1 / 17

LAAC: A Location-Aware Access Control Protocol

LAAC: A Location-Aware Access Control Protocol. YounSun Cho, Lichun Bao and Michael T. Goodrich IWUAC 2006. Why Location-Based Access Control?.

ellard
Download Presentation

LAAC: A Location-Aware Access Control Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LAAC: A Location-Aware Access Control Protocol YounSun Cho, Lichun Bao and Michael T. Goodrich IWUAC 2006

  2. Why Location-Based Access Control? • Previous user identity- based access control approaches cannot verify Physical location of the access requester, which plays an important role in determining access rights • Secure verification of location claims is required • Secure verification of location claims • Natural • No need to establish shared secrets in advance • Information about Location can strengthen access control policy • Not just which subject is accessing what object • Where the subject and object are located • Subject belongs to a location group as long as she can listen to one of the beacons in that group

  3. Previous Works • Hardware dependency to determine location • GPS • Temper resistant device • Ultrasonic signals • Need central server • Expensive crypto and overhead • PKI, DH key exchange

  4. Properties • No servers • No pre-registration • No expensive crypto • No expensive hardware (e.g. GPS) • Low communication/computation • Different from localization problem

  5. Notation

  6. Protocol Description • Each access point (APj)periodically broadcasts its nonce (rj) • Assume each APj knows other AP's nonces (rj) through a secure channel • A mobile station (MSi) collects nonces of the access points • MSi derives its location key (ki) by XOR-ing all the nonces of access points • MSi constructs its access request (ARi) using hash of ki and claims its location to its associated access point with it. • If MSi is located in the access-granted area, it can access to the resource • o/w, it cannot access it • This system is secure if each entity does not collude each other • Assume trust AP • not mutual authentication.

  7. What is AP group ? G1 G3 G2 • Define three AP groups: • G1={AP1, AP2}, • G2={AP3, AP4}, • G3={AP1, AP4} • Each AP's group: • AP1 is in G1, G3 • AP2 is in G1 • AP3 is in G2 • AP4 is in G2,G3 Access-Granted Area

  8. 1) 2) 1) 1) 1) 2) 3) 1) 1)

  9. Security Analysis • Insecure nonce combination • RNG with k=|nonce|  80 bits • Bogus location claim • zero-false positive with • Interval T < Speed of MS • cf. GPS error, sector error, etc.

  10. Security Analysis (cont.) • Wormhole attack

  11. Security Analysis (cont.) • Simple solution • Assume each mobile station has APs Certificates of each • Using AP's signature of BBM • Better solution? • Man-in-the-Middle Attack? • The Sybil attack

  12. Efficiency Estimation • Various Hash Function Computation Times ( μseconds) based on the Crypto++ 5.2.1 benchmark tested on the AMD Opteron 1.6 GHz processor under Linux 2.4.21. • Let |nonce|= 80 bits and |ID|=8 bits and use 160-bit SHA-1 • Computation Time • Only 0.147 μseconds to compute access request of mobile station side • Communication Load • |BBM|  80 + 8 + 8*|L|*|N| bits of each access point • |AR| = 160 bits of each mobile station • Storage Requirement • For the mobile stations, there is no storage requirement

  13. Simulation Result • Simulation condition • 23 MSs, 2 APs • 802.11 propagation and path-loss model in the free-space model without a routing protocol between mobile stations • Two access points broadcast beacons with nonces (r1, r2) 1000 times in every broadcasting interval  • False positive rate with various nonce sizes |r1| = |r2| = 4, 8, 16 bits of access points under T= =1 second of static mobile station model • False positive rate with various T=1, 2, 4, 8 seconds with  = 1 second T under |r1| = |r2| = 16 bits of randomly moving mobile station model

  14. Application and Extension • HotSpot • Cyber Cafe, coffee shop, airport • Data encryption key as well as access control key • Location Tracking • Sensor network

  15. Future Work • Scalability • Applicable to Sensor Network • LBS (Location Based Services) • Location Tracking • Location Privacy • Secure Data Aggregation

  16. Conclusion • Easy • Simple • Cheap • Practical • Applicable

  17. Q & A

More Related