Presentation is loading. Please wait.

Presentation is loading. Please wait.

25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 1 Hailiang Mei Remote Terminal Management.

Published byMadalynn Tingler Modified over 10 years ago

Similar presentations

Presentation on theme: "25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 1 Hailiang Mei Remote Terminal Management."— Presentation transcript:

1 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 1 Hailiang Mei H.Mei@tue.nl Remote Terminal Management (RTM) and Access Control in SPACE4U

2 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 2 Outline Goals of RTM Possible RTM Approaches (review of existing solutions) Consideration on Security and Access Control Design of RTM Framework Conclusion and Future Work

3 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 3 Scenarios Remote server can be within local network or at service provider’s site Self observes problem + Remote diagnosis + Remote Repair

4 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 4 Requirements for RTM Secured RTM (RTM.01, mandatory) Management client oriented – Healthy terminal oriented Component downloading due to context changing (CAC.01&02) (Legal) Component sharing (RTM.02, optional) Service discovery (RTM.03, optional) – Non-healthy terminal oriented Remote diagnosis (RTM.04, similar to HM.03, Mandatory ) Remote repair (RTM.05, similar to HM.04, Mandatory ) Management server oriented User service data survey (RTM.06, optional) User transparent control (RTM.07, Mandatory)

5 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 5 Outline Goals of RTM Possible RTM Approaches (review of existing solutions) Consideration on Security and Access Control Design of RTM Framework Conclusion and Future Work

6 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 6 Possible RTM approaches Telnet/SSH Virtual Network Computing (VNC) Web server UPnP SNMP SyncML (Open Mobile Alliance)

7 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 7 Virtual Network Computing

8 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 8 Virtual Network Computing

9 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 9 Web Server The device runs a small web server application A service runs on the device to generate run- time HTML file The remote terminal manager access the device via the web browser and execute scripts on the device

10 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 10 Web Server (example)

11 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 11 UPnP Overall stackControl stack

12 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 12 SNMP

13 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 13 SNMP (example) Monitoring

14 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 14 SyncML DM (OMA) OMA DM Inside client Server DM protocol root VendorSyncML … X* …… client Data Synch protocol Add Get Replace Exec Logical tree for addressing purposes. In scope of DM standard! proprietary WAP client proprietary upgrade client Over the air

15 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 15 SyncML DM (OMA) OMA DM Server 4 Vendor/Ring_signals/Default_ring Client 4 7 MyOwnRing

16 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 16 SyncML DM (OMA) OMA DM

17 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 17 Review of approaches Virtual Network Computing (VNC, open source) (Dropped due to obvious security problems) Web server (Dropped due to less flexibility and limited functionalities) UPnP based (Dropped due to less competitive with SyncML DM) SNMP based (Continuing as the complementary) SyncML DM (Continuing as the main reference)

18 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 18 Outline Goals of RTM Possible RTM Approaches (review of existing solutions) Consideration on Security and Access Control Design of RTM Framework Conclusion and Future Work

19 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 19 Scenario RTM Client RTM Server

20 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 20 Hacker on the link RTM Client RTM Server Confidentiality + Integrity

21 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 21 Hacker on RTM Server RTM Client RTM Server Confidentiality ( Authentication + Authorization ) Availability

22 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 22 User is a “Hacker” RTM Client RTM Server Non-repudiation

23 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 23 Hackers 4 ALL RTM Client RTM Server Confidentiality + Integrity Non-repudiation Confidentiality ( Authentication + Authorization ) Availability CIA + non-repudiation

24 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 24 “Kill” Hackers RTM Client RTM Server Confidentiality + Integrity Non-repudiation Confidentiality ( Authentication + Authorization ) Availability PKI is the solution !

