SOK Phearin

Department of Computer Science

MBC Lab., Konkuk University

1
 Outline
I. Overview of Pervasive Computing

II. Architecture

III. Wireless Communication Technologies in Pervasive

Computing and Security Issues

IV. Wireless Vulnerabilities

V. Conclusion

2
 Pervasive Computing Overview
“Ubiquitous computing names the third wave in computing, just
now beginning. First were mainframes, each shared by lots of
people. Now we are in the personal computing era, person and
machine staring uneasily at each other across the desktop. Next
comes ubiquitous computing, or the age of calm
technology, when technology recedes into the background of our
lives.”

“The Computer for the 21st Century”

- September, 1991

Mark D. Weiser (July 23, 1952 – April 27, 1999)3

 Pervasive Computing Overview
Development of computing technologies:

 1st wave : Mainframe computing era

 2nd wave : Personal computing era

 3rd wave : Pervasive computing era

(initially called ubiquitous computing)

4
 What is Pervasive Computing
 Integration of Information and Communications
Technology (ICT) into people’s lives and
environments, made possible by the growing availability
of microprocessors with inbuilt communication
facilities.

 Goals:
 People Oriented
 Implicitly use of computers
 People will focus on task, not tool
5
Pervasive Computing Components
Three converging areas of ICT components:
 Computing devices: communicate with each other and
act intelligently
 Sensors: input devices
 Processors: interpret and analyze data
 Actuators: output devices

 Communications: serve pervasive computing applications

Ex. Zigbee, Bluetooth, WiFi, Wimax /LTE /3G /4G …

 User Interfaces: point of contact between ICT and human

 Active: Users overtly control PC technologies and devices
 Passive: PC covertly control in the background
 Coercive: both Active and Passive

6
 Architecture
Application

Middleware and Security Interface

Various applications such as
Smart Room, Intelligent
Intelligent Computing

Mobile Computing
Navigation… can be built and
Context-Aware used

Affective Computing

Embedded Operating System

Hardware

7
 Architecture
Application Not only:
Middleware and Security Interface  Heterogeneity
 Scalability
Intelligent Computing

Mobile Computing  Programming interface

Context-Aware
But also:
Affective Computing  Service Discovery
 Context-aware

Embedded Operating System

Hardware

8
 Architecture
Structure of Middleware and Security Interface

API

Context-aware
service

Service Description

Extend Module

……

Security Mechanism

9
 Architecture
Application

Middleware and Security Interface

An important aspect of the

Intelligent Computing

Mobile Computing difference between pervasive

computing and desktop
Context-Aware computing

Affective Computing

Embedded Operating System

Hardware

10
 Architecture
Mobile Computing:
•Automatic configuration, dynamic addressing and tracking system
•Free switch between heterogeneous networks
Affective Computing is the computing that relates to, arises
from, or deliberately influences emotions.
– Rosalind W. Picard
•computer science, sensor technology, psychology, physiology
•Key technologies: face recognitions, emotional signal
measurements and analysis

Context-aware Computing: senses environment context and

human context changes.
Key technologies: Location awareness, activities recognition
11
 Architecture
Application Hardware:
Middleware and Security Interface  Fast processing speed
 Small size
Intelligent Computing

Mobile Computing

Context-Aware Embedded Operating

System:
Affective Computing
 Real-time services
 Rational allocation
Embedded Operating System memories
Hardware

12
 Architecture
Structure of Embedded Operating System and Hardware

Network
Sensors I/O Device
Interface

Real-time Embedded Operating System

Pervasive Computing Hardware

13
 Wireless Communication
Many existing and emerging wireless technologies
serve in Pervasive Computing:

•Zigbee and Bluetooth - sensors and actuators - low

energy consumption, short distances (up to 10 meters)

•Wi-Fi - devices - middle ranges (several hundreds of meters)

•Wimax /LTE /3G /4G - a home gateway to Internet - long

ranges (several to tens of kilometres)

14
 Security Issues
Common vulnerabilities existing in wireless technologies:

 Physical jamming

 Passive eavesdropping and traffic analysis

 Message injection and active eavesdropping

 Message deletion and interception

 Insider attacks to breach data confidentiality

 Denial of service (DoS) attacks

15
 Security Issues
Various types of Attack to a Pervasive Computing can:

 Compromise users’ data,

 Crash an entire system

 Render services unavailable

 Potentially lead to the loss of property

 Harm users and even lives

16
 Wireless Vulnerabilities
Wi-Fi MAC Protocol Attacks

 Carrier Sense Multiple Access with Collision Avoidance

(CSMA/CA)
 DoS attack: Clear Channel Assessment-Jamming

 Virtual carrier sense

 DoS attack: Repeat forged RTS/CTS messages with large

NAV leading network slowdown

17
 Wireless Vulnerabilities
 802.11 state machine

 DoS attack: forge deauthentication or disassociation frames

18
 Wireless Vulnerabilities
Wi-Fi Security Protocol Attacks

19
 Wireless Vulnerabilities
Wi-Fi Security Protocol Attacks

Pre-Robust Security Network Association (Pre-RSNA):

security mechanisms in the IEEE 802.11-1997

 Attacks on Wired Equivalent Privacy(WEP):

 Shared Key management – key can be easily obtained from the
attackers
 Weak RC4 encryption implementation – key can be easily broken
by the brute force attack

20
 Wireless Vulnerabilities

Robust Security Network Association (RSNA): security

mechanisms in the IEEE 802.11-2007,
consisting of 3 security algorithms:
Data confidentiality and integrity protocols
RSNA security association management
key management procedures

21
 Wireless Vulnerabilities
Attacks on RSNA
•Security level rollback attack: “Pre-RSNA only” beacons to force
the network to use WEP

•EAP attack: forged association requests - disconnect legitimate

users.

•Four-way handshake DoS attack: forged first unauthenticated

message - parallel incomplete Handshakes - exhaust queue
space

22
 Wireless Vulnerabilities
Attacks on RSNA (Cont.)
•RSN IE poisoning: fake beacons - fail at stage 3

•Reflection attack against four-way handshake: transmitted

data sent back to originator .

•Dos attack against TKIP: intercepted and modified packet - AP

and the client suspend their communication

23
 Conclusion
 Confidentiality, Integrity, and Availability (CIA) are
essential to pervasive computing applications since
sensitive and real-time information may flow over any type
of wireless links

 Many challenges and attacks have been proved. Each

operation and policy should be carefully examined against
any possible attacks.

24
 Reference
 Liu, Y. & Li, F., PCA: A Reference Architecture for Pervasive Computing, 2006 1 st
International Symposium on Pervasive Computing and Applications, IEEE
04079121

 Zhou, B, Marshall, A. & Lee, T. H., Wireless Security Issues in pervasive

computing, 2010 Fourth International Conference on Genetic and Evolutionary
Computing, IEEE 05715481

 2006, Pervasive Computing, Parliamentary Office of Science and Technology

25
26