ndn bms security requirements and solution
play

NDN-BMS Security: Requirements and Solution Wentao Shang (UCLA) - PowerPoint PPT Presentation

Oct 23, 2023 •271 likes •393 views

NDN-BMS Security: Requirements and Solution Wentao Shang (UCLA) Application scenario NDN-BMS collects sensor data from UCLA campus and publishes the data into an NDN repo Multiple users have access to the data Different users have

  1. NDN-BMS Security: Requirements and Solution Wentao Shang (UCLA)

  2. Application scenario • NDN-BMS collects sensor data from UCLA campus and publishes the data into an NDN repo • Multiple users have access to the data • Different users have different access privileges

  3. Security requirements • Authenticity & Integrity: each data packet is verifiable • Confidentiality: only authorized user can access BMS data • Scalability: security mechanism need to scale to a large number of users

  4. Current solution • Authenticity & Integrity: • Every data packet is signed by the data publisher (a gateway connected to sensors) • Gateway’s public key is certified by some higher- level authority (e.g., building manager), which is certified by the top manager (using the root key) • Every entity in the system trusts the root key

  5. Current solution • Confidentiality: encryption-based access control • All BMS data is encrypted with a symmetric key • Users gain access to the data by acquiring the encryption key

  6. Encryption key distribution • Users are identified by their public keys • The data encryption key (DEK) is encrypted by the authorized user’ public key and published as normal NDN data • DEK is updated periodically, or whenever a user changes privilege (e.g., adding or dropping access to some data)

  7. Scalability issue in DEK management • The first prototype publishes DEK for each user as a separate data packet • O(n) RSA encryption and O(n) RSA signing • A simple optimization: pack all encrypted DEKs into a single data packet • O(n) RSA encryption and O(1) RSA signing

  8. A better(?) solution • Recommended by RFC 2627: hierarchical key management (designed for secure multicast) DEK E(K1, DEK) E(K2, DEK) K1 K2 E(K3, K1) E(K4, K1) E(K5, K2) E(K6, K2) K3 K4 K5 K6 E(U2, K3) E(U1, K3) User1 User2 User3 User4 User5 User6 User7 User8

  9. Scalable user deletion • O(log(n)) updates vs. O(n) updates in old scheme • Cost: more keys to manage & transmit DEK’ E(K1, DEK’) E(K2’, DEK’) K1 K2’ E(K5’, K2’) E(K6, K2’) K3 K4 K5’ K6 E(U6, K5’) User1 User2 User3 User4 User5 User6 User7 User8

  10. Other issues • Selection of cryptography • Symmetric vs. asymmetric encryption • HMAC vs. RSA signing • Hierarchical access control

  11. Summary • Encryption is the most effective access control for NDN applications • Multicast security may be a useful reference • Hierarchical access control is a new challenge

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Commercial Building Integrated Security Solution See Far , Go Further Contents 1 Vertical

Commercial Building Integrated Security Solution See Far , Go Further Contents 1 Vertical

Commercial Building Integrated Security Solution See Far , Go Further Contents 1 Vertical Requirements Analysis 2 System Architecture 3 Solution Application 4 Successful Cases Requirement Analysis Personnel Safety Internal Management

705 views • 54 slides
Is Cable Congestion a Threat to Cable Security? What is the solution? What is the solution?

Is Cable Congestion a Threat to Cable Security? What is the solution? What is the solution?

conference & convention enabling the next generation of networks & services Is Cable Congestion a Threat to Cable Security? What is the solution? What is the solution? Phil Footman-Williams Tyco Electronics Subsea Communications

203 views • 18 slides
1 Software Safety Specifying safety requirements Safety vs. Reliability Component

1 Software Safety Specifying safety requirements Safety vs. Reliability Component

User requirements CSE 403 Business Requirements Lecture 14 User User Use Cases Requirements Study Safety and Security Requirements Functional Requirements Requirements Documentation Non-functional Requirements Non-functionality

275 views • 3 slides
DIGITAL PLANETS SECURITY SOLUTION INTRODUCTION OUR OFFERED SERVICES Vulnerability Security

DIGITAL PLANETS SECURITY SOLUTION INTRODUCTION OUR OFFERED SERVICES Vulnerability Security

