spheres of influence secure organization and coordination of diverse device communities l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Spheres of Influence: Secure organization and coordination of diverse device communities PowerPoint Presentation
Download Presentation
Spheres of Influence: Secure organization and coordination of diverse device communities

Loading in 2 Seconds...

play fullscreen
1 / 81

Spheres of Influence: Secure organization and coordination of diverse device communities - PowerPoint PPT Presentation


  • 166 Views
  • Uploaded on

Spheres of Influence: Secure organization and coordination of diverse device communities. Kevin Eustice Ph.D. Oral Qualifying Examination UCLA Computer Science April 20 th , 2005. Statement of Purpose.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Spheres of Influence: Secure organization and coordination of diverse device communities' - jacob


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
spheres of influence secure organization and coordination of diverse device communities

Spheres of Influence:Secure organization and coordination of diverse device communities

Kevin Eustice

Ph.D. Oral Qualifying Examination

UCLA Computer Science

April 20th, 2005

statement of purpose
Statement of Purpose
  • Design and implement a device community management framework supporting ubiquitous computing scenarios.
  • Contributions of this work:
    • Generalized concept of structured device communities applied to ubiquitous computing.
    • Framework prototype: Spheres of Influence.
    • Sample applications illustrating value and generality of framework
roadmap
Roadmap
  • Managing Ubiquitous Computing
  • Our approach: Spheres of Influence
  • Preliminary Work
  • Design and Implementation
  • Related Work
  • Dissertation Plan
what is ubiquitous computing
What is ubiquitous computing?

Invisible Computing

Tangible Computing

Context-Aware Computing

Transparent Computing

Pervasive Computing

Smart Spaces

Augmented Reality

what is ubiquitous computing5
What is ubiquitous computing?

“…the third wave in computing…”

—Mark Weiser

“Third Paradigm computing”

—Alan Kay

Common elements of ubiquitous computing visions:

  • Large number of devices in the environment
  • Pervasive communications infrastructure
  • Interactions support human activities
ubiquitous computing deconstructed
Ubiquitous Computing deconstructed

Interacting devices grouped by context

Device Communitiesare:

  • Related by some common attribute
  • Dynamic with changing membership
  • Reactive responding to context changes
thesis
Thesis

Approach:

  • Divide world into self-managed, physically and logically grouped device communities.
  • Manage group transitions and interactions.
  • Provide common interface for group interaction.

Benefits:

  • Simplifies high-level management through encapsulation.
  • Community takes on responsibility for coordinating members.
applications benefiting from coordination
Applicationsbenefiting from coordination
  • Mobile cluster management
    • At multiple levels
  • Policy driven applications
    • Ensure consistent policy across applications
  • Automatic proxy deployment
  • Multi-device applications
    • E.g., multimedia applications
necessary components
Necessary Components
  • Membership Services
    • Secure Device Enrollment
    • Community Discovery
    • Relationship Management & Maintenance
  • Communication & Event Services
    • Secure communication channels
    • Interest management
    • Event processing and dissemination
    • Community-aware event semantics
  • Policy Engine
  • Application Support
necessary components10
Necessary Components
  • Membership Services
    • Secure Device Enrollment
    • Community Discovery
    • Relationship Management & Maintenance
  • Communication & Event Services
    • Secure communication channels
    • Interest management
    • Event processing and dissemination
    • Community-aware event semantics
  • Policy Engine
  • Application Support
roadmap11
Roadmap
  • Managing Ubiquitous Computing
  • Our approach: Spheres of Influence
  • Preliminary Work
  • Design and Implementation
  • Related Work
  • Dissertation Plan
approach spheres of influence
Approach: Spheres of Influence

Sphere: a networked software container representing a device or a device community. The sphere serves as an interaction nexus for a community.1

1. Eustice et al."Enabling Secure Ubiquitous Interactions," Proceedings of the First International Workshop on Middleware for Pervasive and Ad-hoc Computing (MPAC2003).

spheres of influence are recursive
Spheres of Influenceare recursive

Spheres can join with others to form larger, structured spheres

  • Coordinator of a sphere is the Sphere Leader

Represents complex structures:

  • Locations
  • Organizations
  • Device Clusters
my personal sphere
My Personal Sphere

