gefördert durch das Kompetenzzentrenprogramm

DI Alfred Wertner

19. September 2014

Ubiquitous Personal Computing© Know-Center 2014

www.know-center.at

Security Concepts for a Distributed Architecture for Activity Logging and Analysis

© Know-Center 2014

2

Overview

Activity Logging and Analysis

Use case

Privacy concerns

Focus here: prevent unauthorised access

System Architecture

Security analysis

Assets Vulnerabilities Attackers Threats

Security concepts

© Know-Center 2014

3

Activity Logging and Analysis

From data to activity

© Know-Center 2014

4

Activity Logging and Analysis

Use Case: Support Time Management

Help people to reflect on time management issues

Detect „Types of Activity“

E.g. Application Use, Travelling, Communicating, Reading, Writing

Trigger reflection

Show history of activities Reflection diary

© Know-Center 2014

5

Activity Logging and Analysis

Privacy Concerns

Data is highly sensitive

Need Privacy-Respecting Systems

Privacy-Respecting Systems

Protect user identity

Control what kind of data is collected

Control data collection

Protect against unauthorised access

© Know-Center 2014

6

Activity Logging and Analysis

Privacy Concerns

Data is highly sensitive

Need Privacy-Respecting Systems

Privacy-Respecting Systems

Protect user identity

Control what kind of data is collected

Control data collection

Protect against unauthorised access

© Know-Center 2014

7

System Architecture

Sensors

Log data

From Hardware Sensors E.g. accelerometer

By itself E.g. logging foreground

windows

Send data to Sensor Hub

© Know-Center 2014

8

System Architecture

Sensors

Sensor Hub

Sensor configuration

Local data storage

Data transmission to server

© Know-Center 2014

9

System Architecture

Sensors

Sensor Hub

Server

Receives data from Sensor Hub, Client Services and Applications

Stores data

Answers requests from Client Services and Applications

© Know-Center 2014

10

System Architecture

Sensors

Sensor Hub

Server

Client Services and Applications

Access/Modify data on the server

© Know-Center 2014

11

Security Analysis

Asset = Data

Vulnerabilities

Physical access

Logical access

Physical access

Log into or steal device

Network cable infrastructure

Logical access

Installation of Malware

© Know-Center 2014

12

Security Analysis

Asset = Data

Vulnerabilities

Physical access

Logical access

Physical access

Log into or steal device

Network cable infrastructure

Logical access

Installation of Malware

Who will be attackers with a strong motivation?

© Know-Center 2014

13

Security Analysis - Attackers

© Know-Center 2014

14

Security Analysis - Attackers

© Know-Center 2014

15

Security Analysis - Threats

High Risk Threats

By Management

Physical access of victim‘s device

Read/Modify logged data

© Know-Center 2014

16

Security Analysis - Threats

High Risk Threats

By Management

Physical access of victim‘s device

Read/Modify logged data

By Management + Sys. Admin.

Physical access of victim‘s device and server

Read/Modify logged data

© Know-Center 2014

17

Security Analysis - Threats

High risk

Medium risk

By Management + Sys. Admin.

Intercept network communication

More effort to implement

Limited to information sent

© Know-Center 2014

18

Security Analysis - Threats

High risk

Medium risk

By Management + Sys. Admin.

Intercept network communication

More effort to implement

Limited to information sent

By Management + Sys. Admin.

Intercept communication between sensors and hub

More effort to implement

© Know-Center 2014

19

Security Analysis - Threats

High risk

Medium risk

Low risk

By Cyber Criminal

Malware reads logged data

© Know-Center 2014

20

Security Concepts – Data Collection I

Hub encrypts data prior storing

Using a stream cipher

Initialisation with server‘s public key

Pro‘s

Protects against unauthorised reads

Need only one key pair

Private key resides on the server

Con‘s

User can not edit data locally

No protection against Malware

© Know-Center 2014

21

Security Concepts – Data Collection II

Encrypted storage of data

Use stream cipher

Initialisation with user‘s public key

Pro‘s

Protects against unauthorised reads

User can edit data locally

Con‘s

Security depends on password strength of user‘s private key

No protection against Malware

© Know-Center 2014

22

Security Concepts – Communication

Encrypted data communication

Standard HTTPS

Data Collection I

Authentication at server

Authentication of Sensor Hub

On start up

Prior to sending data

© Know-Center 2014

23

Security Concepts – Server I

Encrypted storage of data

Trusted Platform Module

Pro‘s

High security

Protection against unauthorised reads + Malware

No user interaction for data decryption necessary

Con‘s

Relatively new technology

Harder to implement

© Know-Center 2014

24

Security Concepts – Server II

Encrypted storage of data

Pro‘s

Easier to implement

Con‘s

User interaction required on server start up

No Malware protection