Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece

Slides:

Advertisements

Similar presentations

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Advertisements

UCAIug HAN SRS v2.0 Summary August 12, Scope of HAN SRS in the NIST conceptual model.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

Rev A8/8/021 ABC Networks

CCSE NETWORK STRUCTURE. CCSE NETWORK OUTLINE Mid-sized Building Network spanning over Building 22 and Building 23. Autonomous from ITC’s KFUPM Domain.

Designing a Peer-to-Peer Wireless Network Confederation Elias C. Efstathiou and George C. Polyzos Department of Computer Science Athens University of Economics.

P2PWNC Wireless Community Network CMSC 711: Computer Networks Yee Lin Tan Adam Phillippy.

Mobile IP Overview: Standard IP Standard IP Evolution of Mobile IP Evolution of Mobile IP How it works How it works Problems Assoc. with it Problems Assoc.

CSCD 433/533 Advanced Computer Networks Lecture 1 Course Overview Fall 2011.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

A Peer-to-Peer Approach to Wireless LAN Roaming George C. Polyzos Mobile Multimedia Laboratory Department of Informatics Athens University of Economics.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Grids and Grid Technologies for Wide-Area Distributed Computing Mark Baker, Rajkumar Buyya and Domenico Laforenza.

Self-Organized Aggregation of Wi-Fi Networks Elias C. Efstathiou, Advisor: George C. Polyzos Mobile Multimedia Laboratory, Department of Computer Science.

Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European.

Improving Data Access in P2P Systems Karl Aberer and Magdalena Punceva Swiss Federal Institute of Technology Manfred Hauswirth and Roman Schmidt Technical.

Peer WLAN Consortium: A P2P Case Study Mobile Multimedia Laboratory Department of Informatics Athens University of Economics & Business Athens MMAPPS Meeting,

Building a Strong Foundation for a Future Internet Jennifer Rexford ’91 Computer Science Department (and Electrical Engineering and the Center for IT Policy)

Peer-to-peer file-sharing over mobile ad hoc networks Gang Ding and Bharat Bhargava Department of Computer Sciences Purdue University Pervasive Computing.

NEtwork MObility By: Kristin Belanger. Contents Introduction Introduction Mobile Devices Mobile Devices Objectives Objectives Security Security Solution.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

ITGS Networks Based on the textbook “Information Technology in a Global Society for the IB Diploma” by Stuart Gray.

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

Computation for Physics 計算物理概論 Introduction to Linux.

Introduction to Networking Concepts. Introducing TCP/IP Addressing Network address – common portion of the IP address shared by all hosts on a subnet/network.

Exploiting super peers for large- scale peer-to-peer Wi-Fi roaming Efstratios G. Dimopoulos, Pantelis A. Frangoudis and George.C.Polyzos.

Introduction to Peer-to-Peer Networks. What is a P2P network A P2P network is a large distributed system. It uses the vast resource of PCs distributed.

Kutscher / Ott / Bartsch Supporting Network Access and Service Location in Dynamic Environments Dirk Kutscher Jörg Ott Steffen Bartsch TNC.

Common Devices Used In Computer Networks

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

A Lightweight Platform for Integration of Resource Limited Devices into Pervasive Grids Stavros Isaiadis and Vladimir Getov University of Westminster

70-411: Administering Windows Server 2012

Internet Engineering Course Network Design. Internet Engineering Course; Sharif University of Technology Contents Define and analyse an organization network.

Overlay Network Physical LayerR : router Overlay Layer N R R R R R N.

Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.

Module 4: Planning, Optimizing, and Troubleshooting DHCP

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.

PRIVACY PRESERVING SOCIAL NETWORKING THROUGH DECENTRALIZATION AUTHORS: L.A. CUTILLO, REFIK MOLVA, THORSTEN STRUFE INSTRUCTOR DR. MOHAMMAD ASHIQUR RAHMAN.

CHAPTER 3 PLANNING INTERNET CONNECTIVITY. D ETERMINING INTERNET CONNECTIVITY REQUIREMENTS Factors to be considered in internet access strategy: Sufficient.

NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.

Distributed Authentication in Wireless Mesh Networks Through Kerberos Tickets draft-moustafa-krb-wg-mesh-nw-00.txt Hassnaa Moustafa

Peer-to-Peer Wireless Network Confederation (P2PWNC) Mobile Multimedia Laboratory Athens University of Economics and Business Athens MMAPPS Meeting, September.

1 Presentation_ID © 1999, Cisco Systems, Inc. Cisco All-IP Mobile Wireless Network Reference Model Presentation_ID.

An IP Address Based Caching Scheme for Peer-to-Peer Networks Ronaldo Alves Ferreira Joint work with Ananth Grama and Suresh Jagannathan Department of Computer.

A Combat Support Agency Defense Information Systems Agency GIG EWSE IA and NetOps (EE213) 17 August 2011 UNCLASSIFIED Tactical Edge Service: NetOps and.