Kevin’s Personal Sphere

location sphere hierarchy
Location Sphere Hierarchy

Boelter Hall

Boelter 3rd Floor

Boelter 3564

Physical Sphere

Personal Sphere

location sphere hierarchy16
Location Sphere Hierarchy

1st Floor

2nd Floor

3rd Floor

4th Floor

5th Floor

6th Floor

… Floor

Boelter Hall

Physical Sphere

Personal Sphere

spheres of influence
Spheres of Influence

Spheres serve as a scoping mechanism for:

  • Policy
  • Privilege
  • Event flow
  • Communication
spheres of influence operational vision
Spheres of InfluenceOperational Vision
  • Relationships adjust with behavior
  • Spheres negotiate for service
  • Applications leverage community context to customize user experience
slide20

Negotiate access to “Friends” sphere, update location, check for new relevant events.

Kevin

Kevin’s

Friends

Ackerman

Accesses local services & Ackerman scoped events

slide21

LASR

Boelter Hall

Kevin

Kevin

Boelter 3564

Ackerman

To receive LASR-specific services in 3564, Kevin must be able to show active membership in the LASR social sphere.

anticipated benefits
Anticipated Benefits
  • Community Coordination
  • Improved Security
  • Structured, Common Community Model
  • Vehicle for Application Innovation
community coordination
Community Coordination
  • Group members are group-aware
  • Preferences and policy exposed to group
  • Group members can interact as peers
  • Structure serves to improve scalability of communities

Example: Group Mobility Optimization

example mobile tour group

E

C

D

A

B

Example: Mobile Tour Group

Congestion

Delays

Tricky Configurations

Other WLAN

Museum

Network Impact for Group of size N

  • Startup: 0
  • Transition: N*(Associate+ DHCP+Resource Acquisition)
  • Maintenance: depends

Drawbacks:

  • Consistent behavior requires multiple consistent configurations!
  • Hosting network is flooded at every network transition!
    • Congestion degrades performance of DHCP
  • N-times:
  • Acquire address (DHCP, bootp, …)
  • Rebind to network (VPN, mobile IP, IPsec, …)
  • Identify and reacquire resources (proxies, etc.)
  • Requires:
  • Devices are manually configured with consistent configurations!
example mobile tour sphere

E

C

D

A

B

Example: Mobile Tour Sphere

Congestion

Delays

Tricky Configurations

Other WLAN

Museum

Network Impact for Sphere of size N

  • Startup: (N-1)*(Associate + DHCP + Sphere Join)
  • Transition: Associate + DHCP + Resource Acquisition
  • Maintenance: 1 (Broadcast,Multicast), N-1 (Unicast)

Advantages:

  • Consistent behavior due to common policy
  • Configuration overhead spread over time
  • Spatial reuse possibilities
    • Museum sphere can provide information on underutilized frequency space

Drawbacks:

  • Sphere Bottleneck (can be optimized)
  • N-times:
  • Acquire address (DHCP, bootp, …)
  • Rebind to network (VPN, mobile IP, IPsec, …)
  • Identify and reacquire resources (proxies, etc.)
  • Requires:
  • Devices are manually configured with consistent configurations!
security benefits
Security Benefits
  • Security boundary
    • Sphere members protected from outside
    • Sphere join can include integrity analysis1
  • Membership services
    • Sphere access control
    • Wireless enrollment mechanisms

1. K. Eustice et al. "Securing WiFi Nomads: The Case for Quarantine, Examination, and Decontamination," Proceedings of the New Security Paradigms Workshop (NSPW) 2003.

applications innovation
Applications Innovation
  • Spheres as collaboration nexus
  • Relationships used to customize behavior
  • Group as User
    • Semantics
    • Interfaces

Example: Interactive Media

example interactive media
Example: Interactive Media

Social

Sphere

Multimedia application,

using sphere behavior

as input:

  • Transitions
  • Membership
  • Interactions

Possible applications:

  • Campus-wide game
  • LACMA tour group application

Location

Sphere

Social

Sphere

structured common community model
Structured Common Community Model
  • Multiple fidelity community membership
  • Shared structure scopes relevance
  • Simple standardized interface
    • Cross-community references
    • Diverse relations (Boelter 3564 and LASR)
roadmap30
Roadmap
  • Managing Ubiquitous Computing
  • Our approach: Spheres of Influence
  • Preliminary Work
  • Design and Implementation
  • Related Work
  • Dissertation Plan
slide31

QED

Quarantine device upon entry into network, and authenticate.

