A Peer-to-Peer Approach to Wireless LAN Roaming George C. Polyzos Mobile Multimedia Laboratory Department of Informatics Athens University of Economics and Business Athens , Greece Tel.: Fax:

2 Introduction Ubiquitous Internet access is a necessity  Useful services: , web, VoIP, messaging, remote network access u However, WISPs are facing difficulties u Also, WISP roaming is practically non-existent l The Peer-to-Peer Wireless Network Confederation (P2PWNC) u A framework for uniting WLAN hotspots in a global group u A community of administrative domains that offer wireless Internet access to each other’s registered users u A P2P network of Domain Agents (DAs) n Each DA represents one WLAN administrative domain n DA purpose is eliminate the overhead of roaming agreements

3 Terminology Home Domain  Consuming Peer Registered Users: Unique P2PWNC ID ( ) Peers  Administrative Domains ucsd.edu aueb.gr Consuming Peer Providing Peer Visited Domain  Providing Peer

4 Background WLAN roaming today  Administrative overhead and complexity u Insufficient autonomy for the roaming partners u Insufficient privacy for the roaming users u (Hotspot aggregation - e.g. the Boingo model - is not WLAN roaming!) l P2PWNC distinctive characteristics u Simplicity n No cost of entry for domains n No central entity controls the P2PWNC or the interactions of the peers n Joining the P2PWNC is similar to joining a file-sharing network u Domains make autonomous decisions n Concerning the amount of resources they provide to visitors u User anonymity and untraceability is a design feature

5 P2PWNC High-Level View WLAN view P2P view AP : WLAN Access Point : User DA : P2PWNC Domain Agent APAP APAP APAP APAP APAP APAP APAP APAP APAP DA ‘White’ DA ‘Green’ DA ‘Blue’

6 Domain Agent Modules Name service  Maps logical domain names to DA IP addresses u Uses a distributed hash table (DHT) l Authentication u Maintains a database of registered users… u …along with their security credentials l Traffic policing u Logs and shapes egress and ingress Internet traffic u Allocates specific amounts of bandwidth to visitors l WLAN infrastructure u Firewall, DHCP, DNS, access point control l Distributed accounting u Secure storage of P2PWNC accounting data u Also uses a DHT l Privacy u Enhances user anonymity and untraceability u Based on traffic mixes

7 Security Issues P2PWNC security issues are a superset of WLAN security issues u Usual confidentiality, integrity, and availability problems are still here u However, two additional problems are P2PWNC-specific: 1.Traffic logging by untrustworthy providers u User traffic completely visible to the visited domain agent u Encryption does not hide useful metadata (e.g. remote party address) u SOLUTION: Always tunnel through the home domain 2.Identity and location privacy u Username and home domain visible to the visited domain agent u Home domain is usually required for proper accounting of actions u Current location (the visited peer) is visible to the home domain u SOLUTION: P2PWNC privacy architecture

8 Privacy Architecture Peer ‘P’ Peer ‘A’ (mix 1) Peer ‘B’ (mix 2) Peer ‘C’ “My P2PWNC ID is (Credentials include real ID and a mix chain encrypted using nested public-key encryptions) { MIX, B, { MIX, C, { STOP, X } C } B } A { MIX, C, { STOP, X } C } B { STOP, X } C

9 EU MMAPPS Project l EU-funded research project: Market MAnagement of Peer-to-Peer Services (April ’02 – September ’04) l Research on how to use techniques from economics and social science to tackle some of the fundamental difficulties in creating well-founded, sustainable, P2P applications l Project partners: u BT Research, UK u Athens University of Economics and Business, EL u Eidgenossische Technische Hochschule, Zurich, CH u Darmstadt University of Technology, D u Mysterian, UK u Telekom Austria, A u University of Lancaster, UK

10 AUEB in MMAPPS l Mathematical modeling: Rules and incentives for participation n We explore the space between the very simple rules that are used in existing P2P systems and price based approaches, proposing suitable system rules that are enforceable and restrict the behavior of peers while achieving an acceptable degree of system efficiency n Rules constrain what peers are able to do; nevertheless, peers are free to choose aspects of their behavior (e.g., the network resources they allocate to visitors) n In a rule-based system, peers choose their resource contribution and consumption subject to the rules: the set of feasible contribution and consumption choices defined by the rules l Engineering: Designing and implementing the P2PWNC system n With an appropriate set of participation rules derived from the more theoretical work

11 Relevant publications l P. Antoniadis, C. Courcoubetis, E. Efstathiou, G. Polyzos, and B. Strulo, Peer-to-Peer Wireless LAN Consortia: Modelling and Architecture - Third IEEE International Conference on Peer-to-Peer Computing (P2P 2003), Linkoping, Sweden, 1-3 September l E. Efstathiou and G. Polyzos, Designing a Peer-to-Peer Wireless Network Confederation, Third International Workshop on Wireless Local Networks (WLN2003), Bonn, Germany, October, 2003.

12 Some Additional Issues Design and build a distributed accounting subsystem that is: u Secure u Fault-tolerant  Scalable The ‘offline domains’ issue  A user’s home domain may be offline u No consumer peer available to speak for the user’s behalf u Could the user device act as a peer? u Could another peer act as the user’s home? l Lightweight client devices u Maybe special software is required on the client device in order to verify received service authoritatively u Who else can independently observe the provider?

13 Deploying the P2PWNC DA administrative interface must hide complexity from administrators  Requires only a minimum number of input parameters u Some of these parameters will be ‘best-guesses’ n Visitor request rates n Request rates of the domain’s registered users when roaming l P2PWNC profit opportunities u Vendors of domain agents u Domain aggregators u “Pay-as-you-go” domains

14 Prototype (1 of 4) l Prototype Domain Agent has been built u Running on Linux (with the kernel) u Uses MMAPPS Negotiation and Accounting modules u Uses standard and custom-made Linux TCP/IP daemons l Modules are still missing u Secure distributed hash table n For distributed accounting and the P2PWNC name-service u Privacy module

15 Prototype (2 of 4)

16 Prototype (3 of 4)

17 Prototype (4 of 4) Visitor Negotiation MMAPPS Negotiation Visitor Session WLAN Visitor Negotiation MMAPPS Negotiation Listener WLAN Visited domain - Provider Home domain - Consumer 1. Visitor credentials check 2. Negotiate 3. Request service 4a. MMAPPS negotiation 4b. Balance check 5. Start 6. Balance OK: Proceed

18 Summary l The P2PWNC is a (simpler) alternative to existing roaming schemes l It is governed by rules on reciprocity that are flexible l It is designed around organic growth l Its privacy architecture can make it more socially acceptable l Free-riding represents a problem. n E.g., when peers deny access to visitors l Incentives to share a domain’s resources are needed

Thanks! George C. Polyzos Tel.: , Fax: Mobile Multimedia Laboratory Department of Informatics Athens University of Economics and Business Athens , Greece