Erosione della privacy nellera dellUbiquitous Computing Prof. Luigi V. Mancini Dipartimento di Informatica Università di Roma La Sapienza Via Salaria Roma Tel Title

Oggi Wireless Network: Today and Tomorrow MEMS and Nanotechnology bring: new dimensions to wireless security new threats to privacy Wireless Sensor Network: Smart Dust

Accomplish an increasing number of personal transactions using portable devices; Anywhere: every physical objects infused with computational and communication capabilities; Trasparency: technology is invisible to the human user. Web presence. Ubiquitous computing

The purpose of computer is to help you The best computer is a quiet, invisible servant Augmented reality not virtual reality Example: kitchen cabinet + contents tracking Ubiquitous computing: Principles

Applications of Interest Business: Domotica Micropayments Tracking of mobile assets and goods

Applications of Interest Health : monitoring, micro-dose drug release;

Applications of Interest: Law Enforcement Research for Secure Europe: 1 billion euro per year Protecting against terrorism; Tracking the movement of threatening substances and persons; Safe driving.

Detection of NBC agents; Tactical communications (e.g. squad coordination); Unattended surveillance (e.g. sealing); Military Applications

A Wireless Sensor Networks (WSN) is a collection of sensors not relying on a fixed infrastructure to keep the network connected; A WSN can be formed, merged or partitioned on the fly; Sensors can be Mobile. Wireless Sensor Networks

WSN Points of Strength - completely distributed architecture; - virtually no single point of failure; - handled/wearable/dust devices; - peer to peer interactions; - highly redundant; - easily deployable; - low cost device.

Design to be invisible and ubiquitous Automatic user recognition and tracking Peer-to peer paradigm Data-mining Privacy issues

Digital video surveillance Automatic user recognition and tracking

Per accedere ai servizi bisogna condividere le risorse personali con altri senza averne il controllo dei contenuti (come Cookies). Esempio: segnalazione ad una stazione broadcast di eventi di congestione del traffico Peer-to-peer paradigm

Estende le capacità di controllo Accellera il processo di analisi ed inferenza dei dati Data mining

Wireless Vs. Wired: physical eavesdropping is almost undetectable; Very critical the scalability of the solutions Resource constrained – battery constrained; – low processing power; – small amount of RAM; – limited communication range. Ubiquitous Computing: Challenge

Garantire sicurezza e privacy con lubiquitous computing presenta grandi sfide Attività che normalmente non lasciano traccia grazie alle nuove tecnologie potranno essere analizzate e correlate.

Come garantire la Privacy? Utilizzo di Identificatori Anonimi ridondanti come concetto fondante della infrastruttura di rete; I gestori della rete non hanno la possibilità di associare lID anonimo allutente; Lutente puo divulgare la propria identità se lo richiede; UnAutorità indipendente possiede lassociazione fra utente reale ed i suoi ID anonimi.

Esempio Per i micropagamenti (un biglietto dellautobus) e sufficiente autenticarsi con un Identificatore Anonimo non riconducibile allutente reale; Per transazioni importanti (e-banking) lutente deve autenticarsi rivelando la propria identità reale al solo fornitore del servizio; Non e necessario che il gestore della rete conosca lidentità dellutente reale che effettua la transazione;

Security Objective: Achieving Confidentiality Naïve solution: provides each sensor with N-1 keys, where N is the number of ALL sensors in the wireless network. Problems: - N must be known in advance; - Storing O(N) keys. Solution does not scale!

Achieving Confidentiality Statically assign to each sensor k keys randomly chosen from a pool of P random keys; if a key belong to both the key- ring of a and b use that key to encrypt the channel. Key discovery phase: Both nodes broadcasts k challenges, one per key, so that the other node can understand which keys are shared.

Achieving Confidentiality IDEA: Random pre-deployment of Keys: - Given a fixed pool P of pseudo-random keys; - Assign to each of the sensor k keys from the pool P. What is the probability that any two sensors share at least one key?

New Key Connectivity Result A WSN of N, key ring size k>2 and pool size N/logN is connected with high probability. Per esempio: Nodi= 10000, chiavi=4, pool size= 1100, range 33m, area 1 km 2

Esempio A WSN of size N=200, ring size k=4, range=0.2 Pool=50 Pool=100

Considerazioni Conclusive -Nella veglia o nel sonno, al lavoro o a tavola, in casa o fuori, a letto o in bagno, non cera scampo. Nulla vi apparteneva, se non quei pochi centimetri cubi che avevate dentro il cranio. George Orwell, Nuove norme che regolino lambiente virtuale globale poichè la privacy dellutente sarà molto più esposta di oggi.

References Roberto Di Pietro, Luigi V. Mancini. Security and Privacy Issues of Handheld and Werable Wireless Devices. Communication of the ACM, Vol 46, No 9, Sept Roberto Di Pietro, L.V. Mancini, and S. Jajodia. Providing secrecy in key management protocols for large wireless sensors networks. Journal of AdHoc Networks (Elsevier), vol. 1(4), pages , November Roberto Di Pietro, Alessandro Mei, and L.V. Mancini. Random Key Assignment for Secure Wireless Sensor Networks. In Proceedings of the ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '03). Fairfax-VA, USA, October 2003.

Further QUESTIONS ?