Bob

Worker

Worker

Worker

Examine device for vulnerabilities or undesirable services.

Worker

Decontaminate: Work with device to repair vulnerabilities!

Bob’s Office

results from qed
Results from QED
  • Evaluated in LASR testbed over 802.11b
  • Vulnerable machines required additional time
    • Variable based on package size, average file size
    • E.g., perl required ~91 sec. for 34 Mbyte update

Fig 1. Measured overhead in each component of QED session with up-to-date machine; 99% confidence intervals.

[Eustice05] K. Eustice, L. Kleinrock, M. Lukac, V. Ramakrishna and P. Reiher, “QED: Securing the Mobile Masses,” UCLA Technical Report TR-ID pending. 2005.

roadmap33
Roadmap
  • Managing Ubiquitous Computing
  • Our approach: Spheres of Influence
  • Preliminary Work
  • Design and Implementation
  • Related Work
  • Dissertation Plan
major systems issues
Major Systems Issues
  • Placement of Management Logic
  • Sphere Discovery
  • Relationship Management
  • Fault Tolerance and Reliability
  • Events and Event Semantics
  • Application Primitives
sphere discovery
Sphere Discovery
  • How do I find any sphere?
    • Broadcast & multicast
    • Reference-based maps
  • How do I find a specific sphere?
    • Lookup Server
    • DNS-based approach
relationship management
Relationship Management
  • Sphere Bindings
    • Which sphere is the right sphere for me?
    • Different devices will bind to different spheres
  • Approach
      • User/Application Preferences
      • Leverage existing relationships
      • Negotiation – resource/requirement matching
events and event semantics
Events and Event Semantics
  • Handling dynamic membership
    • Queuing events for inactive members
    • Interest registration
  • Event Semantics
    • Scoping events
    • Closest spheres may be most relevant
    • Event Ordering
spheres of influence components

Ext.

Event

Iface

Doorman

Applications

Connection to any related Spheres

Int.

Event

Iface

Sphere State

Member table

Access Rights

Event Registration

Policy

Manager

Sphere

Manager

Spheres of InfluenceComponents
  • Doorman: handles external interactions
  • Sphere Manager: handles internal interactions
  • Policy Manager: mediates interactions
  • Applications Interface
a sphere of influence node
A Sphere of Influence Node

Applications

Sphere Manager

Sphere API

Event

Coordinator

Policy

Engine

Policy Manager

Discovery

Module

Advert.

Module

Join

Module

Connection

Manager

Doorman

Ext. Sphere

Interface

External components

Int. Sphere Interface

Security Services

Operating System

Network (802.11, Bluetooth, Ethernet)

roadmap40
Roadmap
  • Managing Ubiquitous Computing
  • Our approach: Spheres of Influence
  • Preliminary Work
  • Design and Implementation
  • Related Work
  • Dissertation Plan
related work

?

Social Group Applications [Wang’04]

Personal Cluster Management [Chetan’04]

Location-based Infrastructure [Roman’01, Undercoffer’02, Al-Muhtadi’04 …]

Related Work

Spheresof

Influence

Others?

Service Groups?

related work42
Related Work
  • Ubiquitous Computing Infrastructure
    • Intelligent Room/Project Oxygen, Gaia, Centaurus2, one.world
  • Ubiquitous Group Management
    • Ephemeral Social Groups, Mobile Gaia, Super Spaces
  • Cluster Management
    • Open Cluster Framework, Mobile ad hoc clustering
  • Content Distribution/Pub-Sub Event Distribution
    • SIENA, REBECA
  • Secure Enrollment and Network Configuration
    • Resurrecting Duckling, Network-in-a-Box
roadmap43
Roadmap
  • Managing Ubiquitous Computing
  • Our approach: Spheres of Influence
  • Preliminary Work
  • Design and Implementation
  • Related Work
  • Dissertation Plan
planned activities
Planned Activities
  • Complete Implementation
  • Measure of Utility
  • Evaluation
  • Measure of Applicability
complete implementation
Complete Implementation
  • The Spheres of Influence prototype will be completed as detailed in the prospectus.
  • Iterative development model for fast feedback.
  • Implementation will be made publicly available via Sourceforge.
measure of utility
Measure of Utility

Implementation and demonstration of two sample applications

  • A “coordinate and optimize” application
  • An application to show novelty, using community transitions and interactions as application input
system evaluation
System Evaluation
  • Framework Overhead
  • Application Performance
  • Methodology
    • Basic overhead measurements will be gathered in LASR testbed
    • Application results will also be gathered and analyzed
measure of applicability
Measure of Applicability

My assumption: devices will interact in different types of organized groups.

