Download Secure Access Control to Personal Sensor Information in Federations of Personal Networks PDF

Table of Contents

                            Abstract
Dedication
Acknowledgements
Introduction
	Context/Motivation
	Specific Problem
	Research Questions
	Approach
	Structure
Personal Networks
	Requirements
	Overall Architecture
		Connectivity Level Abstraction
		Network Level Abstraction
		Service Abstraction Level
	Network Components
		Personalization
		Cluster Formation
		Intra-Cluster Routing
		Inter-Cluster Routing and Tunneling
		Foreign Communication
		Radio Resource Management and Link Layers
	Service Components
		PN Administration Integrity Service
		User Agent & Authentication
		Service & Content Discovery
		Access Control
		Service Context Service
		Federation Management
		Service & Content Management
		Management Consoles
	Summary
FedNets
	FedNet Types
	The FedNet Lifecycle
		Initial Phase
		Formation Phase
		Operation Phase
		Dissolution Phase
	Architecture
		Architectural Components
		FedNet Manager
		FedNet Agent
		Gateway
		Service Proxy
		Service Management Node
		A FedNet Service
		A FedNet Client
		Service Discovery
		FedNet Access Control Policies
		Service Access Control Policies
		FedNet Services
	Summary
Access Control Architectures
	Security Threats
	Security Definitions
	Security Access Control Architectures That Can Be Applied in FedNets
		AAA
		IEEE 802.1X
		IMS Security ACA
		Kerberos
		Security Architectures That Are Described in Virtual Organizations
		Security ACAs That Are Described in Past or Ongoing FedNet Projects.
	Selection Criteria
		Use Case
		Assumptions
		Requirements
	Evaluation of Security ACAs in FedNets
	Selection of a Suitable FedNet Security ACA
	Summary
The Authentication Protocol
	Available Authentication Methods
		RSA Public Key Authentication
		EAP-TLS
		EAP-TTLS
		PEAP
		MAKE
		EAP-FAST
		EAP-IKEv2
		EAP-PSK
	Authentication Protocol Requirements
	Comparison of Authentication Methods
	Authentication Protocol Recommendation
	Summary
The Ciphersuite
	Keys
		Key Derivation
		Key Strength
	Cipher Suites
		Cipher Suite Assumptions
		Cipher Suite Requirements
		Broken Ciphers
		Security and Encryption Recommendations
	Summary
The Credential Provider
	Credential Providers
	Requirements
	Comparison and Selection
	Summary
The Policy Language
	Basic Terms
	Assumptions
	Storage
	Summary
Design and Implementation
	Assumptions
	System Architecture
		Harry's BSK
		The Gymnasium
		Harry's Coach
		Trouble Sleeping
		The FedNet View
		Putting It All Together
		AAA Server Placement
	Proposed Architecture
	Prototype
	Summary
Prototype Evaluation
	Functional Testing
		Authentication
		Authorization
		Certificate Revocation
	Prototype Performance
		General Experiment Setup
		Experiment 1: Baseline (Non-Modified) System Total Latency
		Experiment 2: Authentication, Authorization, and Certificate Revocation of Modified System.
		Experiment 3: The Impact of Different Hardware
	Extendability
	New Applications
	Summary
Conclusions and Further Work
	Conclusions
	Further Work
Acronyms
Reproducing the Results
	Environment Setup
		Ubuntu
		OpenWrt
		Java
	Creating the OpenWrtImage
	Application Installation
		OpenWrt
		WebDAV
		Java
		strongSwan
	Configuration
		strongSwan
		HTTPD/Apache/WebDAV
		PERMIS
	Running the Code
		OpenWrt
		Java
		Experiments
Used hardware
Confidence Intervals
	Experiment 1: Average Total Latency for Baseline (non-modified) system
	Experiment 2: Authentication, Authorization and Certificate Revocation of Modified System
		Experiment 2.1: Authentication Latency
		Experiment 2.2: Authorization Latency
		Experiment 2.3: Certificate Revocation Check Latency
		Experiment 2.4: Total Latency
	Experiment 3: The Impact of Different Hardware
Java Code
	Policy Files
	PERMIS
	Confidence Intervals
Diff Files
	Our Modifications
	Tobias' Patch