Post on 09-Jul-2020
FragDBFragDBSecure Localized Storage Based onS Di t ib t d RFID T I f t tSuper-Distributed RFID-Tag Infrastructures
M L h i i hMarc LangheinrichInstitute for Pervasive Computing, ETH Zurich, Switzerland
L ti b d A C t lLocation-based Access Control
FragDB: A Location-Based Access Control System
Location-Based Access Control in the Real World
Marc‘s Not In
My Office
May 11, 2007 5PALMS 2007 Workshop
May 11, 2007 6PALMS 2007 Workshop
May 11, 2007 7PALMS 2007 Workshop
Coffe BreakCafeteria
May 11, 2007 8PALMS 2007 Workshop
h kNo ID Check Here
A Classroom
See What‘s Marc Teaching TodaySee What s Marc Teaching Today
May 11, 2007 9PALMS 2007 Workshop
Examples of „Hands-Free“ Access Control
Information Not Secret“Information Not „SecretBut wouldn‘t want it broadcasted either
L ti B d ALocation-Based AccessIf you‘re in the vicinity, feel free to look
No Management – „Hands-Free“No users, passwords, certificates, policies
May 11, 2007 10PALMS 2007 Workshop
FragDB: A Hands-Free Access Control System
Like Virtual Post-Its
Your Data
A Place
A Visitor
May 11, 2007 12PALMS 2007 Workshop
Basic FragDB Principle: Fingerprinting
Principle: Fingerprinting Place & Time
A VisitorYou
May 11, 2007 14PALMS 2007 Workshop
Principle: Fingerprinting Place & Time
A VisitorYou
Places Change – Fingerprints Should TooPlaces Change Fingerprints Should, TooOtherwise: one visit gives continued accessOld fingerprints fade away“Old fingerprints „fade away
May 11, 2007 15PALMS 2007 Workshop
Fingerprint Requirements
Fluid BoundariesFluid BoundariesTolerate „close enough“ positions
Ti V iTime VarianceFingerprints change over time
Time ContinuityOld fingerprints fade-away slowly
Secure StorageAccess to central server yields no informationy
May 11, 2007 16PALMS 2007 Workshop
Technology Enabler: RFID (Hitachi mu-Chips)
μ-Chip 2005 (Hitachi)
RFID ChipSize: 0 4 x 0 4 mmSize: 0.4 x 0.4 mmCarrier frequency: 2.45 GHzOperating distance: 0-25 cmMemory capacity 128bit ROMMemory capacity: 128bit ROMOperating temperature: -27 to +75ºCAnti-collision: no Response time: 20 msOptional external antenna
May 11, 2007 18PALMS 2007 Workshop
Super-Distributed RFID Tag Infrastructures
A VisitorYou
Bohn Mattern: Super-Distributed RFID TagBohn, Mattern: Super-Distributed RFID Tag Infrastructures. EUSAI 2004, Eindhoven, NL
Passive RFID tags deployed in vast quantities and in aPassive RFID tags deployed in vast quantities and in a highly redundant fashion over large areas or surfaces
May 11, 2007 20PALMS 2007 Workshop
FragDB: Basic Principles
FragDB: Fragmented Database Storage
Each Tag-ID Represents Single Storage CellEach Tag-ID Represents Single Storage CellData is fragmented and stored „in“ tagsCentral storage (encrypted with hashed ID)Central storage (encrypted with hashed ID)
Fl id B d i F d E C ti1. Fluid Boundaries: Forward Error CorrectionData is redundantly stored across several cells
2. Time Variance: Ids Change Over TimeProbabilistic after n readouts (currently simulated)
May 11, 2007 22PALMS 2007 Workshop
4. Secure Storage
Cell Data is Encrypted With Key == Hashed Tag IDNo need for key managementNo need for key management
Storage Cell Location NOT tag ID but Hashed KeyStorage Cell Location NOT tag ID, but Hashed KeyOtherwise: trivial DB-scan attack possibleB t i l t t ll l ti f t IDBut: simple to compute cell location from tag ID
May 11, 2007 23PALMS 2007 Workshop
3. Time ContinuityTag ID Memory
RFID TagsStorage System
C t ID8AF62 54017 03BCA 7843AFile67 - File315 File315, File942
RFID TagsStorage System
C t ID8AF62 54017 03BCA 7843AFile67 - File315 File315, File942
Tag ID-Memory
Current IDCurrent IDF2539
B35F*
8DC12
0439*
948AA
8CC3*
43B21
D132*
File315
File942, File4
File315, File4
File4 File4, File42, …File952
File942 File67
siveFile 4
04DA*
74A**
9DB**
B3EC*
C34**
324**
1231*
BC3**
987**
E321*
DE2**
9E4**
File12, File44
-
File91
File44, File12
File91
-
File44
File91, File12
File14, File74
File44
File91, File12
File74 ally
expe
ns
File 91 9
89***
C1***
3
AC***
9C***
98
AA***
84***
9
12***
4E***
9
File14, File15, …
File4856
File14, File74
File44265
4, 74
File4856
-
74
File14
File32 bina
toric
a9
Tags „remember“ their old IDsOld t d ll l fid lit (i bit )
Com
Old tags gradually loose fidelity (i.e., bits)
May 11, 2007 24PALMS 2007 Workshop
What Can You Do With This?
