sensor security a kaleidoscopic view
play

Sensor Security: A Kaleidoscopic View Ren Struik (Certicom - PowerPoint PPT Presentation

Jul 30, 2023 •256 likes •992 views

July 2, 2009 RFIDSec 2009 Sensor Security: A Kaleidoscopic View Ren Struik (Certicom Research) E-mail: rstruik@certicom.com Certicom Corp. is a wholly owned subsidiary of Research in Motion, Ltd. Slide 1 Ren Struik (Certicom Research)

  1. July 2, 2009 RFIDSec 2009 Sensor Security: A Kaleidoscopic View René Struik (Certicom Research) E-mail: rstruik@certicom.com Certicom Corp. is a wholly owned subsidiary of Research in Motion, Ltd. Slide 1 René Struik (Certicom Research)

  2. July 2, 2009 RFIDSec 2009 Wheeling-Pittsburg Steel Corporation Photo courtesy Dust Networks Slide 2 René Struik (Certicom Research) 2

  3. July 2, 2009 RFIDSec 2009 The Promise of Wireless The Promise of Wireless The Economist, April 28, 2007 Slide 3 René Struik (Certicom Research) 3

  4. July 2, 2009 RFIDSec 2009 A Note on Security and Ease of Use This document is provided strictly for the purpose of gathering information leading to the development of an ISA standard, recommended practice or technical report. Copies may be reproduced and distributed, in whole or in part, but only for the following purposes: • Review of and comment on the ISA-SP100 draft proposal • Submission to the ISA-SP100 Committee • Informing and educating others about the ISA-SP100 draft standard development process. Slide 4 René Struik (Certicom Research)

  5. July 2, 2009 RFIDSec 2009 Security and Ease of Use “Computer users have been taught for years that computer security systems can’t be effective unless they are complex and difficult to use. In reality, this conventional wisdom is completely wrong.” ⎯ Lorrie Faith Cranor, Carnegie Mellon University Security technology can make trust lifecycle management intuitive and hidden from the user. Source: D. Balfanz, G. Durfee, R.E. Grinter, D.K. Smetters, P. Stewart, “Network-in-a-Box: How to Set Up a Secure Wireless Network in under a Minute,” in Proceedings of the 13 th USENIX Security Symposium , August 9-13, 2004. Slide 5 René Struik (Certicom Research)

  6. July 2, 2009 RFIDSec 2009 Ease of Configuration and Reconfiguration Ease of configuration: - Merging of networks - Partitioning of networks - Device portability and orphaning - Hand-over of control (remote, backup) Slide 6 René Struik (Certicom Research)

  7. July 2, 2009 RFIDSec 2009 Security and Ease of Use – Bridging the Gap Challenge: Bridge the gap between state-of-the-art security that is known and security that is actually being used. Education gap . Conventional wisdom is that “computer security systems can’t be effective unless they are complex and difficult to use”. While this may once have been true, the security profession has witnessed dramatic insights over the last ten years, which has not all been embraced yet by the field. Perception gap. Conventional wisdom is that security technologies are too expensive to implement with sensor and control networks, due to energy constraints, computational and storage constraints. Anno 2008, this perception is challenged for all but the most mundane devices. Examples: e.g., Bluetooth v2.1, ZigBee Smart Metering, and RFID e-Passport. Affordability gap . Conventional wisdom is that the licensing cost of security technologies may present a hurdle. Licensing models, such as those used with the consumer electronics industry, may have some merit for ubiquitous computing as well, since both are concerned with mass-scale deployment of networked devices ("the internet of things") and enforcement of compliance. Examples: ZigBee Smart Energy licensing model for public-key technology; flexible business models for deployment tailored to best fit requirements of various players in the supply chain (i.e., can be moved to most suitable point, so as to promote wide-scale adoption). Slide 7 René Struik (Certicom Research)

  8. July 2, 2009 RFIDSec 2009 Devices and Device Ids This document is provided strictly for the purpose of gathering information leading to the development of an ISA standard, recommended practice or technical report. Copies may be reproduced and distributed, in whole or in part, but only for the following purposes: • Review of and comment on the ISA-SP100 draft proposal • Submission to the ISA-SP100 Committee • Informing and educating others about the ISA-SP100 draft standard development process. Slide 8 René Struik (Certicom Research)

  9. July 2, 2009 RFIDSec 2009 Gateway “Tunnel” Router Edge Node APP APP Transport Transport Network Network Network Network Network Data Link Data Link Data Link Data Link Data Link* TCP /IP PHY* PHY* PHY PHY PHY Source: Networking-Transport Diagrams ISA SP100.11a (Jay Werb, March 1, 2007).ppt Slide 9 René Struik (Certicom Research)

