SlideShare a Scribd company logo
1 of 23
Download to read offline
Center for Wireless
Innovation Norway
      cwin.no



CWI
  Norway              IDC Enterprise Mobility
                        Budapest, Nov 2012

           Measurable Security in Mobile
                    Networks

                           Josef Noll
                Prof. at University of Oslo/UNIK
                   Member of CWI Norway
                         josef@unik.no
Outline

!   About the Center for Wireless Innovation (CWI) Norway
!   Mobile Network Evolution
    –   From People
    –   To Things
!   The way ahead: Internet of Things
    –   connection of sensors to mobile
    –   business decisions based on information
!   Security Challenges
    –   BYOD “bring your own device”
    –   Be aware of the value of information
    –   Measurable security
!   Use case for
    –   From Entertainment to Socialtainment
    –   Sensor data fusion
!   Conclusions
                         Measurable Security in Mobile Networks   Nov 2012, Josef Noll   2
Center for Wireless Innovation                                                             CWI

 A facilitator for industry and seven research
 institutions to form strategic partnerships in
                   wireless R&D
                                           n to
                                      t io
                                  o ra arc h
                                      B3G BS
                                                    Sensor



                             ab ese
                                                   Networks
                  Aggregation

                           ll
 Sensor Network
  Abstraction &
                                                                Home/Office
   Monitoring
                       c o          e r
                r o m         at iv                                                    Sensor
                                                                                      Networks




              F         b o r   Car

                     la
                                                      Offshore


                 co l                    Sensor
                                        Networks                            Sensor
                                                                           Networks




                                                              Nov 2012, Josef Noll
Generations of Mobile Networks
                                                      Service view
                                                     Personalised broadband
                           4G?      LTE              wireless services



                      3G: UMTS                       Multimedia communication




             2G:   GSM                             Mobile telephony, SMS,
                                                   FAX, Data


1G:
         NMT                                         Mobile telephony



      1970     1980      1990    2000       2010



                                                                          [adapted from Per Hjalmar Lehne, Telenor, 2000]

                                 Measurable Security in Mobile Networks                Nov 2012, Josef Noll          4
Generations of Mobile Networks
                                                      Service view                 Security view
                                                                                       IP security with
                                                     Personalised broadband        heterogeneous access,
                           4G?      LTE              wireless services                     sensors




                      3G: UMTS                       Multimedia communication      Open, modular security
                                                                                   architecture - force 2G



             2G:   GSM                             Mobile telephony, SMS,        One way authentication,
                                                   FAX, Data                  encryption visibility, “obscurity”

1G:
         NMT                                         Mobile telephony                     tap the line,
                                                                                           connect in


      1970     1980      1990    2000       2010



                                                                          [adapted from Per Hjalmar Lehne, Telenor, 2000]

                                 Measurable Security in Mobile Networks                Nov 2012, Josef Noll          4
IoT paradigm
                         • The present "Internet of PCs" will move towards an "Internet of
                           Things" in which 50 to 100 billion devices will be connected to
                           the Internet by 2020. [CERP-IoT, 03.2010]
                         • “We are entering a new paradigm where things have their own
                           identity and enter into dialogue with both other things and
                           humans mediated through processes that are being formed
                           today. [IoT Europe 2010 conf., 06.2010]
                                                                                      "Now
                                                                                     subs we have
                                                                                          c
                                                                                    30...5 ribers. I roughly
                                                                                          0           n          5
!                              The speed of development                            – H Mio de some ye .2 Mio m
                                                                                        ans C       vices         ar w       obile 2010
                                                                                              hristi      o            e
                                                                                                     an H n the m will hav
                                                                                                         augli        o           e
                                                                                                               , CEO bile net
                                                                                  “In 201                             , Tele     work
                                                                                          2 there                            nor O ”
storage on single chip




                                                                                 people             were m                        bject
                                                                                          on the            ore dev                     s
                                                                                 – Han             mobile             ic
                                                                                         s Chris           networ es than
                                                                                                 tian Ha             k of Te
                                                                                                         ugli, CE            lenor”.
                                                                                                                   O, Tele
                                                                                                                           nor Ob
                                                                                                                                   jects

                                          source: Gerhard Fettweis, TU Dresden
                                                   Measurable Security in Mobile Networks                      Nov 2012, Josef Noll
[Source: J. Schaper, FI PPP Constituency Event Nice, March 2010] Josef Noll
                                                        Nov 2012,             6
  Measurable Security in Mobile Networks
The IoT technology and
application domain
business          reliability
decisions

                                                          privacy




            Measurable Security in Mobile Networks   Nov 2012, Josef Noll   7
Outline

!   About the Center for Wireless Innovation (CWI) Norway
!   Mobile Network Evolution
    –   From People
    –   To Things
!   The way ahead: Internet of Things
    –   connection of sensors to mobile
    –   business decisions based on information
!   Security Challenges
    –   BYOD “bring your own device”
    –   Be aware of the value of information
    –   Measurable security
!   Use case for
    –   From Entertainment to Socialtainment
    –   Sensor data fusion
!   Conclusions
                         Measurable Security in Mobile Networks   Nov 2012, Josef Noll   8
The security challenge of the
     Internet
   How come these guys didn’t think of that?



