Home Area Gateway Architecture (HANGAR)

The HANGAR Architecture.

Overview

The key objective of this project is to investigate technologies and methodologies with which the home network can be protected, and enrich the computer science curriculum with security-focused experimental computer science material. New Internet-aware devices are being installed in homes, while "always-on" connections to the Internet allow home networks to be attacked around the clock. Home users are helpless against hackers and companies that utilize the newly found connectivity to gather personal information. The literature contains numerous instances where devices such as toys, VCRs, and personal computers have automatically contacted their manufactures to upload information concerning the habits of their new owners. In education, we constantly hear about the need for "security awareness" and "security by design," but university courses place little emphasis on these subjects. Even in cases where courses do mention computer security, they do so in an abstract manner, which students find difficult to relate to or apply in their professional careers after they graduate.

This project aims to develop a framework that will help the typical home user address two basic questions: "how can I configure the devices in my home network," and "how do I protect my privacy and the security of my home network from internal and external threats."

Research Objectives:

The questions above, invariably translate into policy decisions that have to be made by the Home Automation Network (HAN) controller/gateway. Requests for resources by HAN devices (or even custom code downloaded into the controller to enable it to communicate with the devices), or connection requests between internal devices and hosts outside the HAN (e.g. located in the Internet) imply varying levels of trust. Thus, this proposal centers on the deployment of a Trust Management Framework in the HAN context.

Specifically we plan to:

Provide a framework that will support the integration of security implementation mechanisms within an existing HAN infrastructure.
Establish a policy framework that will help ensure that information flowing within a given network satisfies security and privacy requirements. The framework will include a protocol that will allow devices to exchange policy information and thus negotiate the optimum security parameters.
Define a policy definition mechanism that allows unsophisticated users to communicate their security requirements to the local automation network. A laboratory will be created to demonstrate and evaluate various approaches.
Explore other application domains (such as battlefield automation networks and medical monitoring networks) where these techniques can be applied.

Educational Objectives:

This project aims to integrate security into the core computer science curriculum. Through the use of a problem space (Home Automation) that is relatively easy to understand, students can be made aware of security related issues. The lab will be closely integrated into the courses in order to provide examples and opportunities for experimentation. This will be done by providing real-world examples and the ability to acquire hands-on experience through lab work. Specifically:

This research will provide the basis for integrating security awareness and the principles of "security by design" in many courses at all levels, by either introducing new courses or adapting existing ones. The lab will be integrated into undergraduate courses where students will use experiments to supplement the material taught in the courses. Students will also be able to use the facilities for research purposes, developing prototypes and trying out proposed solutions.
Create a program of academic activity that engage students in complex problems. Moreover, the work proposed here has attracted the attention of industrial research teams creating opportunities for research and development collaborations with the industry and hence the possibility of co-operative educational and research opportunities for students.

Contact Information:

Acknowledgement

This work is supported by the National Science Foundation (NSF/CISE-ANIR) under contract ANI-0133537.