  10. July 2, 2009 RFIDSec 2009 Full stack device, including per-layer and shared parameters Device Address translation table Device- APP APP wide APP address functions parameters parameters Dynamically assigned; Trans address can be changed Transport Transport at will DLL address functions parameters short MAC add Handed out MAC address Network Network by IEEE-RAC; functions parameters = static throughout DeviceID DeviceID lifecycle (no cloning, copying, etc.) Data Link Keying material Data Link parameters functions Trusted module includes Security all security processing and policies secure and authentic storage of all keying material of the PHY PHY Security protocols device, as well as policies functions parameters AES RNG ECC potential shared functions communication layer-specific Slide 10 René Struik (Certicom Research) implementation and parameters stack parameters

  11. July 2, 2009 RFIDSec 2009 Full stack device, including per-layer and shared parameters Device Address translation table Device- APP APP wide APP address functions parameters parameters Dynamically assigned; Trans address can be changed Transport Transport at will DLL address functions parameters short MAC add Handed out MAC address Network Network by IEEE-RAC; functions parameters = static throughout DeviceID DeviceID lifecycle (no cloning, copying, etc.) Data Link Keying material Data Link parameters functions Security policies PHY PHY Trust binding Security protocols functions parameters AES RNG ECC potential shared functions communication layer-specific Slide 11 René Struik (Certicom Research) implementation and parameters stack parameters

  12. July 2, 2009 RFIDSec 2009 Full stack device, including 802.15.4-2006 transceiver Device Address translation table Device- APP APP wide APP address functions parameters parameters Dynamically assigned; Trans address can be changed Transport Transport at will DLL address functions parameters short MAC add Handed out MAC address Network Network by IEEE-RAC; functions parameters = static throughout DeviceID DeviceID lifecycle (no cloning, copying, etc.) Data Link Keying material Data Link parameters functions Security policies PHY PHY Security protocols functions parameters AES RNG ECC potential shared functions communication layer-specific Slide 12 René Struik (Certicom Research) implementation and parameters stack parameters

  13. July 2, 2009 RFIDSec 2009 “Lower”-stack device, including 802.15.4-2006 transceiver Device Address translation table Device- wide parameters Dynamically assigned; can be changed at will DLL address short MAC add Handed out MAC address Network Network by IEEE-RAC; functions parameters = static throughout DeviceID DeviceID lifecycle (no cloning, copying, etc.) Data Link Keying material Data Link parameters functions Security policies PHY PHY Security protocols functions parameters AES RNG ECC potential shared functions communication layer-specific Slide 13 René Struik (Certicom Research) implementation and parameters stack parameters

  14. July 2, 2009 RFIDSec 2009 “Lower”-stack device, with just 802.15.4-2006 transceiver Device Address translation table Device- wide parameters Dynamically assigned; can be changed at will short MAC add Handed out MAC address by IEEE-RAC; = static throughout DeviceID DeviceID lifecycle (no cloning, copying, etc.) MAC Keying material MAC parameters functions Security policies PHY PHY Security protocols functions parameters AES RNG ECC potential shared functions communication layer-specific Slide 14 René Struik (Certicom Research) implementation and parameters stack parameters

  15. July 2, 2009 RFIDSec 2009 “Lower”-stack device, with just 802.15.4-2006 transceiver Device Address translation table Device- wide parameters Dynamically assigned; can be changed at will short MAC add Handed out MAC address by IEEE-RAC; = static throughout DeviceID DeviceID lifecycle (no cloning, copying, etc.) MAC Keying material MAC parameters functions Security policies PHY PHY Trust binding at Security protocols functions parameters manufacturing AES RNG ECC potential shared functions communication layer-specific Slide 15 René Struik (Certicom Research) implementation and parameters stack parameters

Recommend

Security in Wireless Sensor Networks Introduction A Wireless Sensor Network is a network made of

Security in Wireless Sensor Networks Introduction A Wireless Sensor Network is a network made of

Security in Wireless Sensor Networks Introduction A Wireless Sensor Network is a network made of many small devices consisting of a battery, radio communications, microcontroller, and sensors. Sensor nodes Task manager Gateway node 2

934 views • 44 slides
A critical look at sensor network security A personal odyssey Naveen Sastry (nks@cs.berkeley.edu)

A critical look at sensor network security A personal odyssey Naveen Sastry (nks@cs.berkeley.edu)

A critical look at sensor network security A personal odyssey Naveen Sastry (nks@cs.berkeley.edu) November 17, 2005 Outline 1. Claim: conventional wisdom 2. Counter-claim: my view 3. Tools 4. Design example 5. The real worry 6. Recap &