                                                      1973 Kjeller

                                                                                                        ave
                                                                                                    ld h rnet
                                                                                                 wou Inte
                                                                                              we ow
                                                                                          “If
                                                                                                n h ed, ...”
                                                                                          k now elop
                                Steve Crocker                                                  dev




                   Jon Postel

                                  1972                    Vinton Cerf
Expo Berlin 2007                            Source: http://www.michaelkaul.de/History/history.html
                                                       ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

                                      Measurable Security in Mobile Networks                           Nov 2012, Josef Noll   9
Security in the Internet of Things?
                                                    Source: L. Atzori et al., The
                                                    Internet of Things: A survey,
                                                    Comput. Netw. (2010), doi:
                                                    10.1016/ j.comnet.2010.05.010




                                 Text




           Measurable Security in Mobile Networks   Nov 2012, Josef Noll       10
Security in the Internet of Things?
                                                    Source: L. Atzori et al., The
                                                    Internet of Things: A survey,
                                                    Comput. Netw. (2010), doi:
                                                    10.1016/ j.comnet.2010.05.010

                                                                       Trust



                                 Text


                                                            * context-aware,
                                                            * “privacy”
                                                            * personalised




           Measurable Security in Mobile Networks   Nov 2012, Josef Noll       10
Security challenges
!   Sensors everywhere                                   Request
                                                                          Semantic layer
                                                                          Semantic layer

    –   Service Oriented                                              Mobile,        Internet
                                                                     Proximity,
        Architecture               Service
                                                                      Sensor

                  e,                      Mobile/Proximity/               Service Registry
               hom ors
            al, ens
                                          Sensor services

         dic l s
      me ria
         ust
                                        sensors
                                        sensors

     ind

!   Bring your own device
    (BYOD)
    –   30-100 devices/employee                                                  Contacts
                                                                                 Calendar
    –   “phone in the cloud”                                                     SMS, ...

         !   virtualisation                     PC, MA  C, phone, tab,
         !   security, e.g. apps                pod, pa d, embedded...
                            Measurable Security in Mobile Networks       Nov 2012, Josef Noll   11
Measurable Security
!   Value of information                                         is &
                                                             lys
                                                           na nt
    –   Identify                                        k A sme
                                                     Ris ses
    –   Analyse                                         As
    –   Evaluate Risk


    Measurable security                                                               sis
!
                                                                                 analy
                                                                             fit
    –   “Banks are secure”                                          -B ene
    –   IETF working group: Better                          C ost
        than nothing security
    –   Cardinal numbers?




                   Measurable Security in Mobile Networks                Nov 2012, Josef Noll   12
Security Challenges in sensor-
    enabled clouds
!   Security, here
    –   security (S)                                                Cloud services

    –   privacy (P)                               Intelligence
                                                                                                    challenge:
                                                    Overlay                                             physics
    –   dependability (D)
                                                                        Network
!   across the value chain
                                                                                                 challenge:
    –   from sensors to                                                                           physics
                                                                   Sensors,
        services                                               Embedded Systems
!   measurable security?
                                                                                                can be
                                                         Could be
                                                                                              composed
                     Is made by
                                  Components and                    SPD Components,
           System                                                   SPD functionalities
                                   functionalities



                          Measurable Security in Mobile Networks                 Nov 2012, Josef Noll         13
SPD Metrics specification                                                                   Factor                    Value
                                                                                              Elapsed Time
                                                                                              <= one day                  0


     Minimum attack potential value to                                                        <= one week
                                                                                              <= one month
                                                                                                                          1
                                                                                                                          4

          exploit a vulnerability                                                             <= two months               7
                                                                                              <= three months             10
                     = SPD value                                                              <= four months              13
                                                             Factors to be                    <= five months              15

                                                             considered                       <= six months               17
                                                                                              > six months                19
                                                                                              Expertise

 where                                                       •Elapsed Time                    Layman                      0

              Calculated attack                              •Expertise                       Proficient
                                                                                              Expert
                                                                                                                         3*(1)
                                                                                                                          6

                  potential                                  •Knowledge of                    Multiple experts            8
                                                              functionality                   Knowledge of
                                                                                              functionality
                                                             •Window of opportunity
                                                                                              Public                      0
     with                                                    •Equipment
              Attack scenarios                                                                Restricted
                                                                                              Sensitive
                                                                                                                          3
                                                                                                                          7
                                                                                              Critical                    11
            SPD           SPD        SPD                                                      Window of
            level      attributes   threats                                                   Unnecessary / unlimited     0
                                                                                              access

                                                                                              Easy                        1
Essential to build                                                                            Moderate                    4
                                                                                              Difficult                   10
            Base of knowledge                                                                 Unfeasible                25**(2)
                                                                                              Equipment

                       Functio                                                                Standard                    0
                                     SPD
            System
                        nality      system                                                    Specialised                4(3)
                                                                                              Bespoke                     7
                                                                                              Multiple bespoke            9
                                     [source: Andrea Fiaschetti, pSHIELD project, Sep 2011]
                                    Measurable Security in Mobile Networks               Nov 2012, Josef Noll                     14
Outline

!   About the Center for Wireless Innovation Norway
!   Security in Mobile Networks
    –   Privacy
    –   Dependability
!   The way ahead: Internet of Things
    –   connection of sensors to mobile
    –   business decisions based on information
!   Security Challenges
    –   BYOD “bring your own device”
    –   Be aware of the value of information
    –   Measurable security
!   Use case for
    –   From Entertainment to Socialtainment
    –   Sensor data fusion
!   Conclusions
                         Measurable Security in Mobile Networks   Nov 2012, Josef Noll   15
Use case:
    SPD in heterogeneous systems
!   Nano-Micro-Personal-M2M Platform
     – identity, cryptography,
       dependability
!   SPD levels through overlay
    functionality
     – answering threat level
     – composing services

!   Policy-based management
     – composable security
!   Integration into Telecom Platform
     – from information to business
        decisions




                      Measurable Security in Mobile Networks   Nov 2012, Josef Noll   16
The IoT ecosystem
                                                                   Trust   ?

