Security and Privacy in the “Internet of Things”

Date: 
Wednesday, April 1, 2009 - 2:18pm

UCSB COMPUTER SCIENCE DEPARTMENT PRESENTS:
WEDNESDAY, APRIL 15, 2009
3:30 – 4:30
Computer Science Conference Room, Harold Frank Hall Rm. 1132

HOST: Amr El Abbadi

SPEAKER: OLIVER GÜNTHER
Dean, School of Business and Economics
Humboldt-Universitaet zu Berlin
Director, Institute of Information Systems

Title: Security and Privacy in the “Internet of Things”

Abstract:

The much touted “Internet of Things” requires a global IT infrastructure
providing information about “things” in a secure and reliable manner.
The EPCglobal Network is a popular industry proposal for such an IT
infrastructure. Here, the “things” referred to are physical objects
carrying RFID tags with a unique Electronic Product Code (EPC). A
DNS-based Object Naming Service (ONS) locates the information sources
relevant for a given object. In this talk, we show that EPCglobal’s
current design harbors some serious privacy and security risks. We also
discuss some counter-measures and their effectiveness. In particular, we
show how distributed hash tables (DHTs) can be used to improve data
access control to reduce dependencies on individual root name servers,
and to increase privacy. The strength of privacy protection, however,
depends on the availability of secure out-of-band key distribution
mechanisms.

Bio:

Oliver Guenther is Dean of the School of Business and Economics at
Humboldt-Universitaet zu Berlin. He also directs Humboldt’s Institute of
Information Systems and its Interdisciplinary Center on Ubiquitous
Information. Guenther has also taught at the European School of
Management and Technology, Tsinghua University in Beijing, the École
Nationale Supérieure des Télécommunications in Paris, the University of
California at Berkeley and Santa Barbara, and the University of Cape
Town. He served as a consultant and board member to numerous government
agencies and high-tech companies. Guenther is currently on sabbatical at
SAP Research in Palo Alto, performing research on topics such as Web
2.0-ERP integration, RFID architectures, and security and privacy in
ubiquitous computing.