CrowdShare: Secure Resource Sharing in Mobile Crowds

In this talk we present CrowdShare service which allows arbitrary users to establish ad-hoc communication among their mobile devices and to share different resources (such as Internet connectivity, messages, or files) within the mesh network in a secure way. Sharing resources with other potentially untrusted users may impose new security threats, such as eavesdropping, farming or unauthorized access to resources. To protect users of resource sharing services from possible attacks, we perform security analysis of threats and design a security framework which ensures confidentiality, authenticity and liability for consumed services and includes access control framework augmented with a friend finder service which allows two users to identify their social relationships.

We implement our CrowdShare service for secure sharing of the Internet connectivity among users in the mesh network. Our implementation targets Android mobile platforms and uses the Facebook social network to find user’s friends. Further, we utilize secure computation algorithms to determine in a privacy preserving manner whether two users are friends or have friends in common.

The talk presents insight in Linux, Android and server based programming.

 

Speaker: Stanislaus Stelle is a graduate student in IT Security (M.Sc.) from TU Darmstadt. His field is practical IT security for mobile and embedded devices, secure protocol design, peer to peer networks,  penetration testing and software development in several programming languages. He got his Bachelor from DHBW Karlsruhe/SAP and was involved in several international software projects (NC30 and European projects). He is familiar with Android development and has got a deep understanding of the Linux operating system and Contiki.