!   Creating business
    –   openness, competitive                                   infrastructure:
                                            Consumers             broadband,
    –   climate for innovation              adaptation              mobile
                                                                                        Business
!   Public authorities                                                                  climate:
                                                                                         market
    –   trust, confidence          Public
                                                                                         Creative
                                 Authorities
    –   demand                    demand
                                                            IoT - Business             programmers
                                                              Ecosystem                  software
!   Consumers
                                                                                  Academia
    –   (early) adapters                                                          research,
    –   education                        Entrepreneurs          Sensor
                                                                                  education

                                             ideas
!   Infrastructure                                              providers

    –   broadband, mobile
    –   competition
                       Measurable Security in Mobile Networks                  Nov 2012, Josef Noll   17
Internet usage across Europe
  [Robert Madelin, Directorate-General for Information Society and Media, EU commission, Aug 2010]

      * “use of IT in a proper way can increase effectiveness with 30-40%”
                                                                                                                                                                                                                                                                                                                IS
      * “we are good in technology development. But access to venture
                                                                                                                                                                                                                                                                                                              95,1%
      capital is bad in Europe as compared to the USA”.
      [Aftenposten, 3. October 2011] gunhild@aftenposten.no                                                                                                                                                                                                                                              NO
                                                                                                                                                                                                                                                                                                        94,8%
                                                                                                                                                                                                                                                                            SE
                                                                                                                   % of people used the Internet                                                                             DK                                            93,2%
100                                                                                                                                                                                                                         90,7%
                                                                             IT                                                           EU
90
                            HE                                             58,8%                                                         73,7%
80
                           47,5%
70


60


50


40
       Tyrkia

                Romania

                          Hellas

                                   Bulgaria

                                                l
                                                        Kypros

                                                                 Kroatia

                                                                           Italia

                                                                                    Malta

                                                                                            Litauen

                                                                                                      Polen

                                                                                                              Ungarn

                                                                                                                       Spania

                                                                                                                                Latvia

                                                                                                                                         Slovenia

                                                                                                                                                    Tsjekkia

                                                                                                                                                               Irland

                                                                                                                                                                        EU snitt

                                                                                                                                                                                   Østerike

                                                                                                                                                                                              Estland

                                                                                                                                                                                                          e
                                                                                                                                                                                                                   Belgia

                                                                                                                                                                                                                            Slovenia

                                                                                                                                                                                                                                       Tyskland

                                                                                                                                                                                                                                                           nia
                                                                                                                                                                                                                                                                 Finland

                                                                                                                                                                                                                                                                                 k

                                                                                                                                                                                                                                                                                      ourg

                                                                                                                                                                                                                                                                                                nd
                                                                                                                                                                                                                                                                                                        Sverige

                                                                                                                                                                                                                                                                                                                  Norge

                                                                                                                                                                                                                                                                                                                          Island
                                              Portuga




                                                                                                                                                                                                                                                                           Danmar
                                                                                                                                                                                                        Frankrik




                                                                                                                                                                                                                                                                                              Nederla
                                                                                                                                                                                                                                                  Storbrita




                                                                                                                                                                                                                                                                                     Luxemb
                                                                                              Measurable Security in Mobile Networks                                                                                                               Nov 2012, Josef Noll                                                   18
Pr
                                                      i




                                                                         0
                                                                                  30
                                                                                         60
                                                                                                       90
                                               wi vate
                                                   tPhr b ho
                                                 w iva oa mer




                                                                                   41
                                                   ith te db s
                                                         br ho and                                83
                                                            oa m
                                                               db es
                                                                                        61
                                            WWir
                                              ir
                                         us oue eles and
                                                  le
                                           ed tsis s P
                                                     de




                                                                       3
                                                ou s Pof C us
                                                    ts C hom ed                   39
                                                       id             e
                                                          e
                                                             o

                                                                             13
                                                                                                       Greece




                                                Int
                                                                                                       Norway




                                                     ern f h
                                                   In et om
                                                                                                       EU-average




                                                      te Ba e
                                                                         6
                                                          rn        nk
                                                             et        ing
                                                                                                  84




                                                                Ba
                                                                   nk
                                                                                  36




                                                 On                  in
                                                 O lin                  g
                                                                                                                    Internet service usage




                                               t n
                                             too plin e c




Measurable Security in Mobile Networks
                                                           e
                                                                             16




                                                 pu ubli onta
                                                      bl cc se ct
                                                                                              77




                                                         ic ont rv
                                                             se ac ices
                                                                                   41




                                                                rv t
                                                      eC          ic
                                                          eC m es
                                                   - -b oo m
                                                                             12




                                                        bougm erc
                                                          ou hm e
                                                                                             71




                                                              gh t er
                                                                 t ce
                                                                                   40




      19  Nov 2012, Josef Noll
Conclusions

• The mobile system is evolving
  – bring your own devices, heterogeneity
  – from sensors to business decisions

• Building the IoT architecture
  – Cross-layer intelligence & knowledge
  – Accounting for security
                                                                 The wo
                                                                        rld is w
                                                                                 i   reless
• Measurable security
  – Metrics describing threats
  – Overlay description for system of systems

• Building the Ecosystem
  – Human perspective: trust, privacy, context
  – Security based on measures of components,
    attacks and human interaction


                              Measurable Security in Mobile Networks                  Nov 2012, Josef Noll   20
CWI
My special thanks to
• JU Artemis and the Research          • Sarfraz Alam (UNIK) and Geir
  Councils of the participating          Harald Ingvaldsen (JBV) for the
  countries (IT, HE, PT, SL, NO, HU,     train demo
  ES)                                  • Zahid Iqbal and Mushfiq
• Andrea Fiaschetti for the semantic     Chowdhury for the semantics
  middleware and ideas                 • Hans Christian Haugli and Juan
• Inaki Eguia Elejabarrieta,Andrea       Carlos Lopez Calvet for the
  Morgagni, Francesco Flammini,          Shepherd ® interfaces
  Renato Baldelli, Vincenzo Suraci     • and all those I have forgotten to
  for the Metrices                       mention
• Przemyslaw Osocha for running
  the pSHIELD project, Luigi Trono
  for running nSHIELD



