Computing and Communication in the Presence of Mobility

1
Computing and Communicationin the Presence of
Mobility

• Gruia-Catalin Roman
• 5 December 2003
• Mobile Computing Laboratory
• Department of Computer Science and Engineering

2
Project Team

• Faculty
• Gruia-Catalin Roman
• External Collaborators
• Doctoral Students
• Chien-Liang Fok
• Radu Handorean
• Octav Chipara (NSF)
• Christine Julien (NSF)
• Jamie Payton
• Rohan Sen

• Masters Students
• Randy Pitz
• Undergraduate Students
• Greg Hackmann
• Boris Klaydman
• Doctoral graduates
• Qingfeng Huang (PARC)

3
Recent Developments

• Research results dissemination
• invited talks
• 5 published papers
• 10 accepted papers
• Medium NSF ITR on sensor networks
• Chenyang Lu Catalin Roman
• Collaboration with U. of Virginia
• Continued collaboration with Ford Research
• Public display opportunity through the St. Louis
  Science Center
• Secured St. Louis as the site for ICSE 2005

4
Research Themes

• MURI Project Themes
• Interoperability
• Context-awareness
• Formal models
• Middleware
• WUSTL Distinct Perspective
• Rapid development of dependable applications in
  the presence of mobility

5
Crosscutting Aspects

• Operational environmentintegrated treatment of
  logical and physical mobility
• ad hoc networks Carl
• sensor networks Carl, Gul
• agent systems Gul, Nalini
• Solution strategiesfrom models and analysis to
  middleware and applications
• Focus on adaptation mechanisms Carl, Nalini
• Reliance on context-awareness Carl, Nalini, Gul
• Convergence around coordination models Nalini
• Formal specification and analysis Carl, Gul,
  Jose

6
Project Evolution

• Formal models of mobility
• Mobile UNITY ? Coordination Middleware
  Semantics? Coordination Schemas? Context UNITY
• Coordination models for mobility
• Global Virtual Data Structures ? Foundation for
  Middleware Design

7
Project Evolution

• Middleware for mobility
• LIME Limone ? Secure Service Provision MURI
  Meeting Dec. 2003? EgoSpaces?
  Context-Sensitive Data Structures?
  Context-Sensitive Binding? Agent Coordination in
  Sensor Networks
• Algorithms and protocols for mobile computing
• Message delivery, termination ? Network
  Abstraction MURI Meeting Apr. 2003? Mobicast?
  Spatiotemporal Communication

8
EgoSpaces

• Asymmetric coordination middleware
• Personalization
• Declarative specification
• Transparent maintenance
• Access control

9
Context-Sensitive Data Structures
10
Context-Sensitive Binding

• Policy driven binding for dynamic computing
  environments.

I would like to control the light bulb that is
closest to me.
11
Agent Coordination in Sensor Nets
2
1
3
4
12
Secure Service Provision
Feature Presentation
13
Secure Service Provision in Ad Hoc Networks

• Radu Handorean
• 5 December 2003
• Mobile Computing Laboratory
• Department of Computer Science and Engineering

14
Service Oriented Computing

• End user and business process requirements drive
  the service provision dynamics
• Expectations focus on high levels of
  availability, rapid growth, and predictable
  performance
• The network is a service support infrastructure
• Hosts can advertise, discover, and use services
• Service registry function extends into the
  semantic domain
• Services can discover and use other services

15
Ad Hoc Networks

• Wireless communication
• Lack of fixed infrastructure
• Frequent disconnections
• Limited guarantees
• Resource-poor participants
• Opportunistic resource usage
• Open environment

16
Impact of Disconnection
17
First Entry into the Ad Hoc Setting

• Eliminate the need for centralized support
• Distributed approach to advertising and discovery
• Create the illusion of local interaction
• Locally owned service registries
• Proxies designed to hide the communication
  mechanics
• Manage mobility and disconnection
• Atomic updating of service availability
• Continued service in the presence of mobility
• Secure the service discovery process
• Secure the communication

18
Server/Client Duality
Local service registry
19
Registry Access and Update
20
Service Transparency
21
Implementation Base LIME

• A coordination model supporting physical and
  logical mobility
• Linda-like tuple space coordination
• Transient tuple space sharing
• Java implementation

22
Design Overview
application
application
service provision
service provision
secure tuples secure tuple spaces
secure tuples secure tuple spaces
security table
security table
L I M E
L I M E
remote interactions
interceptor
interceptor
23
Service Representation

• Service profile
• capabilities
• attributes
• proxy
• Service advertisementtuple representation
• InkJet(Yes), PgPerMin(25), RemoteHandle(proxy)
  
• Service discoverytemplate specification
• InkJet(Yes), PgPerMin.class,
  PrinterInterface.class

24
Vulnerability

• LIME System Tuple Space (LSTS) supports explicit
  context-awareness by exposing
• hosts
• agents
• tuple spaces
• Identically-named tuple spaces are shared
• All tuple space names appear in LSTS
• The name offers access to the entire federated
  tuple space

25
Tuple Space Protection

• Provide password protection
• RED ? RED PWD
• Render the LSTS information useless
• Use internally added prefixes to tuple space
  names
• Public RED becomes U_RED
• Private RED PWD becomes S_Xo3)_at_r2
• Tuple space handles are not transferable
• The password is needed only once

26
Secure Communication

• Vulnerability
• Transmission consists of Java serialized objects
• Design opportunity
• Tuple space names appear in all messages
• Solution path
• Use symmetric encryption to secure communication
  channels
• Use the password to derive the key
• Use interceptors at both ends

27
Interceptor Pattern Application
28
Tuple-Level Protection

• Vulnerability
• Service profiles need to be widely accessible
• Agents can access the entire content of the tuple
  space
• Polymorphic matching offers convenient access
• Tuples cannot be encrypted
• Solution strategy
• Offer tuple-level remove/read passwords
• Control tuple access by extending existing
  capabilities

InkJet(Yes), PgPerMin(25), RemoteHandle(proxy),
rd_pwd, rm_pwd
29
Conclusions

• We solved the service repository consistency
  problem
• Connectivity-bound service discovery
• We support distributed peer-to-peer service
  discovery
• We eliminated the need for any third party
  support
• We include multiple degrees of protection
• Tuple space, tuple, host-to-host communication
• We can support public key distribution
• Advertise public keys in read-only tuples
• Limited authentication capabilities

30
Future Work

• Define requirements for service provision in the
  new setting
• Evaluate spatiotemporal aspects of service
  provision in ad hoc settings
• Exploit motion profiles and explore ways to
  acquire them
• Develop support for context sensitive binding