  • Provide a model to characterize ubiquitous applications in terms of group interactions.
  • Analysis of common applications.
examples
Examples
  • Community Geo-annotation
    • mapping of social sphere[s] onto location spheres
  • Friend-finder
    • mapping of location sphere[s] onto social spheres
  • Access-control applications
    • mapping of social spheres onto physical spheres
  • Location-aware Wireless Device Configuration
    • mapping of physical spheres from location sphere onto elemental device spheres
implementation status
Implementation Status

Completed:

  • Communications framework
  • Sphere join protocol
  • Event registration and processing
  • Network configuration modules
  • Reference map-based discovery
statement of purpose51
Statement of Purpose
  • Design and implement a device community management framework supporting ubiquitous computing scenarios.
  • Contributions of this work:
    • Generalized concept of structured device communities applied to ubiquitous computing.
    • Framework prototype: Spheres of Influence.
    • Sample applications illustrating value and generality of framework
spheres of influence secure organization and coordination of diverse device communities52

Spheres of Influence: Secure organization and coordination of diverse device communities

Kevin Eustice

April 20th, 2005

formal foundations of spheres of influence
Formal Foundations of Spheres of Influence

SphereID is a globally unique identifier.

L is the language that describes all valid system events.

History is a set of past States.

State is the current sphere state and is defined as:

  • where,
  • C is the set of spheres that are S’s children
  • P is the set of spheres that are S’s parents
  • R is the set of resources that are available in S.
  • is a set of policy rules that constrain interactions

within the sphere.

formal foundations of spheres of influence55
Formal Foundations of Spheres of Influence

 is the time-step function that updates the sphere based on current state and incoming events. A basic time-step function is given as:

sphere join protocol
Sphere Join Protocol

Members of S

C

ESI

M

O

DM

ISI

State

PM

SM

Candidates

of S

group coordination through sphere events
Group Coordination through Sphere Events
  • Interest-based Event Management
  • Sphere structure scopes event flow
    • Event processing influenced by current connections
    • Different possible semantics
  • Policy regulates interactions
slide58

Home

Living Room

Registers interest in “MediaControl” events

Media

PC

Kevin

Physical Sphere

Personal Sphere

Elemental Device Sphere

slide59

Home

Living Room

Media

PC

Kevin

Laptop generates a “MediaControl” event

Physical Sphere

Personal Sphere

Elemental Device Sphere

interconnection topology
Interconnection Topology
  • What device configuration?
    • Hierarchical
    • Acyclic Peer-Peer
    • General Peer-Peer
  • Hybrid model
    • Many communities tends to be hierarchical
    • Multiple community memberships requires peer-to-peer
doorman external agent

Ext.

Event

Iface

Doorman

Applications

Connection to any related Spheres

Int.

Event

Iface

Sphere State

Member table

Access Rights

Event Registration

Policy

Manager

Sphere

Manager

Doorman (External Agent)
  • Advertisement
  • Discovery
  • Enrollment
  • Connection management
discovery advertisement modes
Discovery/Advertisement Modes
  • Broadcast & Multicast
    • Most feasible for physical spheres
    • Technical issues regarding visibility of advertisements
  • Lookup Server
    • DNS-based approach
    • Most appropriate for abstract spheres
  • Static mappings
    • Most appropriate for locations
    • Staleness and Size
    • Dissemination modes?
planned enrollment techniques
Planned Enrollment Techniques
  • USB/RFID location-limited sideband (Balfanz et al.)
    • OOB exchange of hashed public keys
    • Tie identity to locality
  • Network Vouchers
connection manager
Connection Manager
  • Initiates Sphere Joins
  • Handles incoming supplicants
    • Eligible supplicants handed to Sphere Manager
    • Else, reject connection
  • Eligibility is determined by policy manager
sphere manager

Ext.

Event

Iface

Doorman

Applications

Connection to any related Spheres

Int.