                                                        Nov 2012, Josef Noll         21

More Related Content

What's hot

5 g tech
5 g tech5 g tech
5 g techmanas87
 
seminar report on ambient intelligent
seminar report on ambient intelligentseminar report on ambient intelligent
seminar report on ambient intelligentAnkita Srivastava
 
Electronics seminar topics
Electronics seminar topicsElectronics seminar topics
Electronics seminar topics123seminarsonly
 
The internet of things
The internet of thingsThe internet of things
The internet of thingsSai Avinash
 
SMi Group's 5th annual European Smart Grid Cyber Security conference
SMi Group's 5th annual European Smart Grid Cyber Security conferenceSMi Group's 5th annual European Smart Grid Cyber Security conference
SMi Group's 5th annual European Smart Grid Cyber Security conferenceDale Butler
 
Internet of Things
Internet of ThingsInternet of Things
Internet of ThingsDodi Saputra
 
08 20314 electronic doorbell...
08 20314 electronic doorbell...08 20314 electronic doorbell...
08 20314 electronic doorbell...IAESIJEECS
 
Internet of Things (Indoor Localization and iBeacons)
Internet of Things (Indoor Localization and iBeacons)Internet of Things (Indoor Localization and iBeacons)
Internet of Things (Indoor Localization and iBeacons)Faheem Zafari
 
I Pv6 Presentation 310510 V4
I Pv6 Presentation 310510 V4I Pv6 Presentation 310510 V4
I Pv6 Presentation 310510 V4Chaesub Lee
 
Cit101 social aspects_and_issues_of_the_internet spring 2012
Cit101 social aspects_and_issues_of_the_internet spring 2012Cit101 social aspects_and_issues_of_the_internet spring 2012
Cit101 social aspects_and_issues_of_the_internet spring 2012Infomanjjb
 
Manet mobile ad hoc network – challenges, security and protocols-2
Manet  mobile ad hoc network  – challenges, security and protocols-2Manet  mobile ad hoc network  – challenges, security and protocols-2
Manet mobile ad hoc network – challenges, security and protocols-2prjpublications
 
V2 i10 ijertv2is100048
V2 i10 ijertv2is100048V2 i10 ijertv2is100048
V2 i10 ijertv2is100048Thaniga Vel
 
WCIT12 myth busting presentation
WCIT12 myth busting presentationWCIT12 myth busting presentation
WCIT12 myth busting presentationITU
 
Smart grid cyber
Smart grid cyberSmart grid cyber
Smart grid cyberDale Butler
 
Secure transmission in wireless sensor networks data using linear kolmogorov ...
Secure transmission in wireless sensor networks data using linear kolmogorov ...Secure transmission in wireless sensor networks data using linear kolmogorov ...
Secure transmission in wireless sensor networks data using linear kolmogorov ...csandit
 
OPTIMIZING SMART THINGS ADDRESSING THROUGH THE ZIGBEE-BASED INTERNET OF THINGS
OPTIMIZING SMART THINGS ADDRESSING THROUGH THE ZIGBEE-BASED INTERNET OF THINGSOPTIMIZING SMART THINGS ADDRESSING THROUGH THE ZIGBEE-BASED INTERNET OF THINGS
OPTIMIZING SMART THINGS ADDRESSING THROUGH THE ZIGBEE-BASED INTERNET OF THINGSIJCNCJournal
 

What's hot (20)

5 g tech
5 g tech5 g tech
5 g tech
 
seminar report on ambient intelligent
seminar report on ambient intelligentseminar report on ambient intelligent
seminar report on ambient intelligent
 
Electronics seminar topics
Electronics seminar topicsElectronics seminar topics
Electronics seminar topics
 
The internet of things
The internet of thingsThe internet of things
The internet of things
 
SMi Group's 5th annual European Smart Grid Cyber Security conference
SMi Group's 5th annual European Smart Grid Cyber Security conferenceSMi Group's 5th annual European Smart Grid Cyber Security conference
SMi Group's 5th annual European Smart Grid Cyber Security conference
 
Fog Networking
Fog NetworkingFog Networking
Fog Networking
 
Internet of Things
Internet of ThingsInternet of Things
Internet of Things
 
IEEE NS2 Projects 2012
IEEE NS2 Projects 2012IEEE NS2 Projects 2012
IEEE NS2 Projects 2012
 
The Internet of Things
The Internet of ThingsThe Internet of Things
The Internet of Things
 
Recasting The Net
Recasting The NetRecasting The Net
Recasting The Net
 
08 20314 electronic doorbell...
08 20314 electronic doorbell...08 20314 electronic doorbell...
08 20314 electronic doorbell...
 
Internet of Things (Indoor Localization and iBeacons)
Internet of Things (Indoor Localization and iBeacons)Internet of Things (Indoor Localization and iBeacons)
Internet of Things (Indoor Localization and iBeacons)
 
I Pv6 Presentation 310510 V4
I Pv6 Presentation 310510 V4I Pv6 Presentation 310510 V4
I Pv6 Presentation 310510 V4
 
Cit101 social aspects_and_issues_of_the_internet spring 2012
Cit101 social aspects_and_issues_of_the_internet spring 2012Cit101 social aspects_and_issues_of_the_internet spring 2012
Cit101 social aspects_and_issues_of_the_internet spring 2012
 
Manet mobile ad hoc network – challenges, security and protocols-2
Manet  mobile ad hoc network  – challenges, security and protocols-2Manet  mobile ad hoc network  – challenges, security and protocols-2
Manet mobile ad hoc network – challenges, security and protocols-2
 
V2 i10 ijertv2is100048
V2 i10 ijertv2is100048V2 i10 ijertv2is100048
V2 i10 ijertv2is100048
 
WCIT12 myth busting presentation
WCIT12 myth busting presentationWCIT12 myth busting presentation
WCIT12 myth busting presentation
 
Smart grid cyber
Smart grid cyberSmart grid cyber
Smart grid cyber
 
Secure transmission in wireless sensor networks data using linear kolmogorov ...
Secure transmission in wireless sensor networks data using linear kolmogorov ...Secure transmission in wireless sensor networks data using linear kolmogorov ...
Secure transmission in wireless sensor networks data using linear kolmogorov ...
 
