Security and privacy issues in middleware for emergency and rescue applications

Matija Puzar, Thomas Plagemann, Yves Roudier
2008 2008 Second International Conference on Pervasive Computing Technologies for Healthcare  
All rights reserved. No part of this publication may be reproduced or transmitted, in any form or by any means, without permission. Cover: Inger Sandved Anfinsen. Printed in Norway: AiT e-dit AS. Produced in co-operation with Unipub. The thesis is produced by Unipub merely in connection with the thesis defence. Kindly direct all inquiries regarding the thesis to the copyright holder or the unit which grants the doctorate. Abstract Efficient information sharing among rescue personnel is crucial
more » ... or a successful rescue operation. If computer networks were actively used by the rescue personnel, it would allow for more efficient communication, and information sharing in general, compared to standard walkie-talkies still in use today (often more than one at a time). However, emergency and rescue operations present the system with a number of characteristic requirements, compared to traditional networks. The most significant difference is that the network must be built up by the rescue personnel on the spot, and that the presence of existing infrastructure cannot be relied on. Moreover, the rescue personnel's movements make the network topology very dynamic and unstable. We call this type of networks mobile ad-hoc networks (MANETs). In this thesis, we analyze in detail the requirements for usage of MANETs in emergency and rescue operations, with particular focus on security and data sharing. Based on this analysis, the thesis suggests solutions to a selected set of major challenges. The thesis' main contributions are threefold. The first contribution is a concrete solution for one of the main security issues, namely ensuring that only authorized personnel has access to the network. This is achieved by means of a simple and efficient key exchange protocol that relies on device credentials being installed prior to the operation. Next, the thesis contributes with a shared data space that can be used to efficiently and robustly distribute information among the rescue personnel. The distributed nature of the data space is transparent to the applications, as well as the fact that data versioning is performed for the purposes of consistency, conflict resolution, and auditing. Data placement in such a distributed and dynamic environment has to be performed with outmost care. In the cases where network topology or the applications' access pattern to the data space are unknown upfront, we show that placing replicas on 10 % well chosen nodes, achieved e.g. by means of clustering techniques, leads to close-to-optimal placement with regards to network usage. The final contribution of this thesis is a network emulation test-bed implemented to facilitate development of specialized applications and protocols for MANETs. The test-bed has been utilized in a number of Master's and PhD theses, demonstrating its usefulness and flexibility with respect to development time and cost, as well as choice of programming languages.
doi:10.1109/pcthealth.2008.4571037 dblp:conf/ph/PuzarPR08 fatcat:xqkyel3klbeshcphmky7e5itku