Location Awareness Lancaster Keith Mitchell Computing Department Paul Astle Information Systems Services (ISS)
Contents Summary of Trial Activities o B1. Context-Aware Security o B3. Asset Tracking Progress to date Results / Issues Next Steps
Campus Wireless Network - recap Approaching 400 thin AP’s LWAPP controllers purchased WCS and Location appliance installed Covers social areas, teaching spaces and lecture theatres Using Cisco Location API (XML / SOAP) for trials
B1: Context-Aware Security & B2: Asset Tracking B1: Can we create an RF (geographic) firewall o Room, not building or AP based resolution Aim: o Develop a service to disable clients within a LT B2: Use LWAPP to register devices sightings o Update students records automatically/directly Aim: o User registration via simple web page / application o Time stamp MAC sightings with physical locations o Include understanding privacy implications of tracking
For those with a good memory We also proposed a Community Activity o Later dropped! o Obtaining location (triangulation) using wireless MESH seemed to be quite an engineering challenge and more suited to a larger project!
Progress To Date Good progress overall o Test app to query via Loc API B1 & B2 rely on accurate data from the API o Some issues: Accuracy, timeliness, incompleteness, scale (?) o Security Project has 2 aspects to the project Location Tracking & Authentication System Different Systems Keith – Location Tracking Paul - Authentication
Progress To Date What we can do o Determine and Manage location Ascertain location (building, floor, x,y) for a device Filter Results (associated, ssid, within N mins/hours) Determine if in a ‘Coverage Area’ (i.e. George Fox LT1) Modify Asset Information per device Name/Group are RW. Most attributes RO What we cannot (yet) do o Ascertain vlan_id and username directly But we (think we) can indirectly. Return to this later o Chop them off the network – B1 We have a plan o Update the records – B2 We have another plan
Results/Issues Location Accuracy o Density of APs o Location of Aps o Quality of map data o Device Differences Sony Viao, Dell D620, Nokia N95 8GB, Apple iPhone – see map o Confidence factor Always large value Timelines o Location updates ~ 30 sec intervals o Asset Info updates immediate
Help
Results / Issues Incompleteness o Null data returned consistently Scale o X,Y values do not seem to correlate to Images o Very confusing o Consistent, so not an issue, more an annoyance Poor Cisco Documentation o Guesswork creating work o Recent update made things slightly better
Help
Client Info
Visual Studio Stack Trace null
Approach to Blocking Users (Paul) Approach A - Running script o getAssociatedClients, check if within coverage area. Check group they belong too (vlan id). Block relevant clients Approach B - Location Appliance to send a SNMP trap messages when something changes in a coverage area. o Define coverage areas in WCS and create Asynchronous events which can post to SNMP or SOAP Listeners Access Control / Blocking o At radio level (layer one) LWAPP will disconnect clients but clients will not re-associate without restarting the interface o At network level (layer three) - currently unable to achieve this on our production system. Approach is to create a test VLAN, pipe this to a new gateway (Linux box) and fudge IP Tables. This method will not kill existing sessions but would prevent new connections. Connect to existing wireless controllers.
Next Steps Paul o Investigate the access control options Keith o Build a mobile app for the registration system You are Here. Confirm to sign the register. Push to DB. Modify the Test App Both o Start integrating discovery and access control logic o Test different mobile devices (accuracy)
Help Does anyone have a ‘good’ Cisco contact? o Not a sales droid! o Would really help us to have a conversation about the Location API with them and raise a couple of issues Null information Does anyone have LWAPP and a Location Appliance running? o Code you carry out some tests/queries -> /dev/null?!
The End Questions ?