580 views • 23 slides
Likelihood Functions The likelihood function answers the question: What does the sensor tell about

Likelihood Functions The likelihood function answers the question: What does the sensor tell about

ambiguous sensor data ( P D < 1 , F > 0 ) k } n k n k + 1 possible interpretations of the sensor data Z k = { z j j =1 ! E 0 : the object was not detected; n k false data in the Field of View ( FoV ) E j , j = 1 , . . . , n k :

866 views • 68 slides
Wireless Ad Hoc & Sensor Networks Wireless Ad Hoc & Sensor Networks Introduction -

Wireless Ad Hoc & Sensor Networks Wireless Ad Hoc & Sensor Networks Introduction -

Outline Wireless Ad Hoc & Sensor Networks Wireless Ad Hoc & Sensor Networks Introduction - Security Security challenges in Ad Hoc Networks y g Threats and Attacks Security Solutions Security Solutions

668 views • 15 slides
CSE 154 LECTURE 25: WEB SECURITY Our current view of security until now, we have assumed:

CSE 154 LECTURE 25: WEB SECURITY Our current view of security until now, we have assumed:

CSE 154 LECTURE 25: WEB SECURITY Our current view of security until now, we have assumed: valid user input non-malicious users nothing will ever go wrong this is unrealistic! The real world in order to write secure code,

445 views • 18 slides
CSc 337 LECTURE 24: SECURITY Our current view of security until now, we have assumed:

CSc 337 LECTURE 24: SECURITY Our current view of security until now, we have assumed:

CSc 337 LECTURE 24: SECURITY Our current view of security until now, we have assumed: valid user input non-malicious users nothing will ever go wrong this is unrealistic! The real world in order to write secure code, we

211 views • 18 slides
CSE 154 LECTURE 26: WEB SECURITY Our current view of security until now, we have assumed:

CSE 154 LECTURE 26: WEB SECURITY Our current view of security until now, we have assumed:

CSE 154 LECTURE 26: WEB SECURITY Our current view of security until now, we have assumed: valid user input non-malicious users nothing will ever go wrong this is unrealistic! The real world in order to write secure code,

210 views • 18 slides
Introduction Out Outline e Imagine an Ad-hoc network Introduction Security techniques

Introduction Out Outline e Imagine an Ad-hoc network Introduction Security techniques

Wireless Ad Hoc and Sensor Networks Outline Out e - Trust and Soft Security Introduction Security techniques Trust and reputation systems Generic Trust and Reputation Model Scheme Proposed models for ad hoc and sensor

161 views • 12 slides
S ns r N t Sensor Network Security rk S curit 3/2/2017 Sensor Network Security (Simon S. Lam)

S ns r N t Sensor Network Security rk S curit 3/2/2017 Sensor Network Security (Simon S. Lam)

3/2/2017 S ns r N t Sensor Network Security rk S curit 3/2/2017 Sensor Network Security (Simon S. Lam) 1 1 3/2/2017 R. Blom, An optimal class of symmetric key generation systems, R. Blom, An optimal class of symmetric key generation

445 views • 12 slides
+ = Autonomous Sensing Board SENSOR Computer NODE FOSAD'09 2 Components of the sensor node

+ = Autonomous Sensing Board SENSOR Computer NODE FOSAD'09 2 Components of the sensor node

WSN Security Javier Lopez Computer Science Department University of Malaga Spain Sensor node FOSAD'09 1 Real World Computer SENSE Computer World Real World FOSAD'09 Sensor nodes + = Autonomous Sensing Board SENSOR Computer

1.1k views • 55 slides
A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security

A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security

A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security Introducing Spring Security View layer security Whats coming in Spring Security 3 E-mail: craig@habuma.com Blog: http://www.springloaded.info

452 views • 19 slides
Security Policy Reconfiguration Solutions in Wireless Sensor Networks UZH 655/678 Seminar:

Security Policy Reconfiguration Solutions in Wireless Sensor Networks UZH 655/678 Seminar:

University Division/Office Security Policy Reconfiguration Solutions in Wireless Sensor Networks UZH 655/678 Seminar: Internet Economics - Prof. Dr. Burkhard Stiller By Sanjiv Jha, Raphael Ochsenbein & Anastasia Ruvimova Supervisor: Dr.