Event

Iface

Sphere State

Member table

Access Rights

Event Registration

Policy

Manager

Sphere

Manager

Sphere Manager
  • Manages existing relationships
  • Manages events
    • Registration
    • Processing
    • Delivery
  • Network interface manager
  • Sphere state container
policy manager
Policy Manager
  • Policy Manager:
    • Policy database contains local policy rules
    • Policy engine answers questions regarding state changing interactions and local policy
  • Policy Language
    • Describes valid interactions in terms of relational, deontic, and temporal constraints
    • Logic-based
  • Policy resolution, conflict handling
  • Focus of V. Ramakrishna’s Dissertation
applications interface
Applications Interface
  • Access local sphere via loopback interface
  • Device sphere maintains a per-application channel to allow event dissemination
    • Send/Receive Events
    • Query Sphere Status
example interactive media68
Example: Interactive Media

Social

Sphere

Multimedia application,

using sphere behavior

as input:

  • Transitions
  • Membership
  • Interactions

Possible applications:

  • Campus-wide game
  • LACMA tour group application

Location

Sphere

Social

Sphere

measure of success
Measure of Success
  • Effectiveness
    • Construct examples similar to those presented here
  • Low Overhead
    • Measure added complexity of sphere abstraction as a function of sphere size
    • Measure time-to-join compared to legacy network modes
    • Measure generation and evaluation time of relationship attestations.
measure of success70
Measure of Success
  • Complete Implementation
    • Dynamic demo: automatically manage device community interactions in face of changing external context, cope with failure
  • Usability
    • Daily use by laboratory inhabitants
      • Task Management
    • LACMA application
    • UCLA Campus-based Multimedia Application
contributions
Contributions
  • Model for a consistent representation of device membership spanning heterogeneous communities
  • Secure, active management of community memberships
  • Secure, cryptographic membership attestation
  • Intra- and Inter-community event registration and delivery
  • Evaluation of model with applications
placement of management logic
Placement of Management Logic
  • Where is sphere management located?
    • Centralized
    • Distributed
    • Partially Distributed
  • Security tradeoff
    • Centralized leadership simpler to secure
    • Distribute components based on trust
fault tolerance and reliability
Fault Tolerance and Reliability
  • Determining failure
    • Did the sphere fail or did I change contexts?
    • Analyze external state and see what’s changed
  • Approaches
    • Distribute management based on trust
    • Failover based on trust
    • Rediscover, rebind to sphere and coalesce
application primitives
Application Primitives
  • Access to Relational Data
    • Membership information
    • Peer information
    • Request & verify attestations
  • Coordination Primitives
    • Gossiping
    • Consensus Gathering
    • Transaction Management
previous work
Previous Work

QED: mobile integrity management

    • Quarantine incoming mobile devices
    • Examine them for vulnerabilities
    • Decontaminate them, with repairs/updates
  • Deployed in LASR to secure laptops
    • RPM package examination
    • Package update as needed via secure tunnel
  • Measured overhead in QED phases
other approaches
Other Approaches
  • Infrastructure projects

(Gaia, Centaurus, AIRE/Project Oxygen)

    • Typical focus is centralized management of services within a physical space
    • Database, CORBA ORB, or local registry
    • Single administrative domain
    • Limited bootstrapping support
other approaches78
Other Approaches
  • Gaia SuperSpaces [Al-Muhtadi’04]
    • Meta structure applied recursively to multiple Gaia spaces
  • Mobile Gaia [Chetan’04]
    • Personal device cluster management
  • Ephemeral Social Groups [Wang’04]
  • Major Differences:
    • Multiple administrative domains.
    • Common representation model of different groups.
related work79
Related Work
  • Cluster formation work [OCF]
    • Mobile ad hoc clustering protocols [many]
  • Content distribution/pub-sub systems
    • SIENA [Carzaniga et al. ‘01]
    • REBECA [Műhl ‘02]
examples of emerging communities
Examples of emerging communities
  • Personal Device Communities

Set of devices with a common owner

  • Location-based Device Communities

Devices related by proximity

  • Social Device Communities

Devices connected by user organization

  • And others (Interest, Task, Function, ….)
slide81

Kevin

Kevin

Kevin

LASR

Boelter Hall

Boelter 3564

Network Connections to Social Sphere through Phys. Sphere

NetworkConnection to Physical Sphere