laac: a location-aware access control protocol
DESCRIPTION
LAAC: A Location-Aware Access Control Protocol. YounSun Cho, Lichun Bao and Michael T. Goodrich IWUAC 2006. Why Location-Based Access Control?. - PowerPoint PPT PresentationTRANSCRIPT
LAAC: A Location-Aware Access Control ProtocolYounSun Cho, Lichun Bao and Michael T. GoodrichIWUAC 2006
Why Location-Based Access Control? Previous user identity- based access control approaches cannot
verify Physical location of the access requester, which plays an important role in determining access rights Secure verification of location claims is required
Secure verification of location claims Natural No need to establish shared secrets in advance
Information about Location can strengthen access control policy Not just which subject is accessing what object Where the subject and object are located
Subject belongs to a location group as long as she can listen to one of the beacons in that group
Previous Works Hardware dependency to determine
location GPS Temper resistant device Ultrasonic signals
Need central server Expensive crypto and overhead
PKI, DH key exchange
Properties No servers No pre-registration No expensive crypto No expensive hardware (e.g. GPS) Low communication/computation Different from localization problem
Notation
Protocol Description Each access point (APj)periodically broadcasts its nonce (rj)
Assume each APj knows other AP's nonces (rj) through a secure channel A mobile station (MSi) collects nonces of the access points MSi derives its location key (ki) by XOR-ing all the nonces of access p
oints MSi constructs its access request (ARi) using hash of ki and claims it
s location to its associated access point with it. If MSi is located in the access-granted area, it can access to the resourc
e o/w, it cannot access it
This system is secure if each entity does not collude each other Assume trust AP
not mutual authentication.
What is AP group ? Define three AP
groups: G1={AP1, AP2}, G2={AP3, AP4}, G3={AP1, AP4}
Each AP's group: AP1 is in G1, G3 AP2 is in G1 AP3 is in G2 AP4 is in G2,G3
G1 G2G3
Access-Granted Area
1)
1)
1)
1)
1)
1)
2)
2)3
)
Security Analysis Insecure nonce combination
RNG with k=|nonce| 80 bits Bogus location claim
zero-false positive with Interval T < Speed of MS
cf. GPS error, sector error, etc.
Security Analysis (cont.) Wormhole attack
Security Analysis (cont.) The Sybil attack Simple solution
Assume each mobile station has APs Certificates of each
Using AP's signature of BBM
Better solution? Man-in-the-Middle Attack?
Efficiency Estimation Various Hash Function Computation Times ( μseconds) based on the Crypto++ 5.2.1 b
enchmark tested on the AMD Opteron 1.6 GHz processor under Linux 2.4.21.
Let |nonce|= 80 bits and |ID|=8 bits and use 160-bit SHA-1 Computation Time
Only 0.147 μseconds to compute access request of mobile station side Communication Load
|BBM| 80 + 8 + 8*|L|*|N| bits of each access point |AR| = 160 bits of each mobile station
Storage Requirement For the mobile stations, there is no storage requirement
Simulation Result Simulation condition
23 MSs, 2 APs 802.11 propagation and path-loss model in the free-space model without
a routing protocol between mobile stations Two access points broadcast beacons with nonces (r1, r2) 1000 times in
every broadcasting interval
False positive rate with various nonce sizes |r1| = |r2| = 4, 8, 16 bits of access points under T= =1 second of static mobile station model
False positive rate with various T=1, 2, 4, 8 seconds with = 1 second T under |r1| = |r2| = 16 bits of randomly moving mobile station model
Application and Extension HotSpot
Cyber Cafe, coffee shop, airport Data encryption key as well as access control
key Location Tracking
Sensor network
Future Work Scalability Applicable to Sensor Network LBS (Location Based Services)
Location TrackingLocation PrivacySecure Data Aggregation
Conclusion Easy Simple Cheap Practical Applicable
Q & A