Upload
rance
View
39
Download
5
Embed Size (px)
DESCRIPTION
Security Requirements in Service Oriented Architectures for Ubiquitous Computing. Almerindo Graziano, Domenico Cotroneo, Stefano Russo [email protected] MobiLab Research Group Università degli studi di Napoli “Federico II”. Outline. Motivation Addressing Ubiquitous Security - PowerPoint PPT Presentation
Citation preview
Security Requirements in Security Requirements in Service Oriented Architectures Service Oriented Architectures
for Ubiquitous Computing for Ubiquitous Computing
Almerindo Graziano, Domenico Cotroneo, Stefano RussoAlmerindo Graziano, Domenico Cotroneo, Stefano [email protected]@unina.it
MobiLab Research GroupMobiLab Research GroupUniversità degli studi di Napoli “Federico II”Università degli studi di Napoli “Federico II”
OutlineOutline
MotivationMotivationAddressing Ubiquitous SecurityAddressing Ubiquitous SecurityThe Story So FarThe Story So FarSecurity RequirementsSecurity RequirementsEvaluationEvaluationConclusions Conclusions
Service Oriented ArchitecturesService Oriented Architectures
Established computing paradigmEstablished computing paradigm A SOA is based uponA SOA is based upon
Service definitionService definition Service Discovery and DeliveryService Discovery and Delivery
SOAs have evolved from the Internet modelSOAs have evolved from the Internet model Different service definitionsDifferent service definitions Different discovery/delivery protocolsDifferent discovery/delivery protocols
ProblemsProblems Interoperability and standardizationInteroperability and standardization SecuritySecurity
Addressing Ubiquitous SecurityAddressing Ubiquitous Security
Wireless securityWireless securityWidely addressedWidely addressed
Security of SOAs in ubiquitous computingSecurity of SOAs in ubiquitous computingNot widely addressed (often just an Not widely addressed (often just an
afterthought)afterthought)Not addressed consistentlyNot addressed consistentlyNo security requirements analysisNo security requirements analysisStronger Interoperability problemsStronger Interoperability problems
The Story So FarThe Story So Far
Standard ProtocolsStandard Protocols BluetoothBluetooth JiniJini SalutationSalutation UPnPUPnP SLPSLP JXTAJXTA
Integrated ArchitecturesIntegrated Architectures SSDSSSDS CentaurusCentaurus Proxy-based protocolsProxy-based protocols
Ongoing researchOngoing research SplendorSplendor
Security RequirementsSecurity Requirements
Secure service Secure service registration/deregistrationregistration/deregistration Example: DoS attacksExample: DoS attacks
Secure Discovery Secure Discovery (service records)(service records) AuthenticatedAuthenticated AuthorizedAuthorized ConfidentialConfidential GenuineGenuine AnonymousAnonymous
Secure DeliverySecure Delivery AuthenticatedAuthenticated AuthorizedAuthorized ConfidentialConfidential GenuineGenuine AnonymousAnonymous
Application SecurityApplication Security AvailabilityAvailability
Evaluation ResultsEvaluation Results
EvaluationEvaluation
Genuine discovery and Genuine discovery and delivery are underestimateddelivery are underestimated Achieved partially or not at allAchieved partially or not at all
Service (de)registration is Service (de)registration is assumed trusted assumed trusted
No architecture addresses No architecture addresses security in service definitionsecurity in service definition
Application security often out Application security often out of scopeof scope
Different access control Different access control modelsmodels ACLs or CapabilitiesACLs or Capabilities
Different granularityDifferent granularity User or DevicesUser or Devices
Location of the PDPLocation of the PDP Local by the device or remote Local by the device or remote
by a resource managerby a resource manager
Different trust modelsDifferent trust models
ConclusionsConclusions
Not possible to address all security requirementsNot possible to address all security requirements Total security does not existTotal security does not exist Limited resourcesLimited resources
Need to use threat models (mobile adversary and mobile Need to use threat models (mobile adversary and mobile victims)victims)
Security requirements driven by use casesSecurity requirements driven by use cases Abuse cases can help model the threatsAbuse cases can help model the threats
Use risk assessment to rationalize security issuesUse risk assessment to rationalize security issues Secure interoperability still a challengeSecure interoperability still a challenge
Trust models, access control, authorization managementTrust models, access control, authorization management
Ongoing WorkOngoing Work
Complete evaluation work to includeComplete evaluation work to includeAccess control models, trust models, Access control models, trust models,
authorization managementauthorization managementDesign of a Secure SOA for Nomadic Design of a Secure SOA for Nomadic
ComputingComputingUse/Misuse cases for threat analysisUse/Misuse cases for threat analysisThreat modelling and design with UMLsecThreat modelling and design with UMLsecValidation with UMLsecValidation with UMLsec
Thanks for Your Thanks for Your AttentionAttention