Distinguished Lecture
Security and Privacy in the Internet of Things
Wednesday, February 4, 2009
4:00 pm to 5:30 pm
Oliver Guenther, Humboldt-Universitaet zu Berlin
The much touted “Internet of Things” requires a global IT infrastructure providing information about "things" in a secure and reliable manner. The EPCglobal Network is a popular industry proposal for such an IT infrastructure. Here, the "things" referred to are physical objects carrying RFID tags with a unique Electronic Product Code (EPC). A DNS-based Object Naming Service (ONS) locates the information sources relevant for a given object. In this talk, we show that EPCglobal's current design harbors some serious privacy and security risks. We also discuss some counter-measures and their effectiveness. In particular, we show how distributed hash tables (DHTs) can be used to improve data access control to reduce dependencies on individual root name servers, and to increase privacy. The strength of privacy protection, however, depends on the availability of secure out-of-band key distribution mechanisms.
Oliver Guenther is Dean of the School of Business and Economics at Humboldt-Universitaet zu Berlin. He also directs Humboldt’s Institute of Information Systems and its Interdisciplinary Center on Ubiquitous Information. Guenther has also taught at the European School of Management and Technology, Tsinghua University in Beijing, the École Nationale Supérieure des Télécommunications in Paris, the University of California at Berkeley and Santa Barbara, and the University of Cape Town. He served as a consultant and board member to numerous government agencies and high-tech companies. Guenther is currently on sabbatical at ICSI and at SAP Research in Palo Alto, performing research on topics such as Web 2.0-ERP integration, RFID architectures, and security and privacy in ubiquitous computing