830 views • 33 slides
embedded security October 2015 The Old Model (simplified view) Embedded Security Benedikt

embedded security October 2015 The Old Model (simplified view) Embedded Security Benedikt

embedded security October 2015 The Old Model (simplified view) Embedded Security Benedikt Gierlichs KU Leuven, COSIC IACR Summer school 2015 Chia Laguna, Italy Attack on channel between communicating parties Encryption and

412 views • 6 slides
ZIPATILE SMART HOME ASSISTANT Security Thermostat Intercom Automation External Temp. Speaker

ZIPATILE SMART HOME ASSISTANT Security Thermostat Intercom Automation External Temp. Speaker

ZIPATILE SMART HOME ASSISTANT Security Thermostat Intercom Automation External Temp. Speaker IP Camera Shock Sensor Sensor ZIPATILE Alarm Siren Noise Sensor A L L I N O N E ZipaTile is the complete home control system in a form of

208 views • 18 slides
Security in My Rear-View Mirror Marcus J. Ranum works for Tenable Network Security, Inc.

Security in My Rear-View Mirror Marcus J. Ranum works for Tenable Network Security, Inc.

Security in My Rear-View Mirror Marcus J. Ranum works for Tenable Network Security, Inc. Trajectory Optimism We can do this! Firewalls Browser active content Cloud Malware Cloud 1989 1997 2008 IoT Current Trends Management:

605 views • 44 slides
vil : Dri Drift ft with th De Devi Security of Multi-Sensor Fusion based Localization in

vil : Dri Drift ft with th De Devi Security of Multi-Sensor Fusion based Localization in

vil : Dri Drift ft with th De Devi Security of Multi-Sensor Fusion based Localization in High-Level Autonomous Driving under GPS Spoofing Junjie Shen , Jun Yeon Won, Zeyuan Chen, Qi Alfred Chen ASGuard A utonomous S ystem Gu Guard

394 views • 20 slides
Outline Sensor manager vs. sensor scheduler Information based sensor management GMU SMS

Outline Sensor manager vs. sensor scheduler Information based sensor management GMU SMS

Information Based Sensor 5/22/2006 Management Information Based Sensor Management Ken Hintz Department of Electrical and Computer Engineering Center of Excellence in C 4 I Control/Tracking # 000000000 Item or Rev # 00000 Copy # 0000

333 views • 12 slides
Security in Sensor Networks Written by: Prof. Srdjan Capkun & Others Presented By :

Security in Sensor Networks Written by: Prof. Srdjan Capkun & Others Presented By :

Security in Sensor Networks Written by: Prof. Srdjan Capkun & Others Presented By : Siddharth Malhotra Mentor: Roland Flury Mobile Ad-hoc Networks (MANET) Mobile Random and perhaps constantly changing Ad-hoc Not engineered

1.11k views • 52 slides
Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor

Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor

Computer Aided Security: Cryptographic Primitives, Voting protocols, and Wireless Sensor Networks Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor Networks Pascal Lafourcade November 6, 2012

624 views • 44 slides
Visualizing Network Security Policy with NP-View CREDC Presentation - Friday September 30, 2016 -

Visualizing Network Security Policy with NP-View CREDC Presentation - Friday September 30, 2016 -

Visualizing Network Security Policy with NP-View CREDC Presentation - Friday September 30, 2016 - Robin Berthier (rgb@illinois.edu) History APT NetAPT NP-View PhD thesis project by Sankalp Singh, started in 2006 Automatic Verification

491 views • 16 slides
Information Security Management and ISO 27000 certification: the .SE view Anne-Marie Eklund

Information Security Management and ISO 27000 certification: the .SE view Anne-Marie Eklund

Information Security Management and ISO 27000 certification: the .SE view Anne-Marie Eklund Lwinder Security Manager .SE amel@iis.se @amelsec Agenda About .SE Risk and Information Security Management in a ccTLD. ISO 27001,

754 views • 37 slides
A NEW HOD BASED INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORK IK2206: Internet Security

A NEW HOD BASED INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORK IK2206: Internet Security

A NEW HOD BASED INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORK IK2206: Internet Security and Privacy Sumanta Saha Md. Safiqul Islam Md. Sakhawat Hossen W IRELESS A D H OC N ETWORK Wireless ad hoc networks are autonomous nodes that

372 views • 15 slides
Why open source firmware is important Jessie Frazelle - @jessfraz Points of View 1. Security

Why open source firmware is important Jessie Frazelle - @jessfraz Points of View 1. Security

Why open source firmware is important Jessie Frazelle - @jessfraz Points of View 1. Security 2. Usability 3. Visibility First Point of View: Security... Software Software Operating System Kernel Firmware Hardware Software Software

783 views • 62 slides
Localization in Sensor Networks I Localization in Sensor Networks I Jie Gao Jie Gao Computer

Localization in Sensor Networks I Localization in Sensor Networks I Jie Gao Jie Gao Computer

Localization in Sensor Networks I Localization in Sensor Networks I Jie Gao Jie Gao Computer Science Department Stony Brook University Find where the sensor is Find where the sensor is Location information is important. 1.

846 views • 50 slides

More recommend