OPTIMIZING SMART THINGS ADDRESSING THROUGH THE ZIGBEE-BASED INTERNET OF THINGS
OPTIMIZING SMART THINGS ADDRESSING THROUGH THE ZIGBEE-BASED INTERNET OF THINGSOPTIMIZING SMART THINGS ADDRESSING THROUGH THE ZIGBEE-BASED INTERNET OF THINGS
OPTIMIZING SMART THINGS ADDRESSING THROUGH THE ZIGBEE-BASED INTERNET OF THINGS
 

Similar to Measurable Security in Mobile Systems

The Future Network: Users will own the access in a collaborative radio enviro...
The Future Network: Users will own the access in a collaborative radio enviro...The Future Network: Users will own the access in a collaborative radio enviro...
The Future Network: Users will own the access in a collaborative radio enviro...Josef Noll
 
Security, Privacy and Dependability in Mobile Networks
Security, Privacy and Dependability in Mobile NetworksSecurity, Privacy and Dependability in Mobile Networks
Security, Privacy and Dependability in Mobile NetworksJosef Noll
 
Head to Head - The Battle between the Bellheads and the Netheads for control ...
Head to Head - The Battle between the Bellheads and the Netheads for control ...Head to Head - The Battle between the Bellheads and the Netheads for control ...
Head to Head - The Battle between the Bellheads and the Netheads for control ...Pieter Geldenhuys
 
Near field communication and RFID - opening for new business
Near field communication and RFID - opening for new businessNear field communication and RFID - opening for new business
Near field communication and RFID - opening for new businessJosef Noll
 
Gunnar Florus - Manchester
Gunnar Florus - ManchesterGunnar Florus - Manchester
Gunnar Florus - ManchesterMarit Hendriks
 
Gunnar Alcatel Lucent Open Networks
Gunnar   Alcatel Lucent   Open NetworksGunnar   Alcatel Lucent   Open Networks
Gunnar Alcatel Lucent Open Networksandrewmac101
 
Multimedia Impact on Network & Telecommunication
Multimedia Impact on Network & TelecommunicationMultimedia Impact on Network & Telecommunication
Multimedia Impact on Network & TelecommunicationUun Ainurrofiq (Fiq)
 
Radio based sensing iot
Radio based sensing iotRadio based sensing iot
Radio based sensing iotmohamed naeem
 
Physical Impact Of Wireless Technology
Physical Impact Of Wireless TechnologyPhysical Impact Of Wireless Technology
Physical Impact Of Wireless TechnologyKaty Allen
 
LTE: Building New Killer Apps
LTE: Building New Killer AppsLTE: Building New Killer Apps
LTE: Building New Killer AppsMarko Gargenta
 
Semantic Service Creation for Mobile Users
Semantic Service Creation for Mobile UsersSemantic Service Creation for Mobile Users
Semantic Service Creation for Mobile UsersJosef Noll
 
Sip vo ip-ims-convergence-d2-10 at kishore
Sip vo ip-ims-convergence-d2-10 at kishoreSip vo ip-ims-convergence-d2-10 at kishore
Sip vo ip-ims-convergence-d2-10 at kishoreAT Kishore
 
Buckle Up for Safety: Telecom Ready for the Passing Lane
Buckle Up for Safety:  Telecom Ready for the Passing LaneBuckle Up for Safety:  Telecom Ready for the Passing Lane
Buckle Up for Safety: Telecom Ready for the Passing LaneMaRS Discovery District
 
Wireless Broadband Delivers The 21st Century
Wireless Broadband Delivers The 21st CenturyWireless Broadband Delivers The 21st Century
Wireless Broadband Delivers The 21st Centuryandrescarvallo
 
Starsight FT WIFI (for governments)
Starsight FT WIFI (for governments)Starsight FT WIFI (for governments)
Starsight FT WIFI (for governments)Spontane_IT
 
All-IP Telecom Networks
All-IP Telecom NetworksAll-IP Telecom Networks
All-IP Telecom Networksalrohily
 

Similar to Measurable Security in Mobile Systems (20)

The Future Network: Users will own the access in a collaborative radio enviro...
The Future Network: Users will own the access in a collaborative radio enviro...The Future Network: Users will own the access in a collaborative radio enviro...
The Future Network: Users will own the access in a collaborative radio enviro...
 
Security, Privacy and Dependability in Mobile Networks
Security, Privacy and Dependability in Mobile NetworksSecurity, Privacy and Dependability in Mobile Networks
Security, Privacy and Dependability in Mobile Networks
 
Head to Head - The Battle between the Bellheads and the Netheads for control ...
Head to Head - The Battle between the Bellheads and the Netheads for control ...Head to Head - The Battle between the Bellheads and the Netheads for control ...
Head to Head - The Battle between the Bellheads and the Netheads for control ...
 
