www.mobilevce.com © 2009 mobile vce 6 october 2011 core 4 secure applications ‘instant...
TRANSCRIPT
www.mobilevce.com
© 2009 Mobile VCE
6 October 2011
Core 4 Secure Applications‘Instant Knowledge’Programme Achievements
Nigel JefferiesHuawei
www.mobilevce.com
© 2009 Mobile VCE
Instant Knowledge: Secure Autonomous Business Collaboration
Capture and share tacit knowledge
within and across enterprises autonomically dynamically guaranteeing privacy and respecting security policies
www.mobilevce.com
© 2009 Mobile VCE
Instant Knowledge: Secure Autonomous Business Collaboration
Capture and share tacit knowledge
within and across enterprises autonomically dynamically guaranteeing privacy and respecting security policies
In summary – “Find an Expert”
www.mobilevce.com
© 2009 Mobile VCE
A history lesson…
EffortlessAutonomic
Timely
Doesn’t work
LethargyIgnoranceTimeliness
www.mobilevce.com
© 2009 Mobile VCE
Research Areas
Establishing User Requirements and Behaviour
Autonomous Interpersonal Networking
Pro-active Distributed Recommender System
Secure Policy-Based Information Access
Privacy-Enhancing Sharing Protocols
www.mobilevce.com
© 2009 Mobile VCE
Building a toolbox
Context recording Device, application, user
Autonomous social network creation Who knows who
Profile generators Analysis of user skillset based on output
Recommender Pointers to relevant individuals based on context,
relationship and task
UI recording and analysis Privacy tools
Centralised management system Distributed system
All available as Industry Briefs
www.mobilevce.com
© 2009 Mobile VCE
Context recording Phone: number, date/time call started, duration,
incoming/outgoing/missed SMS: number, date/time sent, length,
incoming/outgoing Proximity: device MAC, device name, Bluetooth
class WiFi: SSID, BSSID, IP address, data rate Cell ID: cell ID, location area code Application/sub-activity Battery state, charger plugged in or not Touch screen, hardware keys, virtual keys Headphones Orientation change (portrait or landscape) GPS usage
www.mobilevce.com
© 2009 Mobile VCE
Context recording
Rails Rails ServerServer
Context Context DatabasDatabas
ee
RESTRESTREST REST ClientClient
Context Context ManagerManager
Clue Clue DatabaseDatabase
GeneratorsGenerators
Web Web BrowserBrowser
N810
www.mobilevce.com
© 2009 Mobile VCE
Autonomous social network creation
Recording and measuring ties between users Sample implementation
IK GUI Client OpenFire XMPP Network Visualiser
Graphing and analysis tools
www.mobilevce.com
© 2009 Mobile VCE
Profile extraction
Automatic skills profile generation Text gathered from application, or from body of
documents Word documents, emails, wi-ki entries, etc Deployed on Thales’ internal wiki
www.mobilevce.com
© 2009 Mobile VCE
Pro-Active Distributed Recommender System
The IK system is designed to automatically recommend people based on keywords
We can extract keywords from any application running on the N810
Two versions of the demonstrator First takes input from applications such as email running
on Nokia N810, sends this to server and receives a list of recommendations
Second uses additional context information and integrated with relational analyser to provide higher quality recommendations
www.mobilevce.com
© 2009 Mobile VCE
Improving De-centralised Recommenders
Developed probabilistic recommendation algorithms to cope with very sparse data sets
Developed new low-rank approximation method which radically reduces the amount of computation to obtain a recommendation and hides private information on individual preference
Analysed clustering methods for reducing computational complexity of recommenders
Developed new multi-agent algorithm for coalition formation to improve performance of decentralised recommender
www.mobilevce.com
© 2009 Mobile VCE
UI recording and analysis
Screen capture at 5 frames per second, half resolution
Screen touched: location and pressure Hardware keys, virtual keys Orientation change
Can effectively recreate entire user-phone interaction experience
Minimal impact on phone responsiveness & battery life
www.mobilevce.com
© 2009 Mobile VCE
UI Recording Tool
UI Event Recorder
Context Recorder
Screen Recorde
r
Observer Playback
Events
Images Context
Screen Screen StateStateUI EventsUI Events Context Context
CluesClues
www.mobilevce.com
© 2009 Mobile VCE
Privacy & Security
New ID management systems and protocols allowing varying levels of privacy
Additions to centralised schemes to allow pseudonymity
Hierarchy of systems to provide k-anonymity in distributed systems
www.mobilevce.com
© 2009 Mobile VCE
IK privacy – centralised solution
Identity management (IdM)
IK managed Leverage existing enterprise IdM
IK communications
Recorded transaction pseudonyms
Reversible pseudonymityUnlinkability Unobservability
IK Policy Enforcement
www.mobilevce.com
© 2009 Mobile VCE
IK privacy – single sign on service
Identity Provider
PDP
SSO
5.E
valu
ate
7. D
ecisio
nIK user
IK client
Local policy
1. Request access
2. SAML query
IK service
Assertion consumer service
IK server (recommender)
3.
Logon
4.
Query
6. Obtain
8.
Resp
onse
Enterprise policy
PDP
PEP
8. Response
www.mobilevce.com
© 2009 Mobile VCE
IK Privacy – distributed solution
Improve robustness against compromise: Rather than a single IK service collecting IK user data,
multiple IK services each serve a subset of enterprise IK users
Hierarchical IK system, in which a parent IK service aggregates IK context data from a subset of child IK services
Recommendations can be requested from both the local IK service and top level IK service
Provides an upgrade path from a centralised system: Each IK service can use the same recommender algorithms The height of the hierarchy determines the strength of
anonymity achieved Scalable
www.mobilevce.com
© 2009 Mobile VCE
IK Privacy – distributed solution
IK service IK service IK service
IK service
ID provider
IK servic
e
ID provider
IK servic
e
ID provider
IK servic
e
ID provider
IK servic
e
ID provider
IK servic
e
ID provider
IK servic
e
ID provider
IK servic
e
IK service
www.mobilevce.com
© 2009 Mobile VCE
Conclusions
Novel components in six key areas: Context recording Autonomous social network creation Profile generators Recommender UI recording and analysis Privacy tools
What applications can you create?