DIGITAL PLANETS SECURITY SOLUTION INTRODUCTION OUR OFFERED SERVICES Vulnerability Security Information Assessment Brand Operation Consultancy & Security Protection Penetration Awareness Centre Testing External Networks

474 views • 44 slides
Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security Requirements (NCSSR) Effective 1 January 2013 No amendments since passed Included in WebTrust Principles and Criteria for Certification

253 views • 7 slides
New Mek Solution New Mek Solution ns is IT/Software ns is IT/Software outsourcing a and

New Mek Solution New Mek Solution ns is IT/Software ns is IT/Software outsourcing a and

New Mek Solution New Mek Solution ns is IT/Software ns is IT/Software outsourcing a and product development nt company. Our vision is to aim 100% aut automation of the business at-par with ever changing custom tomer requirements to

563 views • 15 slides
UCP GROUP Maritime Security Services UCP GROUP ONE SOLUTION ONE PLATFORM ONE SECURITY SERVICE

UCP GROUP Maritime Security Services UCP GROUP ONE SOLUTION ONE PLATFORM ONE SECURITY SERVICE

UCP GROUP Maritime Security Services UCP GROUP ONE SOLUTION ONE PLATFORM ONE SECURITY SERVICE Maritime Security - Commercial Shipping Security - Cruise Liner Security - Super-Yacht Security Maritime Security Services UCP GROUP is a market

247 views • 22 slides
P P h h a a r r m m Pharmaceutical a a c c e e u u t t PACKAGE i i P P c

P P h h a a r r m m Pharmaceutical a a c c e e u u t t PACKAGE i i P P c

Tamper evidence or implement the FMD www.eltronis.com solution you can easily With our labeling only one label . accomplish both with Now you can serialization for your boxes ? mandated security requirements. Contact us for samples. P P

336 views • 4 slides
CASHWIZARD THE SMART SOLUTION SECURITY I N N O V A T I O N RELIABILITY 1 Who is AMSEC?

CASHWIZARD THE SMART SOLUTION SECURITY I N N O V A T I O N RELIABILITY 1 Who is AMSEC?

CASHWIZARD THE SMART SOLUTION SECURITY I N N O V A T I O N RELIABILITY 1 Who is AMSEC? American Security Products [AMSEC] located in worlds Fontana, California is the best known provider of security safes. For over 70+ years, we

814 views • 21 slides
19 FEM Convergence Requirements IFEM Ch 19 Slide 1 Introduction to FEM Convergence

19 FEM Convergence Requirements IFEM Ch 19 Slide 1 Introduction to FEM Convergence

Introduction to FEM 19 FEM Convergence Requirements IFEM Ch 19 Slide 1 Introduction to FEM Convergence Requirements for Finite Element Discretization Convergence: discrete (FEM) solution approaches the analytical (math model) solution

479 views • 17 slides
1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

Course Overview Course Requirements EECS 498-7/8 Cryptography and Network Security: www.citi.umich.edu/u/honey/security Principles and Practice (Third Edition) Computer Security Monday & Friday, 9:00 10:30 William Stallings

670 views • 19 slides
Security requirements Term Secuirty requirement A need or restriction from a user, a

Security requirements Term Secuirty requirement A need or restriction from a user, a

Security requirements Term Secuirty requirement A need or restriction from a user, a stakeholder or the environment related to the goal to improve the system security. Holistic security requirement engineering, Computers & Security

216 views • 17 slides
Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell |

Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell |

Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell | Hong Kong & Taiwan Agenda Session One 2016 Threat Report Update Session Two SonicWALL C APT URE Advanced Threat Protection Service

746 views • 63 slides
Protective Security Requirements A Risk Based Approach UNCLASSIFIED What is the PSR? .a

Protective Security Requirements A Risk Based Approach UNCLASSIFIED What is the PSR? .a

UNCLASSIFIED Protective Security Requirements A Risk Based Approach UNCLASSIFIED What is the PSR? .a new framework of New Zealand Protective Security Requirements which provides clear guidance and support for State sector departments

353 views • 17 slides
Declassification Options and Requirements Information Security Webinar Marc Brandsness

Declassification Options and Requirements Information Security Webinar Marc Brandsness

6/20/2013 Declassification Options and Requirements Information Security Webinar Marc Brandsness Security Asset Protection Professional Certification (SAPPC) Retired US Air Force-Security Forces with over 25 years of Law Enforcement