Near field communication and RFID - opening for new business
Near field communication and RFID - opening for new businessNear field communication and RFID - opening for new business
Near field communication and RFID - opening for new business
 
Gunnar Florus - Manchester
Gunnar Florus - ManchesterGunnar Florus - Manchester
Gunnar Florus - Manchester
 
Gunnar Alcatel Lucent Open Networks
Gunnar   Alcatel Lucent   Open NetworksGunnar   Alcatel Lucent   Open Networks
Gunnar Alcatel Lucent Open Networks
 
3 g and 4g final ppt
3 g and 4g final ppt3 g and 4g final ppt
3 g and 4g final ppt
 
Multimedia Impact on Network & Telecommunication
Multimedia Impact on Network & TelecommunicationMultimedia Impact on Network & Telecommunication
Multimedia Impact on Network & Telecommunication
 
Radio based sensing iot
Radio based sensing iotRadio based sensing iot
Radio based sensing iot
 
Physical Impact Of Wireless Technology
Physical Impact Of Wireless TechnologyPhysical Impact Of Wireless Technology
Physical Impact Of Wireless Technology
 
LTE: Building New Killer Apps
LTE: Building New Killer AppsLTE: Building New Killer Apps
LTE: Building New Killer Apps
 
Semantic Service Creation for Mobile Users
Semantic Service Creation for Mobile UsersSemantic Service Creation for Mobile Users
Semantic Service Creation for Mobile Users
 
Sip vo ip-ims-convergence-d2-10 at kishore
Sip vo ip-ims-convergence-d2-10 at kishoreSip vo ip-ims-convergence-d2-10 at kishore
Sip vo ip-ims-convergence-d2-10 at kishore
 
Naya tel
Naya telNaya tel
Naya tel
 
Mobile HW Mashup
Mobile HW MashupMobile HW Mashup
Mobile HW Mashup
 
Buckle Up for Safety: Telecom Ready for the Passing Lane
Buckle Up for Safety:  Telecom Ready for the Passing LaneBuckle Up for Safety:  Telecom Ready for the Passing Lane
Buckle Up for Safety: Telecom Ready for the Passing Lane
 
3g basic
3g basic3g basic
3g basic
 
Wireless Broadband Delivers The 21st Century
Wireless Broadband Delivers The 21st CenturyWireless Broadband Delivers The 21st Century
Wireless Broadband Delivers The 21st Century
 
Starsight FT WIFI (for governments)
Starsight FT WIFI (for governments)Starsight FT WIFI (for governments)
Starsight FT WIFI (for governments)
 
All-IP Telecom Networks
All-IP Telecom NetworksAll-IP Telecom Networks
All-IP Telecom Networks
 

More from Josef Noll

Free Internet Information Access - Activities and Pilots for the Human Right ...
Free Internet Information Access - Activities and Pilots for the Human Right ...Free Internet Information Access - Activities and Pilots for the Human Right ...
Free Internet Information Access - Activities and Pilots for the Human Right ...Josef Noll
 
Semantic technologies for attribute based access: measurable security for the...
Semantic technologies for attribute based access: measurable security for the...Semantic technologies for attribute based access: measurable security for the...
Semantic technologies for attribute based access: measurable security for the...Josef Noll
 
Internet of Things in Scandinavia - society and ecosystem for early adaptation
Internet of Things in Scandinavia - society and ecosystem for early adaptationInternet of Things in Scandinavia - society and ecosystem for early adaptation
Internet of Things in Scandinavia - society and ecosystem for early adaptationJosef Noll
 
&quot;Potentials and Challenges for Mobile Commerce - a Nordic Perspective
&quot;Potentials and Challenges for Mobile Commerce - a Nordic Perspective&quot;Potentials and Challenges for Mobile Commerce - a Nordic Perspective
&quot;Potentials and Challenges for Mobile Commerce - a Nordic PerspectiveJosef Noll
 
Towards Global Mobility
Towards Global MobilityTowards Global Mobility
Towards Global MobilityJosef Noll
 
What is Semantic Service provisioning
What is Semantic Service provisioningWhat is Semantic Service provisioning
What is Semantic Service provisioningJosef Noll
 
Mobile based authentication and payment
Mobile based authentication and paymentMobile based authentication and payment
Mobile based authentication and paymentJosef Noll
 
Privacy issues in network environments
Privacy issues in network environmentsPrivacy issues in network environments
Privacy issues in network environmentsJosef Noll
 
Introduction to Personalisation
Introduction to PersonalisationIntroduction to Personalisation
Introduction to PersonalisationJosef Noll
 
Who ownes the SIM? a user-centric view on future networks
Who ownes the SIM? a user-centric view on future networksWho ownes the SIM? a user-centric view on future networks
Who ownes the SIM? a user-centric view on future networksJosef Noll
 

More from Josef Noll (10)

Free Internet Information Access - Activities and Pilots for the Human Right ...
Free Internet Information Access - Activities and Pilots for the Human Right ...Free Internet Information Access - Activities and Pilots for the Human Right ...
Free Internet Information Access - Activities and Pilots for the Human Right ...
 
Semantic technologies for attribute based access: measurable security for the...
Semantic technologies for attribute based access: measurable security for the...Semantic technologies for attribute based access: measurable security for the...
Semantic technologies for attribute based access: measurable security for the...
 
Internet of Things in Scandinavia - society and ecosystem for early adaptation
Internet of Things in Scandinavia - society and ecosystem for early adaptationInternet of Things in Scandinavia - society and ecosystem for early adaptation
Internet of Things in Scandinavia - society and ecosystem for early adaptation
 
&quot;Potentials and Challenges for Mobile Commerce - a Nordic Perspective
&quot;Potentials and Challenges for Mobile Commerce - a Nordic Perspective&quot;Potentials and Challenges for Mobile Commerce - a Nordic Perspective
&quot;Potentials and Challenges for Mobile Commerce - a Nordic Perspective
 
Towards Global Mobility
Towards Global MobilityTowards Global Mobility
Towards Global Mobility
 
What is Semantic Service provisioning
What is Semantic Service provisioningWhat is Semantic Service provisioning
What is Semantic Service provisioning
 
Mobile based authentication and payment
Mobile based authentication and paymentMobile based authentication and payment
Mobile based authentication and payment
 
Privacy issues in network environments
Privacy issues in network environmentsPrivacy issues in network environments
Privacy issues in network environments
 
Introduction to Personalisation
Introduction to PersonalisationIntroduction to Personalisation
Introduction to Personalisation
 
