Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics...
-
Upload
scott-griffith -
Category
Documents
-
view
219 -
download
0
Transcript of Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics...
![Page 1: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/1.jpg)
Elias C. Efstathiou
Mobile Multimedia LabComputer Science Department
Athens University of Economics and BusinessAthens 10434, Greece
[email protected] - http://mm.aueb.gr
Authors: P. Antoniadis, C. Courcoubetis, E. C. Efstathiou, G. C. Polyzos, and B. StruloIST Project MMAPPS - Market Management of Peer-to-Peer Services
(RTD No IST-2001-34201)
IST Mobile and Wireless Summit 2003, Aveiro, Portugal
The Case forPeer-to-Peer Wireless LAN Consortia
(PWC)
A P2P Approach to WLAN Roaming
![Page 2: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/2.jpg)
2 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
Introduction (1 of 2)
Ubiquitous Internet Access a Necessity
• However, WISPs are facing difficulties
• WISP roaming practically non-existent
• Many under-exploited private WLANs do exist
The Peer-to-Peer Wireless LAN Consortium (PWC):
• A Framework for uniting all WLANs in one global group
• A Community of WLAN Administrative Domains that offer wireless Internet access to each other’s registered users
• The PWC is a P2P network of Domain Agents (DAs)• DAs are physical nodes that represent one domain each
• Their purpose is to eliminate the overhead of roaming agreements
• Instead, DAs obey a simple token-exchange rule
![Page 3: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/3.jpg)
3 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
Introduction (2 of 2)
Domain Independence: a PWC Distinctive Characteristic
• DAs make autonomous decisions concerning the amount of resources they provide to visitors
• Key difference from other roaming schemes
PWC Simplicity
• No central entity controls the PWC or the interactions of its participants
• No cost of entry for domains
• PWC subsystems leverage its P2P nature: no external servers are required
![Page 4: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/4.jpg)
4 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
Background
Motivation
• Existing under-exploited WLANs
• IEEE 802.11 simplicity
• Next-generation portable devices
WLAN Roaming Today
• Practically non-existent• Hotspot aggregation (e.g. Boingo Inc.) is not WLAN roaming
• Limitations of WISP associations (e.g. Pass-One)• Service-mark logic• Insufficient privacy• Insufficient autonomy• Administrative overhead and complexity
The PWC as a P2P System
• Shared good: bandwidth
• Autonomous peers: independent domain agents
• Free-riding: domains that may not provide access to visitors
• Incentives and rules: token-exchange rule
![Page 5: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/5.jpg)
5 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
PWC Requirements
1. Domain Independence
• The peers make autonomous decisions• Concerning their contribution level• Concerning their participation status
2. Domain Reciprocal Behavior
• Free-riding must be minimized
• PWC system rule: token-exchange• This rule “guides” domain behavior
3. Easy-to-Join
• No administrative overhead
• Similar to joining a P2P file-sharing network• Assuming the domain WLAN infrastructure is already in place
4. PWC Self-Sufficiency
• PWC subsystems rely only on the PWC peers themselves
5. Decentralization
• No central entities
• No central authority manages the PWC
![Page 6: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/6.jpg)
6 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
PWC Entities
Domain Agents (DAs)
• The PWC is a P2P network of DAs
• DAs are nodes running the PWC DA software
• Exactly one DA per PWC administrative domain
• Each DA has a unique logical name:• aueb.gr, cometa.net• The_Aveiro_Smith_Family
Users
• Registered with one (or more) DAs
• Each has a unique identifier (user_name@logical_domain_name)
Bandwidth
• The PWC ‘good’ - 802.11 bandwidth and bandwidth to the Internet
Tokens
• Unforgeable virtual currency
• Exchanged between DAs
• Represent the value, which DAs ascribe to their consumed bandwidth
![Page 7: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/7.jpg)
7 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
PWC High-Level View
WLAN viewWLAN view P2P viewP2P view
AP : WLAN Access Point
: User
DA : PWC Domain Agent
AP
AP
AP
AP
AP A
P
AP
AP A
P
DA‘White’
DA‘Gray’
DA‘Black’
![Page 8: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/8.jpg)
8 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
PWC Domain Agent Modules
1. Name-service
• Maps logical domain names to DA IP addresses
• Uses a Distributed Hash Table (DHT)
2. Authentication
• Maintains a database of registered users• Along with their security
credentials
3. Traffic Policing
• Logs and shapes egress and ingress Internet traffic
• Allocates specific amounts of bandwidth to visitors
4. WLAN
• Firewall, DHCP, DNS, NAT/NAPT, WLAN control
5. Distributed Accounting
• Secure storage of PWC accounting information
• Also uses a DHT
6. Consumer Strategy
