25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 1 Hailiang Mei Remote Terminal Management.

Slides:



Advertisements
Similar presentations
Feichter_DPG-SYKL03_Bild-01. Feichter_DPG-SYKL03_Bild-02.
Advertisements

© 2008 Pearson Addison Wesley. All rights reserved Chapter Seven Costs.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Chapter 1 The Study of Body Function Image PowerPoint
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.
Author: Julia Richards and R. Scott Hawley
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 38.
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
Chapter 1 Image Slides Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
UNITED NATIONS Shipment Details Report – January 2006.
and 6.855J Spanning Tree Algorithms. 2 The Greedy Algorithm in Action
18 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Introduction to Web Services.
1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Year 6 mental test 5 second questions
Year 6 mental test 10 second questions
PUBLIC KEY CRYPTOSYSTEMS Symmetric Cryptosystems 6/05/2014 | pag. 2.
1 Click here to End Presentation Software: Installation and Updates Internet Download CD release NACIS Updates.
Photo Slideshow Instructions (delete before presenting or this page will show when slideshow loops) 1.Set PowerPoint to work in Outline. View/Normal click.
REVIEW: Arthropod ID. 1. Name the subphylum. 2. Name the subphylum. 3. Name the order.
Break Time Remaining 10:00.
1 The phone in the cloud Utilizing resources hosted anywhere Claes Nilsson.
ABC Technology Project
2 |SharePoint Saturday New York City
IP Multicast Information management 2 Groep T Leuven – Information department 2/14 Agenda •Why IP Multicast ? •Multicast fundamentals •Intradomain.
25 July, 2014 Martijn v/d Horst, TU/e Computer Science, System Architecture and Networking 1 Martijn v/d Horst
25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 1 Hailiang Mei Security and Privacy Concern.
Operating Systems Operating Systems - Winter 2011 Dr. Melanie Rieback Design and Implementation.
Operating Systems Operating Systems - Winter 2012 Dr. Melanie Rieback Design and Implementation.
VOORBLAD.
15. Oktober Oktober Oktober 2012.
Name Convolutional codes Tomashevich Victor. Name- 2 - Introduction Convolutional codes map information to code bits sequentially by convolving a sequence.
1 RA III - Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Buenos Aires, Argentina, 25 – 27 October 2006 Status of observing programmes in RA.
Factor P 16 8(8-5ab) 4(d² + 4) 3rs(2r – s) 15cd(1 + 2cd) 8(4a² + 3b²)
Basel-ICU-Journal Challenge18/20/ Basel-ICU-Journal Challenge8/20/2014.
We are learning how to read the 24 hour clock
1..
31242/32549 Advanced Internet Programming Advanced Java Programming
CONTROL VISION Set-up. Step 1 Step 2 Step 3 Step 5 Step 4.
© 2012 National Heart Foundation of Australia. Slide 2.
Understanding Generalist Practice, 5e, Kirst-Ashman/Hull
Global Analysis and Distributed Systems Software Architecture Lecture # 5-6.
25 seconds left…...
: 3 00.
5 minutes.
H to shape fully developed personality to shape fully developed personality for successful application in life for successful.
Januar MDMDFSSMDMDFSSS
Analyzing Genes and Genomes
©Brooks/Cole, 2001 Chapter 12 Derived Types-- Enumerated, Structure and Union.
Essential Cell Biology
Clock will move after 1 minute
Intracellular Compartments and Transport
PSSA Preparation.
VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.
Xiao Zhang and Wenliang Du Dept. of Electrical Engineering & Computer Science Syracuse University.
Essential Cell Biology
1 Chapter 13 Nuclear Magnetic Resonance Spectroscopy.
Energy Generation in Mitochondria and Chlorplasts
Select a time to count down from the clock above
Murach’s OS/390 and z/OS JCLChapter 16, Slide 1 © 2002, Mike Murach & Associates, Inc.
Introduction Peter Dolog dolog [at] cs [dot] aau [dot] dk Intelligent Web and Information Systems September 9, 2010.
TCP/IP Protocol Suite 1 Chapter 18 Upon completion you will be able to: Remote Login: Telnet Understand how TELNET works Understand the role of NVT in.
Presentation transcript:

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 1 Hailiang Mei Remote Terminal Management (RTM) and Access Control in SPACE4U

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 2 Outline Goals of RTM Possible RTM Approaches (review of existing solutions) Consideration on Security and Access Control Design of RTM Framework Conclusion and Future Work

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 3 Scenarios Remote server can be within local network or at service provider’s site Self observes problem + Remote diagnosis + Remote Repair

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 4 Requirements for RTM Secured RTM (RTM.01, mandatory) Management client oriented – Healthy terminal oriented Component downloading due to context changing (CAC.01&02) (Legal) Component sharing (RTM.02, optional) Service discovery (RTM.03, optional) – Non-healthy terminal oriented Remote diagnosis (RTM.04, similar to HM.03, Mandatory ) Remote repair (RTM.05, similar to HM.04, Mandatory ) Management server oriented User service data survey (RTM.06, optional) User transparent control (RTM.07, Mandatory)