Who ownes the SIM? a user-centric view on future networks
Who ownes the SIM? a user-centric view on future networksWho ownes the SIM? a user-centric view on future networks
Who ownes the SIM? a user-centric view on future networks
 

Measurable Security in Mobile Systems

  • 1. Center for Wireless Innovation Norway cwin.no CWI Norway IDC Enterprise Mobility Budapest, Nov 2012 Measurable Security in Mobile Networks Josef Noll Prof. at University of Oslo/UNIK Member of CWI Norway josef@unik.no
  • 2. Outline ! About the Center for Wireless Innovation (CWI) Norway ! Mobile Network Evolution – From People – To Things ! The way ahead: Internet of Things – connection of sensors to mobile – business decisions based on information ! Security Challenges – BYOD “bring your own device” – Be aware of the value of information – Measurable security ! Use case for – From Entertainment to Socialtainment – Sensor data fusion ! Conclusions Measurable Security in Mobile Networks Nov 2012, Josef Noll 2
  • 3. Center for Wireless Innovation CWI A facilitator for industry and seven research institutions to form strategic partnerships in wireless R&D n to t io o ra arc h B3G BS Sensor ab ese Networks Aggregation ll Sensor Network Abstraction & Home/Office Monitoring c o e r r o m at iv Sensor Networks F b o r Car la Offshore co l Sensor Networks Sensor Networks Nov 2012, Josef Noll
  • 4. Generations of Mobile Networks Service view Personalised broadband 4G? LTE wireless services 3G: UMTS Multimedia communication 2G: GSM Mobile telephony, SMS, FAX, Data 1G: NMT Mobile telephony 1970 1980 1990 2000 2010 [adapted from Per Hjalmar Lehne, Telenor, 2000] Measurable Security in Mobile Networks Nov 2012, Josef Noll 4
  • 5. Generations of Mobile Networks Service view Security view IP security with Personalised broadband heterogeneous access, 4G? LTE wireless services sensors 3G: UMTS Multimedia communication Open, modular security architecture - force 2G 2G: GSM Mobile telephony, SMS, One way authentication, FAX, Data encryption visibility, “obscurity” 1G: NMT Mobile telephony tap the line, connect in 1970 1980 1990 2000 2010 [adapted from Per Hjalmar Lehne, Telenor, 2000] Measurable Security in Mobile Networks Nov 2012, Josef Noll 4
  • 6. IoT paradigm • The present "Internet of PCs" will move towards an "Internet of Things" in which 50 to 100 billion devices will be connected to the Internet by 2020. [CERP-IoT, 03.2010] • “We are entering a new paradigm where things have their own identity and enter into dialogue with both other things and humans mediated through processes that are being formed today. [IoT Europe 2010 conf., 06.2010] "Now subs we have c 30...5 ribers. I roughly 0 n 5 ! The speed of development – H Mio de some ye .2 Mio m ans C vices ar w obile 2010 hristi o e an H n the m will hav augli o e , CEO bile net “In 201 , Tele work 2 there nor O ” storage on single chip people were m bject on the ore dev s – Han mobile ic s Chris networ es than tian Ha k of Te ugli, CE lenor”. O, Tele nor Ob jects source: Gerhard Fettweis, TU Dresden Measurable Security in Mobile Networks Nov 2012, Josef Noll
  • 7. [Source: J. Schaper, FI PPP Constituency Event Nice, March 2010] Josef Noll Nov 2012, 6 Measurable Security in Mobile Networks
  • 8. The IoT technology and application domain business reliability decisions privacy Measurable Security in Mobile Networks Nov 2012, Josef Noll 7
  • 9. Outline ! About the Center for Wireless Innovation (CWI) Norway ! Mobile Network Evolution – From People – To Things ! The way ahead: Internet of Things – connection of sensors to mobile – business decisions based on information ! Security Challenges – BYOD “bring your own device” – Be aware of the value of information – Measurable security ! Use case for – From Entertainment to Socialtainment – Sensor data fusion ! Conclusions Measurable Security in Mobile Networks Nov 2012, Josef Noll 8
  • 10. The security challenge of the Internet How come these guys didn’t think of that? 1973 Kjeller ave ld h rnet wou Inte we ow “If n h ed, ...” k now elop Steve Crocker dev Jon Postel 1972 Vinton Cerf Expo Berlin 2007 Source: http://www.michaelkaul.de/History/history.html ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft Measurable Security in Mobile Networks Nov 2012, Josef Noll 9
  • 11. Security in the Internet of Things? Source: L. Atzori et al., The Internet of Things: A survey, Comput. Netw. (2010), doi: 10.1016/ j.comnet.2010.05.010 Text Measurable Security in Mobile Networks Nov 2012, Josef Noll 10
  • 12. Security in the Internet of Things? Source: L. Atzori et al., The Internet of Things: A survey, Comput. Netw. (2010), doi: 10.1016/ j.comnet.2010.05.010 Trust Text * context-aware, * “privacy” * personalised Measurable Security in Mobile Networks Nov 2012, Josef Noll 10
  • 13. Security challenges ! Sensors everywhere Request Semantic layer Semantic layer – Service Oriented Mobile, Internet Proximity, Architecture Service Sensor e, Mobile/Proximity/ Service Registry hom ors al, ens Sensor services dic l s me ria ust sensors sensors ind ! Bring your own device (BYOD) – 30-100 devices/employee Contacts Calendar – “phone in the cloud” SMS, ... ! virtualisation PC, MA C, phone, tab, ! security, e.g. apps pod, pa d, embedded... Measurable Security in Mobile Networks Nov 2012, Josef Noll 11
  • 14. Measurable Security ! Value of information is & lys na nt – Identify k A sme Ris ses – Analyse As – Evaluate Risk Measurable security sis ! analy fit – “Banks are secure” -B ene – IETF working group: Better C ost than nothing security – Cardinal numbers? Measurable Security in Mobile Networks Nov 2012, Josef Noll 12