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

2.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 2: Examining.

CCNA 1 v3.0 Module 9 TCP/IP Protocol Suite and IP Addressing

Plethora: Infrastructure and System Design. Introduction Peer-to-Peer (P2P) networks: –Self-organizing distributed systems –Nodes receive and provide.

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

Peer-to-Peer Systems: An Overview Hongyu Li. Outline  Introduction  Characteristics of P2P  Algorithms  P2P Applications  Conclusion.

Status & Challenges Interoperability and global integration of communication infrastructure & service platform Fixed-mobile convergence to achieve a future.

INTERNET TECHNOLOGIES Week 10 Peer to Peer Paradigm 1.

Motivation - The Edge Lab Motivation Communication as a co-operative multi-party act: But interests diverge … Core question: how can we distribute control.

CSCD 433/533 Advanced Computer Networks Lecture 1 Course Overview Spring 2016.

Towards a High Performance Extensible Grid Architecture Klaus Krauter Muthucumaru Maheswaran {krauter,

Md Baitul Al Sadi, Isaac J. Cushman, Lei Chen, Rami J. Haddad

A Peer-to-Peer Approach to Wireless LAN Roaming

What Are Routers? Routers are an intermediate system at the network layer that is used to connect networks together based on a common network layer protocol.

EA C451 Vishal Gupta.

Physical Architecture Layer Design

Goals Introduce the Windows Server 2003 family of operating systems

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Presentation transcript:

Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece - Authors: P. Antoniadis, C. Courcoubetis, E. C. Efstathiou, G. C. Polyzos, and B. Strulo IST Project MMAPPS - Market Management of Peer-to-Peer Services (RTD No IST ) IST Mobile and Wireless Summit 2003, Aveiro, Portugal The Case for Peer-to-Peer Wireless LAN Consortia (PWC) A P2P Approach to WLAN Roaming

2 / 14 AUEB Mobile Multimedia Lab – Introduction (1 of 2) Ubiquitous Internet Access a Necessity However, WISPs are facing difficulties WISP roaming practically non-existent Many under-exploited private WLANs do exist The Peer-to-Peer Wireless LAN Consortium (PWC): A Framework for uniting all WLANs in one global group A Community of WLAN Administrative Domains that offer wireless Internet access to each other’s registered users The PWC is a P2P network of Domain Agents (DAs) DAs are physical nodes that represent one domain each Their purpose is to eliminate the overhead of roaming agreements Instead, DAs obey a simple token-exchange rule

3 / 14 AUEB Mobile Multimedia Lab – Introduction (2 of 2) Domain Independence: a PWC Distinctive Characteristic DAs make autonomous decisions concerning the amount of resources they provide to visitors Key difference from other roaming schemes PWC Simplicity No central entity controls the PWC or the interactions of its participants No cost of entry for domains PWC subsystems leverage its P2P nature: no external servers are required

4 / 14 AUEB Mobile Multimedia Lab – Background Motivation Existing under-exploited WLANs IEEE simplicity Next-generation portable devices WLAN Roaming Today Practically non-existent Hotspot aggregation (e.g. Boingo Inc.) is not WLAN roaming Limitations of WISP associations (e.g. Pass-One) Service-mark logic Insufficient privacy Insufficient autonomy Administrative overhead and complexity The PWC as a P2P System Shared good: bandwidth Autonomous peers: independent domain agents Free-riding: domains that may not provide access to visitors Incentives and rules: token-exchange rule

5 / 14 AUEB Mobile Multimedia Lab – PWC Requirements 1. Domain Independence The peers make autonomous decisions Concerning their contribution level Concerning their participation status 2. Domain Reciprocal Behavior Free-riding must be minimized PWC system rule: token-exchange This rule “guides” domain behavior 3. Easy-to-Join No administrative overhead Similar to joining a P2P file-sharing network Assuming the domain WLAN infrastructure is already in place 4. PWC Self-Sufficiency PWC subsystems rely only on the PWC peers themselves 5. Decentralization No central entities No central authority manages the PWC

6 / 14 AUEB Mobile Multimedia Lab – PWC Entities Domain Agents (DAs) The PWC is a P2P network of DAs DAs are nodes running the PWC DA software Exactly one DA per PWC administrative domain Each DA has a unique logical name: aueb.gr, cometa.net The_Aveiro_Smith_Family Users Registered with one (or more) DAs Each has a unique identifier ( ) Bandwidth The PWC ‘good’ bandwidth and bandwidth to the Internet Tokens Unforgeable virtual currency Exchanged between DAs Represent the value, which DAs ascribe to their consumed bandwidth

7 / 14 AUEB Mobile Multimedia Lab – PWC High-Level View WLAN view P2P view AP : WLAN Access Point : User DA : PWC Domain Agent APAP APAP APAP APAP APAP APAP APAP APAP APAP DA ‘White’ DA ‘Gray’ DA ‘Black’

