19. September 2014 www.know-center.at Security Concepts for a Distributed Architecture for Activity Logging and Analysis DI Alfred Wertner Ubiquitous Personal Computing © Know-Center 2014 gefördert durch das Kompetenzzentrenprogramm Overview Activity Logging and Analysis Use case Privacy concerns Focus here: prevent unauthorised access System Architecture Security analysis Assets Vulnerabilities Attackers Threats Security concepts 2 © Know-Center 2014 Activity Logging and Analysis From data to activity 3 © Know-Center 2014 Activity Logging and Analysis Use Case: Support Time Management Help people to reflect on time management issues Detect „Types of Activity“ E.g. Application Use, Travelling, Communicating, Reading, Writing Trigger reflection Show history of activities Reflection diary 4 © Know-Center 2014 Activity Logging and Analysis Privacy Concerns Data is highly sensitive Need Privacy-Respecting Systems Privacy-Respecting Systems Protect user identity Control what kind of data is collected Control data collection Protect against unauthorised access 5 © Know-Center 2014 Activity Logging and Analysis Privacy Concerns Data is highly sensitive Need Privacy-Respecting Systems Privacy-Respecting Systems Protect user identity Control what kind of data is collected Control data collection Protect against unauthorised access 6 © Know-Center 2014 System Architecture Sensors Log data From Hardware Sensors E.g. accelerometer By itself E.g. logging foreground windows Send data to Sensor Hub 7 © Know-Center 2014 System Architecture Sensors Sensor Hub Sensor configuration Local data storage Data transmission to server 8 © Know-Center 2014 System Architecture Sensors Sensor Hub Server Receives data from Sensor Hub, Client Services and Applications Stores data Answers requests from Client Services and Applications 9 © Know-Center 2014 System Architecture Sensors Sensor Hub Server Client Services and Applications Access/Modify data on the server 10 © Know-Center 2014 Security Analysis Asset = Data Vulnerabilities Physical access Logical access Physical access Log into or steal device Network cable infrastructure Logical access Installation of Malware 11 © Know-Center 2014 Security Analysis Asset = Data Vulnerabilities Physical access Logical access Physical access Log into or steal device Network cable infrastructure Logical access Installation of Malware Who will be attackers with a strong motivation? 12 © Know-Center 2014 Security Analysis - Attackers 13 © Know-Center 2014 Security Analysis - Attackers 14 © Know-Center 2014 Security Analysis - Threats High Risk Threats By Management Physical access of victim‘s device Read/Modify logged data 15 © Know-Center 2014 Security Analysis - Threats High Risk Threats By Management Physical access of victim‘s device Read/Modify logged data By Management + Sys. Admin. Physical access of victim‘s device and server Read/Modify logged data 16 © Know-Center 2014 Security Analysis - Threats High risk Medium risk By Management + Sys. Admin. Intercept network communication More effort to implement Limited to information sent 17 © Know-Center 2014 Security Analysis - Threats High risk Medium risk By Management + Sys. Admin. Intercept network communication More effort to implement Limited to information sent By Management + Sys. Admin. Intercept communication between sensors and hub More effort to implement 18 © Know-Center 2014 Security Analysis - Threats High risk Medium risk Low risk By Cyber Criminal Malware reads logged data 19 © Know-Center 2014 Security Concepts – Data Collection I Hub encrypts data prior storing Using a stream cipher Initialisation with server‘s public key Pro‘s Protects against unauthorised reads Need only one key pair Private key resides on the server Con‘s User can not edit data locally No protection against Malware 20 © Know-Center 2014 Security Concepts – Data Collection II Encrypted storage of data Use stream cipher Initialisation with user‘s public key Pro‘s Protects against unauthorised reads User can edit data locally Con‘s Security depends on password strength of user‘s private key No protection against Malware 21 © Know-Center 2014 Security Concepts – Communication Encrypted data communication Standard HTTPS Data Collection I Authentication at server Authentication of Sensor Hub On start up Prior to sending data 22 © Know-Center 2014 Security Concepts – Server I Encrypted storage of data Trusted Platform Module Pro‘s High security Protection against unauthorised reads + Malware No user interaction for data decryption necessary Con‘s Relatively new technology Harder to implement 23 © Know-Center 2014 Security Concepts – Server II Encrypted storage of data Pro‘s Easier to implement Con‘s User interaction required on server start up No Malware protection 24 © Know-Center 2014