  • 15. Security Challenges in sensor- enabled clouds ! Security, here – security (S) Cloud services – privacy (P) Intelligence challenge: Overlay physics – dependability (D) Network ! across the value chain challenge: – from sensors to physics Sensors, services Embedded Systems ! measurable security? can be Could be composed Is made by Components and SPD Components, System SPD functionalities functionalities Measurable Security in Mobile Networks Nov 2012, Josef Noll 13
  • 16. SPD Metrics specification Factor Value Elapsed Time <= one day 0 Minimum attack potential value to <= one week <= one month 1 4 exploit a vulnerability <= two months 7 <= three months 10 = SPD value <= four months 13 Factors to be <= five months 15 considered <= six months 17 > six months 19 Expertise where •Elapsed Time Layman 0 Calculated attack •Expertise Proficient Expert 3*(1) 6 potential •Knowledge of Multiple experts 8 functionality Knowledge of functionality •Window of opportunity Public 0 with •Equipment Attack scenarios Restricted Sensitive 3 7 Critical 11 SPD SPD SPD Window of level attributes threats Unnecessary / unlimited 0 access Easy 1 Essential to build Moderate 4 Difficult 10 Base of knowledge Unfeasible 25**(2) Equipment Functio Standard 0 SPD System nality system Specialised 4(3) Bespoke 7 Multiple bespoke 9 [source: Andrea Fiaschetti, pSHIELD project, Sep 2011] Measurable Security in Mobile Networks Nov 2012, Josef Noll 14
  • 17. Outline ! About the Center for Wireless Innovation Norway ! Security in Mobile Networks – Privacy – Dependability ! The way ahead: Internet of Things – connection of sensors to mobile – business decisions based on information ! Security Challenges – BYOD “bring your own device” – Be aware of the value of information – Measurable security ! Use case for – From Entertainment to Socialtainment – Sensor data fusion ! Conclusions Measurable Security in Mobile Networks Nov 2012, Josef Noll 15
  • 18. Use case: SPD in heterogeneous systems ! Nano-Micro-Personal-M2M Platform – identity, cryptography, dependability ! SPD levels through overlay functionality – answering threat level – composing services ! Policy-based management – composable security ! Integration into Telecom Platform – from information to business decisions Measurable Security in Mobile Networks Nov 2012, Josef Noll 16
  • 19. The IoT ecosystem Trust ? ! Creating business – openness, competitive infrastructure: Consumers broadband, – climate for innovation adaptation mobile Business ! Public authorities climate: market – trust, confidence Public Creative Authorities – demand demand IoT - Business programmers Ecosystem software ! Consumers Academia – (early) adapters research, – education Entrepreneurs Sensor education ideas ! Infrastructure providers – broadband, mobile – competition Measurable Security in Mobile Networks Nov 2012, Josef Noll 17
  • 20. Internet usage across Europe [Robert Madelin, Directorate-General for Information Society and Media, EU commission, Aug 2010] * “use of IT in a proper way can increase effectiveness with 30-40%” IS * “we are good in technology development. But access to venture 95,1% capital is bad in Europe as compared to the USA”. [Aftenposten, 3. October 2011] gunhild@aftenposten.no NO 94,8% SE % of people used the Internet DK 93,2% 100 90,7% IT EU 90 HE 58,8% 73,7% 80 47,5% 70 60 50 40 Tyrkia Romania Hellas Bulgaria l Kypros Kroatia Italia Malta Litauen Polen Ungarn Spania Latvia Slovenia Tsjekkia Irland EU snitt Østerike Estland e Belgia Slovenia Tyskland nia Finland k ourg nd Sverige Norge Island Portuga Danmar Frankrik Nederla Storbrita Luxemb Measurable Security in Mobile Networks Nov 2012, Josef Noll 18
  • 21. Pr i 0 30 60 90 wi vate tPhr b ho w iva oa mer 41 ith te db s br ho and 83 oa m db es 61 WWir ir us oue eles and le ed tsis s P de 3 ou s Pof C us ts C hom ed 39 id e e o 13 Greece Int Norway ern f h In et om EU-average te Ba e 6 rn nk et ing 84 Ba nk 36 On in O lin g Internet service usage t n too plin e c Measurable Security in Mobile Networks e 16 pu ubli onta bl cc se ct 77 ic ont rv se ac ices 41 rv t eC ic eC m es - -b oo m 12 bougm erc ou hm e 71 gh t er t ce 40 19 Nov 2012, Josef Noll
  • 22. Conclusions • The mobile system is evolving – bring your own devices, heterogeneity – from sensors to business decisions • Building the IoT architecture – Cross-layer intelligence & knowledge – Accounting for security The wo rld is w i reless • Measurable security – Metrics describing threats – Overlay description for system of systems • Building the Ecosystem – Human perspective: trust, privacy, context – Security based on measures of components, attacks and human interaction Measurable Security in Mobile Networks Nov 2012, Josef Noll 20
  • 23. CWI My special thanks to • JU Artemis and the Research • Sarfraz Alam (UNIK) and Geir Councils of the participating Harald Ingvaldsen (JBV) for the countries (IT, HE, PT, SL, NO, HU, train demo ES) • Zahid Iqbal and Mushfiq • Andrea Fiaschetti for the semantic Chowdhury for the semantics middleware and ideas • Hans Christian Haugli and Juan • Inaki Eguia Elejabarrieta,Andrea Carlos Lopez Calvet for the Morgagni, Francesco Flammini, Shepherd ® interfaces Renato Baldelli, Vincenzo Suraci • and all those I have forgotten to for the Metrices mention • Przemyslaw Osocha for running the pSHIELD project, Luigi Trono for running nSHIELD Nov 2012, Josef Noll 21