19. September 2014
www.know-center.at
Security Concepts for a
Distributed Architecture for
Activity Logging and
Analysis
DI Alfred Wertner
Ubiquitous Personal Computing
© Know-Center 2014
gefördert durch das Kompetenzzentrenprogramm
Overview
 Activity Logging and Analysis
 Use case
 Privacy concerns
 Focus here: prevent unauthorised access
 System Architecture
 Security analysis




Assets
Vulnerabilities
Attackers
Threats
 Security concepts
2
© Know-Center 2014
Activity Logging and Analysis
 From data to activity
3
© Know-Center 2014
Activity Logging and Analysis
 Use Case: Support Time Management
 Help people to reflect on time management issues
 Detect „Types of Activity“
 E.g. Application Use, Travelling, Communicating,
Reading, Writing
 Trigger reflection
 Show history of activities
 Reflection diary
4
© Know-Center 2014
Activity Logging and Analysis
 Privacy Concerns
 Data is highly sensitive
 Need Privacy-Respecting Systems
 Privacy-Respecting Systems
 Protect user identity
 Control what kind of data is collected
 Control data collection
 Protect against unauthorised access
5
© Know-Center 2014
Activity Logging and Analysis
 Privacy Concerns
 Data is highly sensitive
 Need Privacy-Respecting Systems
 Privacy-Respecting Systems
 Protect user identity
 Control what kind of data is collected
 Control data collection
 Protect against unauthorised access
6
© Know-Center 2014
System Architecture
 Sensors
 Log data
 From Hardware Sensors
 E.g. accelerometer
 By itself
 E.g. logging foreground
windows
 Send data to Sensor Hub
7
© Know-Center 2014
System Architecture
 Sensors
 Sensor Hub
 Sensor configuration
 Local data storage
 Data transmission to server
8
© Know-Center 2014
System Architecture
 Sensors
 Sensor Hub
 Server
 Receives data from Sensor
Hub, Client Services and
Applications
 Stores data
 Answers requests from Client
Services and Applications
9
© Know-Center 2014
System Architecture
 Sensors
 Sensor Hub
 Server
 Client Services and
Applications
 Access/Modify data on the
server
10
© Know-Center 2014
Security Analysis
 Asset = Data
 Vulnerabilities
 Physical access
 Logical access
 Physical access
 Log into or steal device
 Network cable infrastructure
 Logical access
 Installation of Malware
11
© Know-Center 2014
Security Analysis
 Asset = Data
 Vulnerabilities
 Physical access
 Logical access
 Physical access
 Log into or steal device
 Network cable infrastructure
 Logical access
 Installation of Malware
Who will be attackers with a strong motivation?
12
© Know-Center 2014
Security Analysis - Attackers
13
© Know-Center 2014
Security Analysis - Attackers
14
© Know-Center 2014
Security Analysis - Threats
High Risk Threats
 By Management
 Physical access of victim‘s device
 Read/Modify logged data
15
© Know-Center 2014
Security Analysis - Threats
High Risk Threats
 By Management
 Physical access of victim‘s device
 Read/Modify logged data
 By Management + Sys. Admin.
 Physical access of victim‘s device
and server
 Read/Modify logged data
16
© Know-Center 2014
Security Analysis - Threats
High risk
Medium risk
 By Management + Sys. Admin.
 Intercept network communication
 More effort to implement
 Limited to information sent
17
© Know-Center 2014
Security Analysis - Threats
High risk
Medium risk
 By Management + Sys. Admin.
 Intercept network communication
 More effort to implement
 Limited to information sent
 By Management + Sys. Admin.
 Intercept communication between
sensors and hub
 More effort to implement
18
© Know-Center 2014
Security Analysis - Threats
High risk
Medium risk
Low risk
 By Cyber Criminal
 Malware reads logged data
19
© Know-Center 2014
Security Concepts – Data Collection I
 Hub encrypts data prior storing
 Using a stream cipher
 Initialisation with server‘s
public key
 Pro‘s
 Protects against unauthorised
reads
 Need only one key pair
 Private key resides on the
server
 Con‘s
 User can not edit data locally
 No protection against
Malware
20
© Know-Center 2014
Security Concepts – Data Collection II
 Encrypted storage of data
 Use stream cipher
 Initialisation with user‘s
public key
 Pro‘s
 Protects against unauthorised
reads
 User can edit data locally
 Con‘s
 Security depends on
password strength of user‘s
private key
 No protection against
Malware
21
© Know-Center 2014
Security Concepts – Communication
 Encrypted data communication
 Standard HTTPS
 Data Collection I
 Authentication at server
 Authentication of Sensor Hub
 On start up
 Prior to sending data
22
© Know-Center 2014
Security Concepts – Server I
 Encrypted storage of data
 Trusted Platform Module
 Pro‘s
 High security
 Protection against
unauthorised reads +
Malware
 No user interaction for data
decryption necessary
 Con‘s
 Relatively new technology
 Harder to implement
23
© Know-Center 2014
Security Concepts – Server II
 Encrypted storage of data
 Pro‘s
 Easier to implement
 Con‘s
 User interaction required on
server start up
 No Malware protection
24
© Know-Center 2014