energy-aware security mechanisms for dynamic networks of resource
TRANSCRIPT
![Page 1: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/1.jpg)
Energy-Aware Security Mechanisms for Dynamic Networks of
Resource-Constrained Devices
Vinod Ganapathy and Ulrich (Uli) Kremer
Department of Computer Science
Rutgers University
![Page 2: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/2.jpg)
Evolution of Handheld Devices
Communication toolGeneral-purpose
computing platformCameras
Temperature sensorsCommunication (internet, email)
GPS
![Page 3: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/3.jpg)
Data Centers vs. Cloud of HandheldsStorage Resources
• 30 servers per rack• 500GB storage per server• data centers between 100s and1000s of racks
• 260 million smart phones (2007-08)• 8 GB storage• assume phone users are willing to share 10% of storage (0.8GB)
15,000 server racks worth of storage (225 PetaBytes)
![Page 4: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/4.jpg)
Data Centers vs. Cloud of HandheldsWhy GREEN?
• large physical infrastructures(buildings, cooling, power grid)
• permanent maintenance personnel • high dismantling costs
• no dedicated physical infrastructure• owners maintain their devices• existing recycling culture
Fewer power/energy/thermal/environmental issues
![Page 5: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/5.jpg)
Data Centers vs. Cloud of HandheldsWhy GREEN?
Large application domain that involves/requires• interaction with physical world • location awareness • in-network data acquisition, processing, storage, and result delivery
Distributed solutions are more energy efficient
![Page 6: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/6.jpg)
Location-awareInteraction with physical world
An OpportunityCyber-Physical Cloud Computing with Handhelds
Is a red four-door sedan in your vicinity?
Is traffic congested in your area?
Networking is dynamic and opportunisticResource sharing is required
In-network data processing and result distribution
![Page 7: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/7.jpg)
Dynamic Network Programming with Sarana
Is a red four-door sedan in your vicinity?
Rutgers/Princeton Collaborative Grant
![Page 8: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/8.jpg)
An OpportunityCyber-Physical Cloud Computing with Handhelds
The Challenge• how to protect against malicious “client code”?• how to trust other nodes executing code on my behalf? • how to trust sensor readings?
Energy and resource aware security mechanisms are a crucial enabling technology
![Page 9: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/9.jpg)
Key Challenge: Establishing Integrity of Remote Computations
Is a red four-door sedan in your vicinity?
All phones reply “Yes”
How to trust the results of remote computations?
![Page 10: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/10.jpg)
Trusted Computing for Mobile DevicesParticipating devices equipped witha Trusted Platform Module (TPM)
Launchees and Launcher engagein an Integrity Measurement Protocol
![Page 11: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/11.jpg)
Integrity Measurement Protocol
Prove to me that your software stack is not malicious
Compute hash chain (H) andmetadata (M) about software stack
Digitally sign H and M
Send H and M
Verify Integrity
launchee launcher
![Page 12: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/12.jpg)
Problems with Integrity Measurement
• Protocol is interactive:– Frequent communication between launcher and
launchees
– Costs: Communication bandwidth and battery
![Page 13: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/13.jpg)
Problems with Integrity Measurement
• Protocol requires integrity measurement computations at launchee:– Compute hash of software stack and digital
signatures.
– Costs: Battery
![Page 14: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/14.jpg)
Problems with Integrity Measurement
• Protocol requires integrity verification at launcher:– Receive integrity measurements– Verify digital signatures and hash chains– Store acceptable values and compare– Costs: Bandwidth, battery and storage
![Page 15: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/15.jpg)
Problems to Investigate • Problem: Protocol is interactive
– Insight: Use Merkle hash trees to batch integrity measurements and make protocol less interactive
• Problem: Frequent integrity measurements– Insight: Batch and reuse integrity computations.
Provide probabilistic freshness guarantee
• Problem: Cost-intensive integrity verification– Insight: Offload integrity verification to other cloud
computing services
Verification of security tradeoffs through Saranaimplementation and physical power measurements
![Page 16: Energy-Aware Security Mechanisms for Dynamic Networks of Resource](https://reader031.vdocuments.site/reader031/viewer/2022020703/61fb3f252e268c58cd5be68f/html5/thumbnails/16.jpg)
Thanks