Semantics in mobile networks

From its-wiki.no
Jump to: navigation, search

Semantics in mobile networks

Course UNIK4250
Title Semantics in mobile networks
Lecture date 2013/04/18 0900-1200
presented by Josef Noll
Objective The objectives of this lecture are to get an overview over essential security challenges in mobile networks, which includes not only the mobile phone itself, but also aspects like privacy and security for the user, and the integration with the Internet of Things (IoT)
Learning outcomes Having visited this lecture, you should have an idea on
  • the capabilities of the mobile phone becoming your representation in the digital world, including
  • the SIM card as a Java Card with fast USB (8-12 Mbit/s) and NFC interface, allowing the storage of credentials
  • Payment, access and NFC communication in general, including the principles of NFC
  • The mobile phone acting as a Gateway for the Internet of Things (IoT)

Security challenges

  • Person: electronic traces (location, payment,...), privacy, anonymity
  • Internet of Things (IoT): security, privacy, dependability

Semantics

  • explain the difference between a web page and a semantic web page
  • draw and explain an example of an ontology
  • point out at least three components of a context of a person
  • illustrate an example of attribute-based access control.
  • Describe how policies might help to define security handlers in future systems
Pensum (read before)
References (further info) References
Keywords SIM, NFC, security metrics, traceability, payment, access, location, privacy, anonymity, Semantic Technologies, policies

this page was created by Special:FormEdit/Lecture, and can be edited by Special:FormEdit/Lecture/Semantics in mobile networks.


Lecture slides

Summary

A summary of this lecture is presented at http://www.youtube.com/watch?v=KCTgyjeaZl4

Notes on learning outcomes

The mobile phone becoming your representation in the digital world
As the mobile phone contains information like location, can measure your activity and can sense the environment you are in. As it also has communication capabilities, it can initiate information updates to your social networks or trigger delivery of relevant information in the current situation.
The mobile phone acting as a Gateway for the Internet of Things (IoT)
Current smart phones have an accelerometer, gyrometer, GPS and various communication interfaces. Samsung added in their Galaxy S4 a thermometer and a humidity sensor, expanding the mobile phone towards a health monitoring device (sHealth). Communication interfaces like NFC, Bluetooth and ANT+ are used to connect to sensors. Research is ongoing to use NFC to activate sensors in the human body, thus avoiding the use of a battery. Low-power Bluetooth can support devices running on a battery for several years, examples of that are heart rate sensors. ANT+ is a radio interface primary developed by Garmin for their GPS accessories, e.g. connecting cycling speed, cadence and puls rate to a speedometer. Sony had adopted ANT+ in some of their XPERIA models, and HTC has also an ANT+ supporting phone.


The SIM card
is a Java Card with fast USB (8-12 Mbit/s) and has an NFC interface. The USB interface allows the decryption of information on the SIM card, thus making the SIM card independent of the phone.
Near field Communication (NFC) supports the storage of credentials for payment and access on the SIM card, and allows NFC to NFC communication between two NFC devices. The functionality when using NFC is first a discovery mode, using the ECMA340 protocol to find out if two NFC devices can communicate using that protocol. If ECMA340 communication is not possible, then NFC checks the proximity and the vicinity protocols for payment (using Mifare or Felica standards) and access (using access card standards like those used for UiO access). One key feature of the mobile phone implemented NFC functionality is the single wire protocol, allowing the NFC to communicate with the SIM card even if the phone is switched off or the phone is out of power. This feature is used to ensure proof of possession of a travel ticket.
Electronic traceability
Security challenges are raising when using the mobile phone. Currently location services are threatening the privacy of a person, and with payment and access solutions through the mobile phone privacy and anonymity are affected.
The Internet of Things (IoT)
is introduced to describe a world of communicating sensors. The mobile phone will often be used as a gateway to these sensors, and decisions will be made automatically based on these sensor data. Sensor-driven business decisions require measurable security, including aspects like reliability, traceability, identity and latency.


Context.png
Semantics technologies
were introduced to let computers analyse the content of the web. Ontologies are used as dictionaries, allowing the computers to understand the meaning of relations between topics. An ontology consists of classes and relations between classes, e.g. a class Context hasLocation Position, where Position has GPS-coordinates.
Examples of a context of a person include: position, current activity, surrounding, and movement.
Semantic attribute-based access control
is seen as an extension of role-based or attribute-based access control, and allows creating policies based on a variety of attributes. Such a policy might state for access to this service the user has to identify himself at a level of 0.8, and various attributes can then be combined to achieve the required security level. These attributes might include position, network connectivity, biometrics, or anything which might help identifying a user.
Policies
can help to combine personal preferences, context, corporate and governmental guidelines into a framework for appropriate security measures. An example is the use of computers in internet shops, where secure access might be limited to an encrypted view of corporate data.