Integrity: • Every data packet is signed by the data publisher (a gateway connected to sensors) • Gateway’s public key is certified by some higher- level authority (e.g., building manager), which is certified by the top manager (using the root key) • Every entity in the system trusts the root key

  5. Current solution • Confidentiality: encryption-based access control • All BMS data is encrypted with a symmetric key • Users gain access to the data by acquiring the encryption key

  6. Encryption key distribution • Users are identified by their public keys • The data encryption key (DEK) is encrypted by the authorized user’ public key and published as normal NDN data • DEK is updated periodically, or whenever a user changes privilege (e.g., adding or dropping access to some data)

  7. Scalability issue in DEK management • The first prototype publishes DEK for each user as a separate data packet • O(n) RSA encryption and O(n) RSA signing • A simple optimization: pack all encrypted DEKs into a single data packet • O(n) RSA encryption and O(1) RSA signing

  8. A better(?) solution • Recommended by RFC 2627: hierarchical key management (designed for secure multicast) DEK E(K1, DEK) E(K2, DEK) K1 K2 E(K3, K1) E(K4, K1) E(K5, K2) E(K6, K2) K3 K4 K5 K6 E(U2, K3) E(U1, K3) User1 User2 User3 User4 User5 User6 User7 User8

  9. Scalable user deletion • O(log(n)) updates vs. O(n) updates in old scheme • Cost: more keys to manage & transmit DEK’ E(K1, DEK’) E(K2’, DEK’) K1 K2’ E(K5’, K2’) E(K6, K2’) K3 K4 K5’ K6 E(U6, K5’) User1 User2 User3 User4 User5 User6 User7 User8

  10. Other issues • Selection of cryptography • Symmetric vs. asymmetric encryption • HMAC vs. RSA signing • Hierarchical access control

  11. Summary • Encryption is the most effective access control for NDN applications • Multicast security may be a useful reference • Hierarchical access control is a new challenge

Recommend

Commercial Building Integrated Security Solution See Far , Go Further Contents 1 Vertical

Commercial Building Integrated Security Solution See Far , Go Further Contents 1 Vertical

Commercial Building Integrated Security Solution See Far , Go Further Contents 1 Vertical Requirements Analysis 2 System Architecture 3 Solution Application 4 Successful Cases Requirement Analysis Personnel Safety Internal Management

705 views • 54 slides
Is Cable Congestion a Threat to Cable Security? What is the solution? What is the solution?

Is Cable Congestion a Threat to Cable Security? What is the solution? What is the solution?

conference & convention enabling the next generation of networks & services Is Cable Congestion a Threat to Cable Security? What is the solution? What is the solution? Phil Footman-Williams Tyco Electronics Subsea Communications

203 views • 18 slides
1 Software Safety Specifying safety requirements Safety vs. Reliability Component

1 Software Safety Specifying safety requirements Safety vs. Reliability Component

User requirements CSE 403 Business Requirements Lecture 14 User User Use Cases Requirements Study Safety and Security Requirements Functional Requirements Requirements Documentation Non-functional Requirements Non-functionality

275 views • 3 slides
DIGITAL PLANETS SECURITY SOLUTION INTRODUCTION OUR OFFERED SERVICES Vulnerability Security

DIGITAL PLANETS SECURITY SOLUTION INTRODUCTION OUR OFFERED SERVICES Vulnerability Security

DIGITAL PLANETS SECURITY SOLUTION INTRODUCTION OUR OFFERED SERVICES Vulnerability Security Information Assessment Brand Operation Consultancy & Security Protection Penetration Awareness Centre Testing External Networks

474 views • 44 slides
Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security Requirements (NCSSR) Effective 1 January 2013 No amendments since passed Included in WebTrust Principles and Criteria for Certification

253 views • 7 slides
New Mek Solution New Mek Solution ns is IT/Software ns is IT/Software outsourcing a and

New Mek Solution New Mek Solution ns is IT/Software ns is IT/Software outsourcing a and

New Mek Solution New Mek Solution ns is IT/Software ns is IT/Software outsourcing a and product development nt company. Our vision is to aim 100% aut automation of the business at-par with ever changing custom tomer requirements to

563 views • 15 slides
UCP GROUP Maritime Security Services UCP GROUP ONE SOLUTION ONE PLATFORM ONE SECURITY SERVICE

UCP GROUP Maritime Security Services UCP GROUP ONE SOLUTION ONE PLATFORM ONE SECURITY SERVICE

UCP GROUP Maritime Security Services UCP GROUP ONE SOLUTION ONE PLATFORM ONE SECURITY SERVICE Maritime Security - Commercial Shipping Security - Cruise Liner Security - Super-Yacht Security Maritime Security Services UCP GROUP is a market

247 views • 22 slides
P P h h a a r r m m Pharmaceutical a a c c e e u u t t PACKAGE i i P P c

P P h h a a r r m m Pharmaceutical a a c c e e u u t t PACKAGE i i P P c

Tamper evidence or implement the FMD www.eltronis.com solution you can easily With our labeling only one label . accomplish both with Now you can serialization for your boxes ? mandated security requirements. Contact us for samples. P P

336 views • 4 slides
CASHWIZARD THE SMART SOLUTION SECURITY I N N O V A T I O N RELIABILITY 1 Who is AMSEC?

CASHWIZARD THE SMART SOLUTION SECURITY I N N O V A T I O N RELIABILITY 1 Who is AMSEC?