Classroom Cam
Pass Through Here to Get Lecture Video
May 11, 2007 26PALMS 2007 Workshop
Example: Fingerprinting Road Infrastructures
Continually Fingerprint Road
Store Warning on Previous Segment
Store Warning for Approaching CarsStore Warning for Approaching Cars
May 11, 2007 27PALMS 2007 Workshop
Prototype Implementation
mu-Chip Reader
mu-Chips
May 11, 2007 29PALMS 2007 Workshop
Simulator Control Panel
Virtual Surface
Storage Cells
May 11, 2007
Storage Cells
30PALMS 2007 Workshop
RFID TagsRFID TagsStorage System
Current ID8AF62
F2539
54017
8DC12
03BCA
948AA
7843A
43B21
File67
File315
-
File315, File4
File315
File942
File315, File942
File67
B35F*
04DA*
0439*
B3EC*
8CC3*
1231*
D132*
E321*
File942, File4
File12, File44
File4 File4, File42, …File952
File44, File12 File44 File44
File 4
74A**
9DB**
89***
C34**
324**
AC***
BC3**
987**
AA***
DE2**
9E4**
12***
-
File91
File14 File15
File91
-
File14 File74
File91, File12
File14, File74
File4856
File91, File12
File74
File14
File 91
May 11, 2007
89
C1***
AC
9C***
AA
84***
12
4E***
File14, File15, …
File4856
File14, File74
File44265
File4856
-
File14
File32
31PALMS 2007 Workshop
Summary
FragDB – „Hands-Free“ Access Control
Mimics real-world location-based access controlMimics real-world location-based access controlUseful for many types of semi-public data, e.g., out of office notices lecture materials road conditionsoffice notices, lecture materials, road conditions, …
Principle: Embedded RFIDs & Fragmented StorageFluid BoundariesFluid BoundariesTime VarianceTi C ti itTime ContinuitySecure Storageilt Si l t d t t ( hi )Built Simulator and Prototype (mu-Chips)
May 11, 2007 33PALMS 2007 Workshop
More in the Tech Reportfind it at people inf eth ch/langhein/find it at: people.inf.ethz.ch/langhein/
Effects of ID-fading“Effects of „ID-fadingtime- vs. usage-based updates
St t i f d t hStrategies for data searchesHow to reassemble a file
May 11, 2007 34PALMS 2007 Workshop
S i A tService Announcement
Ubicomp Privacy Workshop 2007Ubicomp Privacy Workshop 2007
Organized ByJohn Canny (UC Berkeley)
Marc Langheinrich (ETH Zurich)Sarah Spiekermann (Humboldt University Berlin)
Technologies, Users, Policy
Keynotes & Contributions by Leading Privacy ExpertsLorrie Cranor Jason Hong John Krumm Serge Guthwirth Paul de Hert
Selected Papers Published in „Personal & Ubiquitous Comp.“
Lorrie Cranor, Jason Hong, John Krumm, Serge Guthwirth, Paul de Hert, …
Submission Deadline: June 1, 2007
May 11, 2007
www.vs.inf.ethz.ch/events/uc7privacy/36PALMS 2007 Workshop