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 5 Outline Goals of RTM Possible RTM Approaches (review of existing solutions) Consideration on Security and Access Control Design of RTM Framework Conclusion and Future Work

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 6 Possible RTM approaches Telnet/SSH Virtual Network Computing (VNC) Web server UPnP SNMP SyncML (Open Mobile Alliance)

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 7 Virtual Network Computing

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 8 Virtual Network Computing

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 9 Web Server The device runs a small web server application A service runs on the device to generate run- time HTML file The remote terminal manager access the device via the web browser and execute scripts on the device

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 10 Web Server (example)

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 11 UPnP Overall stackControl stack

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 12 SNMP

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 13 SNMP (example) Monitoring

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 14 SyncML DM (OMA) OMA DM Inside client Server DM protocol root VendorSyncML … X* …… client Data Synch protocol Add Get Replace Exec Logical tree for addressing purposes. In scope of DM standard! proprietary WAP client proprietary upgrade client Over the air

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 15 SyncML DM (OMA) OMA DM Server 4 Vendor/Ring_signals/Default_ring Client 4 7 MyOwnRing

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 16 SyncML DM (OMA) OMA DM

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 17 Review of approaches Virtual Network Computing (VNC, open source) (Dropped due to obvious security problems) Web server (Dropped due to less flexibility and limited functionalities) UPnP based (Dropped due to less competitive with SyncML DM) SNMP based (Continuing as the complementary) SyncML DM (Continuing as the main reference)

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 18 Outline Goals of RTM Possible RTM Approaches (review of existing solutions) Consideration on Security and Access Control Design of RTM Framework Conclusion and Future Work

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 19 Scenario RTM Client RTM Server

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 20 Hacker on the link RTM Client RTM Server Confidentiality + Integrity

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 21 Hacker on RTM Server RTM Client RTM Server Confidentiality ( Authentication + Authorization ) Availability

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 22 User is a “Hacker” RTM Client RTM Server Non-repudiation

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 23 Hackers 4 ALL RTM Client RTM Server Confidentiality + Integrity Non-repudiation Confidentiality ( Authentication + Authorization ) Availability CIA + non-repudiation

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 24 “Kill” Hackers RTM Client RTM Server Confidentiality + Integrity Non-repudiation Confidentiality ( Authentication + Authorization ) Availability PKI is the solution !

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 25 Security and Access Control Security assurance – PKI solve confidentiality, integrity and non- repudiation Access Control – Tree structure access control list looks promising, which is included by SNMP, Microsoft Active Directory and SyncML

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 26 Outline Goals of RTM Possible RTM Approaches (review of existing solutions) Consideration on Security and Access Control Design of RTM Framework Conclusion and Future Work

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 27 Relation with SIM get/exec add/replace delete/exec

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 28 RTM Framework inside Device Security setting

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 29 Access Management for RTM Each node (object) is identified by an URI Each node has a set of properties This tree can be extended by “add” message or a new installations on the device Leaf node can be either a value or a pointer to an executable command

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 30 Secure Communication Authentication Decryption and encryption Maintain log file Can keep user update with latest operations (Transparent control)

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 31 Comply with ROBOCOP Framework OS/drivers RCDP component is available Scommunication can be implemented based on open-SSL and SyncML protocol stack Access Manager is open Middleware RTM component RC N... RC 2RC 1 Robocop Run-time Environment RCDP component

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 32 Conclusion Secured RTM (RTM.01, mandatory) Management client oriented – Healthy terminal oriented Component downloading due to context changing (CAC.01&02) (Legal) Component sharing (RTM.02, optional) Service discovery (RTM.03, optional) – Non-healthy terminal oriented Remote diagnosis (RTM.04, similar to HM.03, Mandatory ) Remote repair (RTM.05, similar to HM.04, Mandatory ) Management server oriented User service data survey (RTM.06, optional) User transparent control (RTM.07, Mandatory)

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 33 Conclusion Secured RTM (RTM.01, mandatory) Management client oriented – Healthy terminal oriented Component downloading due to context changing (CAC.01&02) (Legal) Component sharing (RTM.02, optional)  Service discovery (RTM.03, optional)  – Non-healthy terminal oriented Remote diagnosis (RTM.04, similar to HM.03, Mandatory) Remote repair (RTM.05, similar to HM.04, Mandatory ) Management server oriented User service data survey (RTM.06, optional) User transparent control (RTM.07, Mandatory)

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 34 Future Work Formulate access control mechanism – Some ideas borrowed from SNMP and SyncML – Limiting the root node access rights properties – Certain access management might be done by interacting with users Define communication protocol and message format – Largely based on SyncML Implementing…

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 35 Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.