25 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 25 Security and Access Control Security assurance – PKI solve confidentiality, integrity and non- repudiation Access Control – Tree structure access control list looks promising, which is included by SNMP, Microsoft Active Directory and SyncML

26 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 26 Outline Goals of RTM Possible RTM Approaches (review of existing solutions) Consideration on Security and Access Control Design of RTM Framework Conclusion and Future Work

27 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 27 Relation with SIM get/exec add/replace delete/exec

28 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 28 RTM Framework inside Device Security setting

29 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 29 Access Management for RTM Each node (object) is identified by an URI Each node has a set of properties This tree can be extended by “add” message or a new installations on the device Leaf node can be either a value or a pointer to an executable command

30 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 30 Secure Communication Authentication Decryption and encryption Maintain log file Can keep user update with latest operations (Transparent control)

31 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 31 Comply with ROBOCOP Framework OS/drivers RCDP component is available Scommunication can be implemented based on open-SSL and SyncML protocol stack Access Manager is open Middleware RTM component RC N... RC 2RC 1 Robocop Run-time Environment RCDP component

32 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 32 Conclusion Secured RTM (RTM.01, mandatory) Management client oriented – Healthy terminal oriented Component downloading due to context changing (CAC.01&02) (Legal) Component sharing (RTM.02, optional) Service discovery (RTM.03, optional) – Non-healthy terminal oriented Remote diagnosis (RTM.04, similar to HM.03, Mandatory ) Remote repair (RTM.05, similar to HM.04, Mandatory ) Management server oriented User service data survey (RTM.06, optional) User transparent control (RTM.07, Mandatory)

33 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 33 Conclusion Secured RTM (RTM.01, mandatory) Management client oriented – Healthy terminal oriented Component downloading due to context changing (CAC.01&02) (Legal) Component sharing (RTM.02, optional)  Service discovery (RTM.03, optional)  – Non-healthy terminal oriented Remote diagnosis (RTM.04, similar to HM.03, Mandatory) Remote repair (RTM.05, similar to HM.04, Mandatory ) Management server oriented User service data survey (RTM.06, optional) User transparent control (RTM.07, Mandatory)

34 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 34 Future Work Formulate access control mechanism – Some ideas borrowed from SNMP and SyncML – Limiting the root node access rights properties – Certain access management might be done by interacting with users Define communication protocol and message format – Largely based on SyncML Implementing…

35 25 July, 2014 Hailiang Mei, H.Mei@tue.nl TU/e Computer Science, System Architecture and Networking 35 Questions?

Download ppt "25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 1 Hailiang Mei Remote Terminal Management."

Similar presentations

Feichter_DPG-SYKL03_Bild-01. Feichter_DPG-SYKL03_Bild-02.

Feichter_DPG-SYKL03_Bild-01. Feichter_DPG-SYKL03_Bild-02.
© 2008 Pearson Addison Wesley. All rights reserved Chapter Seven Costs.

© 2008 Pearson Addison Wesley. All rights reserved Chapter Seven Costs.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Chapter 1 The Study of Body Function Image PowerPoint

Chapter 1 The Study of Body Function Image PowerPoint
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.

Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.
Author: Julia Richards and R. Scott Hawley

Author: Julia Richards and R. Scott Hawley
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 38.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 38.
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.

Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
Chapter 1 Image Slides Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Chapter 1 Image Slides Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
UNITED NATIONS Shipment Details Report – January 2006.

UNITED NATIONS Shipment Details Report – January 2006.
15.082 and 6.855J Spanning Tree Algorithms. 2 The Greedy Algorithm in Action 1 2 3 4 5 6 7 35 10 30 15 25 40 20 17 8 15 11 21 1 2 3 4 5 6 7.

and 6.855J Spanning Tree Algorithms. 2 The Greedy Algorithm in Action
18 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Introduction to Web Services.

18 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Introduction to Web Services.
1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.

1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.

FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Year 6 mental test 5 second questions

Year 6 mental test 5 second questions
Year 6 mental test 10 second questions

Year 6 mental test 10 second questions
PUBLIC KEY CRYPTOSYSTEMS Symmetric Cryptosystems 6/05/2014 | pag. 2.

PUBLIC KEY CRYPTOSYSTEMS Symmetric Cryptosystems 6/05/2014 | pag. 2.

Similar presentations

Ads by Google