Sunteți pe pagina 1din 17

Opportunistic Sensing:

Security Challenges for the New Paradigm

Apu Kapadia
MIT Lincoln Laboratory

David Kotz
Dartmouth College

Nikos Triandopoulos
Boston University

Michael Betancourt
UCF - EEL 6788
Dr. Turgut

1. Introduction
2. Urban Sensing Examples
3. Applications Examples
4. Security Challenges
a. Confidentiality and Privacy Issues
b. Integrity Issues
c. Availability Issues
d. Challenges in Participatory Sensing
5. Conclusion

Opportunistic people centric sensing
o Small devices carried by people that sense information
o Direct or indirect relation to human activity
o Environmental conditions
o Leverage millions of devices
o No need to manually deploy
o Highly mobile and accessible
o High risks in security
o Data integrity

Urban Sensing Examples

Maps traffic patterns
Bicycle network infrastructure
User activity social networking

CarTel Interface

CenceMe Interface

BikeNet Interface

Application Examples
Urban data collection and processing
o Large scale online data collection
o Being able to locate lost objects
o Measuring the flow of bicycles in an urban center
Environmental monitoring at the human level
o Optimize energy usage for heating and cooling
o Personal Environmental Impact Report

Security Challenges Overview

1. Context privacy
2. Anonymous tasking
3. Anonymous data reporting
4. Reliable data readings
5. Data authenticity
6. System integrity
7. Preventing data suppression
8. Participation
9. Fairness

Confidentiality and Privacy Issues

Context Privacy
It is cumbersome for users to specify fine grain policies
Once the data is on the server who can access the h/w
Virtual walls
o Group settings in categories
o Only information outside the wall can be seen
o Data changes according to who is viewing
Future Research
o Determining what data can be used without being able to
infer other data
o Grabbing only enough data for application purpose
without sacrificing usability

Confidentiality and Privacy Issues

Anonymous Tasking
By tasking specific users it is possible to gain personal
Determining reliability of participants could reduce
Tasking Service
o Users download all tasks and selectively choose which to
Attribute based authentication
o Users reveal only their attributes

Confidentiality and Privacy Issues

Masking Users' Location
Blind Tasking
Transfer data to other nodes before uploading
o Overall routing structure must be protected
o Data needs to be encrypted to not be intercepted
o Only include characteristics about location
o Disadvantageous for limited popularity
Introduce blur and random jitter
o Decreases accuracy
o Amount of error needs to be constrained
Automatic Spatiotemporal Blurring
o Generalize location through large geographical tiles
o Only upload data when enough sets are available

Integrity Issues
Reliable Data Storage
Any participant with an appropriately configured device can
report falsified data
Devices are controlled by users
Incentives to mask private information
o Task cloning
o Fixed sensor ground truth
Game Theory
o Reputation based system

Integrity Issues
Data Authenticity
Tampered data during transit
Current schemes correspond to fixed sensors where there is
a stable topological tree that spans sensors
Cryptographoically enhanced error-correcting techniques
o Encrypted data that shows if it has been tampered with
Group signatures
o Allows multiple groups to use a single verifying signature
o Cracked signatures and be redistributed without taking
down the entire infrastructure

Integrity Issues
System Integrity
Tasks need to have their source verified
Data received needs to be accurate and temporally relevant
Task specific languages
Secure crytographic states
o Provide topological, temporal and userrelated parameters to validate the information received.

Availability Issues
Preventing Data Suppression
Denial of Service (DoS) due to devices ignoring task
Network availability of devices
Data consuming applications could be killed by users
If users are unable to control the data access, they are less
likely to carry the device or permit tasks to be performed

Distributed DoS (DDoS) Attack

Availability Issues
Users must have incentives to gain mass participation
Difficult to convince giving away private information with little
to no benefit
Convenience is key to appeal
Provide incentives that are compatible with users' needs and
Privacy-aware hybrid payoff model
o Beneficial services vs privacy loss they experience

Availability Issues
People centric applications
provide direct benefits to users
Users will try to cheat to gain
better service for themselves
o Tasking others to complete
their tasks
o Not contributing back to the

BitTorrent Inc. Logo

Battlefield 2142 Cover Art

Challenges in Participatory Sensing

Users are tasked and have to manually partake in gathering
Additional security challenges arise as the user may leak
more information than the task specifies
o Taking a picture of a menu on a table
Integrity becomes difficult as the user can fabricate sensor
data or not provide the correct results of the task
o Ratings of a restaurant

4 Rivers Smokehouse Google User Review

Opportunistic people centric sensing
Most applications contain personal information
Securing that information becomes key
o Providing a service that people would want to participate
o Keepings users data secure as to not be harmed
o Even obscuring the data may not be enough for complete
Participatory sensing needs additional security thought