• Regulates the consumption actions of the domain’s roaming users
7. Provider Strategy
• Regulates contribution to visitors
• Dynamically assigns “prices” to consumed resources
8. Privacy Enhancement
• Ensures PWC user anonymity and untraceability
![Page 9: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/9.jpg)
9 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
PWC Security Issues
PWC security is a superset of WLAN security
• The usual confidentiality, integrity, and availability problems apply
• The following three issues are PWC-specific:
1. Traffic Logging by Untrustworthy Providers
• User traffic completely visible to the visited Domain Agent
• Encryption does not hide useful metadata (e.g. remote-party address)
• SOLUTION: Tunnel (encrypt and route) through the home DA
2. Identity Privacy: PWC Pseudonyms
• User name visible to the visited DA
• SOLUTION: Use algorithmically updated user aliases
3. Anonymity and Untraceability: PWC Mixes
• User name and home domain name visible to the visited DA
• Home domain name required for PWC accounting
• SOLUTION: Use PWC privacy enhancement modules (PWC mixes)
![Page 10: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/10.jpg)
10 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
PWC Mixes
DA‘P’
(Provider)
DA‘A’
(First mix)
DA‘B’
(Second mix)
DA‘C’
(Consumer)
user_X@C
“My PWC user ID is alias_X@A”
(Appends real ID and a mix chain, all encrypted using layered public-key encryptions)
P, A, and B cannot know if the domain on the right is the real consuming domain or a mix
A, B, and C cannot know if the domain on the left is the real providing (visited) domain or a mix
Blue arrows
represent
token flow
![Page 11: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/11.jpg)
11 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
Open PWC Issues
1. Secure Distributed Accounting
• Maintains PWC accounting history
• Must be fault-tolerant, scalable, hack-proof
2. Tokens and Token Generation
• Cryptographically secure, unforgeable tokens
• Generated, perhaps, by a PWC internal distributed bank
• Distributed to new PWC entrants
3. Domain Heterogeneity
• Domains covering areas diverse in size and location
• Domains may have completely uneven populations of registered users
• Small domains may receive only very few requests (and thus tokens)
4. “Offline” Domains
• Domain Agent autonomy may mean a DA is unreachable/offline
• Who “pays” for a roaming user of that domain?• The roaming user? Another domain?
![Page 12: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/12.jpg)
12 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
Deploying the PWC
Domain Agent Administrative Interface
• Must hide PWC complexity from Domain Agent administrators
• DAs must require a minimum number of input parameters:1. A list of registered users and their security credentials
2. The domain’s aggregate egress and ingress Internet bandwidth
3. A “map” of WLAN cells and local traffic bottlenecks
4. The average WLAN load (local registered users and visitors)
5. The average PWC usage by roaming users of the domain
• Some of these parameters will be administrator’s ‘best-guesses’
PWC Profit Opportunities
1. Vendors of PWC Domain Agents
2. Vendors of PWC support modules
3. PWC domain aggregators
4. “Pay-as-you-go” domains
![Page 13: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/13.jpg)
13 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
PWC Domain Agent Prototype
We’ve built two prototype PWC Domain Agents• Running on PCs with Red Hat Linux 9 (2.4.20 kernel)
• Developed using C, Java, and Python
• Each DA is also a WLAN router, connected to the Internet and to a Cisco Aironet 1200-series WLAN AP
Modules completed:• Authentication
• Using IEEE 802.1X• Using a custom web-based login function (and the iptables firewall)
• Traffic Policing• Using the libpcap library and the tc utility
• WLAN• Using Linux IP masquerading (for NAT/NAPT) and standard Linux DHCP, DNS, and
routing functionality
• Strategy (using a very simple P2P token-exchange rule)
Still needed:• Unforgeable tokens, secure DHT (for distributed accounting and name-
service), more complex strategy algorithms, PWC mixes
![Page 14: Elias C. Efstathiou Mobile Multimedia Lab Computer Science Department Athens University of Economics and Business Athens 10434, Greece efstath@aueb.gr.](https://reader036.fdocuments.in/reader036/viewer/2022082417/56649d085503460f949da410/html5/thumbnails/14.jpg)
14 / 14AUEB Mobile Multimedia Lab – http://mm.aueb.gr
Concluding Remarks
• The PWC is a simple alternative to existing roaming schemes
• The PWC is designed around organic growth
• PWC strategic agents replace static roaming agreements
• Although, by design, the PWC cannot provide any strong guarantees, it could become a suitable vehicle for achieving ubiquitous, low-cost, Internet access
• PWC autonomy and privacy considerations could make it more socially acceptable
• Real-world regulations could, however, affect PWC growth
• More analysis and simulations are needed to assist in designing optimal PWC rules