8 / 14 AUEB Mobile Multimedia Lab – PWC Domain Agent Modules 1. Name-service Maps logical domain names to DA IP addresses Uses a Distributed Hash Table (DHT) 2. Authentication Maintains a database of registered users Along with their security credentials 3. Traffic Policing Logs and shapes egress and ingress Internet traffic Allocates specific amounts of bandwidth to visitors 4. WLAN Firewall, DHCP, DNS, NAT/NAPT, WLAN control 5. Distributed Accounting Secure storage of PWC accounting information Also uses a DHT 6. Consumer Strategy Regulates the consumption actions of the domain’s roaming users 7. Provider Strategy Regulates contribution to visitors Dynamically assigns “prices” to consumed resources 8. Privacy Enhancement Ensures PWC user anonymity and untraceability

9 / 14 AUEB Mobile Multimedia Lab – PWC Security Issues PWC security is a superset of WLAN security The usual confidentiality, integrity, and availability problems apply The following three issues are PWC-specific: 1. Traffic Logging by Untrustworthy Providers User traffic completely visible to the visited Domain Agent Encryption does not hide useful metadata (e.g. remote-party address) SOLUTION: Tunnel (encrypt and route) through the home DA 2. Identity Privacy: PWC Pseudonyms User name visible to the visited DA SOLUTION: Use algorithmically updated user aliases 3. Anonymity and Untraceability: PWC Mixes User name and home domain name visible to the visited DA Home domain name required for PWC accounting SOLUTION: Use PWC privacy enhancement modules (PWC mixes)

10 / 14 AUEB Mobile Multimedia Lab – PWC Mixes DA ‘P’ (Provider) DA ‘A’ (First mix) DA ‘B’ (Second mix) DA ‘C’ (Consumer) “My PWC user ID is ” (Appends real ID and a mix chain, all encrypted using layered public-key encryptions) P, A, and B cannot know if the domain on the right is the real consuming domain or a mix A, B, and C cannot know if the domain on the left is the real providing (visited) domain or a mix Blue arrows represent token flow

11 / 14 AUEB Mobile Multimedia Lab – Open PWC Issues 1. Secure Distributed Accounting Maintains PWC accounting history Must be fault-tolerant, scalable, hack-proof 2. Tokens and Token Generation Cryptographically secure, unforgeable tokens Generated, perhaps, by a PWC internal distributed bank Distributed to new PWC entrants 3. Domain Heterogeneity Domains covering areas diverse in size and location Domains may have completely uneven populations of registered users Small domains may receive only very few requests (and thus tokens) 4. “Offline” Domains Domain Agent autonomy may mean a DA is unreachable/offline Who “pays” for a roaming user of that domain? The roaming user? Another domain?

12 / 14 AUEB Mobile Multimedia Lab – Deploying the PWC Domain Agent Administrative Interface Must hide PWC complexity from Domain Agent administrators DAs must require a minimum number of input parameters: 1. A list of registered users and their security credentials 2. The domain’s aggregate egress and ingress Internet bandwidth 3. A “map” of WLAN cells and local traffic bottlenecks 4. The average WLAN load (local registered users and visitors) 5. The average PWC usage by roaming users of the domain Some of these parameters will be administrator’s ‘best-guesses’ PWC Profit Opportunities 1. Vendors of PWC Domain Agents 2. Vendors of PWC support modules 3. PWC domain aggregators 4. “Pay-as-you-go” domains

13 / 14 AUEB Mobile Multimedia Lab – PWC Domain Agent Prototype We’ve built two prototype PWC Domain Agents Running on PCs with Red Hat Linux 9 ( kernel) Developed using C, Java, and Python Each DA is also a WLAN router, connected to the Internet and to a Cisco Aironet 1200-series WLAN AP Modules completed: Authentication Using IEEE 802.1X Using a custom web-based login function (and the iptables firewall) Traffic Policing Using the libpcap library and the tc utility WLAN Using Linux IP masquerading (for NAT/NAPT) and standard Linux DHCP, DNS, and routing functionality Strategy (using a very simple P2P token-exchange rule) Still needed: Unforgeable tokens, secure DHT (for distributed accounting and name- service), more complex strategy algorithms, PWC mixes

14 / 14 AUEB Mobile Multimedia Lab – Concluding Remarks The PWC is a simple alternative to existing roaming schemes The PWC is designed around organic growth PWC strategic agents replace static roaming agreements Although, by design, the PWC cannot provide any strong guarantees, it could become a suitable vehicle for achieving ubiquitous, low-cost, Internet access PWC autonomy and privacy considerations could make it more socially acceptable Real-world regulations could, however, affect PWC growth More analysis and simulations are needed to assist in designing optimal PWC rules