CASHWIZARD THE SMART SOLUTION SECURITY I N N O V A T I O N RELIABILITY 1 Who is AMSEC? American Security Products [AMSEC] located in worlds Fontana, California is the best known provider of security safes. For over 70+ years, we

814 views • 21 slides
19 FEM Convergence Requirements IFEM Ch 19 Slide 1 Introduction to FEM Convergence

19 FEM Convergence Requirements IFEM Ch 19 Slide 1 Introduction to FEM Convergence

Introduction to FEM 19 FEM Convergence Requirements IFEM Ch 19 Slide 1 Introduction to FEM Convergence Requirements for Finite Element Discretization Convergence: discrete (FEM) solution approaches the analytical (math model) solution

479 views • 17 slides
1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

Course Overview Course Requirements EECS 498-7/8 Cryptography and Network Security: www.citi.umich.edu/u/honey/security Principles and Practice (Third Edition) Computer Security Monday & Friday, 9:00 10:30 William Stallings

670 views • 19 slides
Security requirements Term Secuirty requirement A need or restriction from a user, a

Security requirements Term Secuirty requirement A need or restriction from a user, a

Security requirements Term Secuirty requirement A need or restriction from a user, a stakeholder or the environment related to the goal to improve the system security. Holistic security requirement engineering, Computers & Security

216 views • 17 slides
Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell |

Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell |

Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell | Hong Kong & Taiwan Agenda Session One 2016 Threat Report Update Session Two SonicWALL C APT URE Advanced Threat Protection Service

746 views • 63 slides
Protective Security Requirements A Risk Based Approach UNCLASSIFIED What is the PSR? .a

Protective Security Requirements A Risk Based Approach UNCLASSIFIED What is the PSR? .a

UNCLASSIFIED Protective Security Requirements A Risk Based Approach UNCLASSIFIED What is the PSR? .a new framework of New Zealand Protective Security Requirements which provides clear guidance and support for State sector departments

353 views • 17 slides
Declassification Options and Requirements Information Security Webinar Marc Brandsness

Declassification Options and Requirements Information Security Webinar Marc Brandsness

6/20/2013 Declassification Options and Requirements Information Security Webinar Marc Brandsness Security Asset Protection Professional Certification (SAPPC) Retired US Air Force-Security Forces with over 25 years of Law Enforcement

307 views • 15 slides
Retail Chain Integrated Security Solution V1.3 See Far , Go Further Contents 1 Requirement

Retail Chain Integrated Security Solution V1.3 See Far , Go Further Contents 1 Requirement

Retail Chain Integrated Security Solution V1.3 See Far , Go Further Contents 1 Requirement Analysis 2 System Architecture 3 Solution Introduction 4 Representative Cases Vertical Requirement - Current Situation Traditional retail industry

761 views • 61 slides
US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific,

US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific,

US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific, Technical and Industrial Directorate of Business Resilience Defence Security Security Protection The DTCT requires the Parties to provide an

387 views • 9 slides
ORC Chapter 420-3-26-.15 and 10 CFR Part 37 Changes to Physical Security Protection Requirements

ORC Chapter 420-3-26-.15 and 10 CFR Part 37 Changes to Physical Security Protection Requirements

ORC Chapter 420-3-26-.15 and 10 CFR Part 37 Changes to Physical Security Protection Requirements A Brief History of Security Measures - 11/14/05 - EA-05-090: NRC Order Imposing Increased Controls (IC). In Alabama the Orders were implemented by

498 views • 27 slides
Multicast Security: Towards a Standardized Solution Ran Canetti IBM Research In this talk:

Multicast Security: Towards a Standardized Solution Ran Canetti IBM Research In this talk:

Multicast Security: Towards a Standardized Solution Ran Canetti IBM Research In this talk: A taxonomy of multicast security issues Some outstanding algorithmic problems Work at the SMuG (IRTF): Some design principles

525 views • 23 slides
13 - Computer Security Hashing 1 Solution : hash

13 - Computer Security Hashing 1 Solution : hash

13 - Computer Security Hashing 1 Solution : hash function 0 1 n - h x 0 1 - h x is the hash/digest of x Context Goal - Represent large/sensitive message by a smaller one - Numerous

1.14k views • 68 slides
PROVIDING SECURE TRANSPORT SERVICES OUR SECURITY SOLUTION How it works: we have opted for the

PROVIDING SECURE TRANSPORT SERVICES OUR SECURITY SOLUTION How it works: we have opted for the

PROVIDING SECURE TRANSPORT SERVICES OUR SECURITY SOLUTION How it works: we have opted for the security system supplied by BRINKS SECURITY SERVICES, which in our view boasts the best performance of any system currently available on the market.

242 views • 6 slides
The Anti Burglar Trio Security Guard Kit is a home/offjce security solution designed to alert you

The Anti Burglar Trio Security Guard Kit is a home/offjce security solution designed to alert you

The Anti Burglar Trio Security Guard Kit is a home/offjce security solution designed to alert you in case of a burglary or presence of any person or pet. In Armed Mode setting, Q-Motion sends an alert whenever movement is detected and Q-Door sends

455 views • 11 slides
Security Challenges and Requirements for Industrial Control Systems in the Semiconductor

Security Challenges and Requirements for Industrial Control Systems in the Semiconductor

Security Challenges and Requirements for Industrial Control Systems in the Semiconductor Manufacturing Sector Malek Ben Salem Accenture Technology Labs NIST Workshop on Cyber-Security for Cyber-physical Devices April 23 rd , 2012 Outline

837 views • 37 slides
CS 557 - Lecture 22 DNS Security DNS Security Introduction and Requirements, RFC 4033, 2005 Fall

CS 557 - Lecture 22 DNS Security DNS Security Introduction and Requirements, RFC 4033, 2005 Fall

CS 557 - Lecture 22 DNS Security DNS Security Introduction and Requirements, RFC 4033, 2005 Fall 2013 The Domain Name System Virtually every application uses Root the Domain Name System (DNS). DNS database maps: edu mil ru Name to

923 views • 47 slides

More recommend