307 views • 15 slides
Retail Chain Integrated Security Solution V1.3 See Far , Go Further Contents 1 Requirement

Retail Chain Integrated Security Solution V1.3 See Far , Go Further Contents 1 Requirement

Retail Chain Integrated Security Solution V1.3 See Far , Go Further Contents 1 Requirement Analysis 2 System Architecture 3 Solution Introduction 4 Representative Cases Vertical Requirement - Current Situation Traditional retail industry

761 views • 61 slides
Distributed Key Management For Sensitive Data Joni Hahkala (HIP), John White (HIP), kos Frohner

Distributed Key Management For Sensitive Data Joni Hahkala (HIP), John White (HIP), kos Frohner

Enabling Grids for E-sciencE Distributed Key Management For Sensitive Data Joni Hahkala (HIP), John White (HIP), kos Frohner (CERN) and Kalle Happonen (HIP) ISGC'10, Taipei, Taiwan www.eu-egee.org EGEE-III INFSO- EGEE and gLite are

581 views • 13 slides
Technical Webinar SvSAN on KVM & StorSecure 6 June 2019 MAKING THE COMPLEX SIMPLE MAKING THE

Technical Webinar SvSAN on KVM & StorSecure 6 June 2019 MAKING THE COMPLEX SIMPLE MAKING THE

2019 2019 Technical Webinar SvSAN on KVM & StorSecure 6 June 2019 MAKING THE COMPLEX SIMPLE MAKING THE COMPLEX SIMPLE CONFIDENTIAL PRESENTERS & AGENDA BRUCE KORNFELD CMO & GM Americas MARK CHRISTIE Director, Technical Services

589 views • 19 slides
Database Encryption for MongoDB Peter Schwaller Senior Director Server Engineering, Percona

Database Encryption for MongoDB Peter Schwaller Senior Director Server Engineering, Percona

Open Source Transparent Database Encryption for MongoDB Peter Schwaller Senior Director Server Engineering, Percona Agenda Why encrypt? What gets encrypted? What is supported where? How does it all work? Future of open

227 views • 11 slides
Responding to All Managing Relationships with Key Constituencies Todays Facilitators Jamie

Responding to All Managing Relationships with Key Constituencies Todays Facilitators Jamie

Responding to All Managing Relationships with Key Constituencies Todays Facilitators Jamie LaRue Sharon Morris LaRue & Associates Colorado State Library @jaslar @cslsharon Todays Agenda Introduction & Models Constituencies

479 views • 19 slides
Managers and Productivity Differences Nezih Guner, Andrii Parkhomenko and Gustavo Ventura RIDGE,

Managers and Productivity Differences Nezih Guner, Andrii Parkhomenko and Gustavo Ventura RIDGE,

Managers and Productivity Differences Nezih Guner, Andrii Parkhomenko and Gustavo Ventura RIDGE, 2014 Motivation Motivation Understanding cross-country income differences. Motivation Understanding cross-country income differences. Bulk

1.38k views • 91 slides
Modern Block Cipher Standards (DES) Debdeep Mukhopadhyay Assistant Professor Department of

Modern Block Cipher Standards (DES) Debdeep Mukhopadhyay Assistant Professor Department of

Modern Block Cipher Standards (DES) Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Data Encryption Standard DES developed in 1970s

421 views • 14 slides
for Efficient Adaptation in Multi-Task Learning Asa Cooper Stickland and Iain Murray University

for Efficient Adaptation in Multi-Task Learning Asa Cooper Stickland and Iain Murray University

BERT and PALs: Projected Attention Layers for Efficient Adaptation in Multi-Task Learning Asa Cooper Stickland and Iain Murray University of Edinburgh Background: BERT Our model builds on BERT (Devlin et al., 2018), a powerful (and big) sentence

501 views • 9 slides
Care: Messages Matter Diane E. Meier, MD, FACP, FAAHPM Director, Center to Advance Palliative

Care: Messages Matter Diane E. Meier, MD, FACP, FAAHPM Director, Center to Advance Palliative

Reframing Palliative Care: Messages Matter Diane E. Meier, MD, FACP, FAAHPM Director, Center to Advance Palliative Care Lisa D. Morgan, MA Principal, LDM Strategies April 12, 2017 Over the last two years, how many of you been told by

448 views • 27 slides

More recommend