Walker SAM Presentation


Published on

Published in: Economy & Finance, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Walker SAM Presentation

  1. 1. Architecting Secure Mobile P2P Systems James Walkerdine , Peter Phillips, Simon Lock Lancaster University
  2. 2. Overview <ul><li>Mobility, P2P and Security </li></ul><ul><ul><li>Challenges </li></ul></ul><ul><li>Overview of the PEPERS project </li></ul><ul><li>The PEPERS Development Methodology </li></ul><ul><ul><li>Architectural support </li></ul></ul><ul><ul><li>Tool support (video) </li></ul></ul><ul><li>Evaluation </li></ul>
  3. 3. Motivation <ul><li>Advances in wireless networking and mobile technology now make mobile P2P feasible </li></ul><ul><li>Mobile P2P can support organisations that have: </li></ul><ul><ul><li>Decentralised management style </li></ul></ul><ul><ul><li>Geographically dispersed or highly mobile workforces </li></ul></ul><ul><ul><li>Wide range of computing and communication devices </li></ul></ul><ul><li>The ad-hoc and heterogeneous nature poses significant design challenges – especially with regards to security </li></ul>
  4. 4. Mobile P2P and Security <ul><li>Connecting trusted and non-trusted devices requires: </li></ul><ul><ul><li>Secure communication and storage (via encryption) </li></ul></ul><ul><ul><li>Robust authentication </li></ul></ul><ul><li>Difficult to achieve in decentralised and highly dynamic environments </li></ul><ul><li>Adapting traditionally centralised company security policies </li></ul><ul><ul><li>Consider distributed, mobile and intermittently connected platforms </li></ul></ul>
  5. 5. PEPERS <ul><li>Mobile Peer-to-Peer Security Infrastructure (EU project) </li></ul><ul><ul><li>Develop an infrastructure to support the design, development and operational deployment of secure mobile P2P applications </li></ul></ul><ul><ul><li>Jan 06 – Jun 08 </li></ul></ul><ul><li>Partners </li></ul><ul><ul><li>UK: Lancaster and City Universities, Symbian </li></ul></ul><ul><ul><li>Greece: ATC, G4S, Phililetheros </li></ul></ul><ul><ul><li>Italy: Engineering </li></ul></ul>
  6. 6. PEPERS Developments Development Framework Runtime Framework Design and Architecture Framework (DAF) Static Verification Framework (SVF) Execution Framework (EF) Dynamic Verification Framework (DVF) Development Platform Runtime Platform Development Methodology P2P Application Reference Architectures Tool Support
  7. 7. User Partner Scenarios <ul><li>Phileleftheros </li></ul><ul><ul><li>Use mobile devices to support communication between journalists, photographers, etc, in the field </li></ul></ul><ul><ul><li>Support the process of publication creation </li></ul></ul><ul><li>G4S </li></ul><ul><ul><li>Use mobile devices to support guard patrols on clients site (e.g. door codes), etc </li></ul></ul><ul><ul><li>Communication with HQ </li></ul></ul>
  8. 8. PEPERS Development Methodology (PDM)
  9. 9. Overview <ul><li>A Methodology and Support Tool </li></ul><ul><li>Supports developers in building secure mobile P2P applications </li></ul><ul><li>Stems from our previous work </li></ul><ul><ul><li>BANKSEC - Secure Component based development </li></ul></ul><ul><ul><li>P2P ARCHITECT - Architecting Dependable P2P Systems </li></ul></ul>
  10. 10. Secure Mobile P2P Development Considerations <ul><li>Make security central to the design </li></ul><ul><ul><li>Development perspective </li></ul></ul><ul><ul><li>Organisational perspective </li></ul></ul><ul><li>Consider requirements and constraints on security cause by: </li></ul><ul><ul><li>Mobility </li></ul></ul><ul><ul><li>Network and Communication </li></ul></ul><ul><ul><li>P2P Technology </li></ul></ul><ul><li>Be architecturally driven </li></ul>
  11. 11. Key types of P2P Topology
  12. 12. Topology support for Security
  13. 13. Development Methodology <ul><li>5 stage method </li></ul><ul><ul><li>Spiral – developers do not need follow fixed phases </li></ul></ul><ul><ul><li>Iterative – stages can be revisited (e.g. when new requirements are discovered, etc) </li></ul></ul><ul><ul><li>Flexible – can accommodate different software engineering techniques (components, etc) </li></ul></ul><ul><li>Each stage contains activities geared specifically for supporting secure mobile P2P application development </li></ul>
  14. 14. Each stage tailored to consider P2P, Security and Mobile aspects Requirements Elicitation Propose System Architecture Start Propose Sub - System Design System Implementation Verification and Validation
  15. 15. Support Tool <ul><li>Web based </li></ul><ul><li>Knowledge base of analysis and reference architectures </li></ul><ul><li>Support for identifying, specifying and managing requirements </li></ul><ul><li>Support for P2P topology selection </li></ul><ul><li>Support for the identification of key secure mobile P2P application functionality </li></ul><ul><li>Support for Secure Mobile P2P Application Reference Architecture selection </li></ul><ul><li>Support for Sub-system identification and initial description </li></ul><ul><li>Support for general managerial and trace ability activities. </li></ul>
  16. 16. G4S Case Study <ul><li>Allow guards and mobile patrols to transmit/receive sensitive data </li></ul><ul><ul><li>With one another </li></ul></ul><ul><ul><li>With the ARC </li></ul></ul><ul><li>Often ad-hoc exceptional situations </li></ul><ul><ul><li>Emergencies guards are responding too </li></ul></ul><ul><ul><li>Change in guard roles (team leader, etc) </li></ul></ul><ul><ul><li>Access privileges can change </li></ul></ul>
  17. 17. Requirements Elicitation Propose System Architecture Start Propose Sub - System Design System Implementation Verification and Validation
  18. 18. Propose System Architecture <ul><li>Key Activities </li></ul><ul><ul><li>Select P2P suitable topologies </li></ul></ul><ul><ul><li>Derive system functional capabilities </li></ul></ul><ul><ul><li>Select mobile P2P application reference architectures </li></ul></ul><ul><ul><li>Establish architectural model </li></ul></ul><ul><ul><li>Describe sub-systems </li></ul></ul><ul><ul><li>Initial PEPERS runtime platform consideration </li></ul></ul><ul><ul><li>Where possible, allocate requirements to sub-systems </li></ul></ul><ul><ul><li>Evaluate architecture </li></ul></ul>
  19. 19. Application Reference Architectures <ul><li>Developed within PEPERS </li></ul><ul><ul><li>Key P2P application domains (IM, shared workspace, DL,…) </li></ul></ul><ul><ul><li>Decentralised and semi-centralised versions </li></ul></ul><ul><li>Provide guidance on the functionality and structure that would be required for particular types of application </li></ul><ul><li>Identified capabilities </li></ul><ul><ul><li>Represent abstract system functionality </li></ul></ul><ul><ul><li>Capabilities of individual layers and whole architectures </li></ul></ul>
  20. 20. Shared Workspace Application Reference Architecture Application/GUI Real - time Connection Monitor/Synchronisation Distributed Authentication/Authorisation Awareness Monitor Decentralised P2P Communication Encryption Distributed Logging P2P Network Layer Known Peer Repository Distributed Log Storage Workspace Management Local Data
  21. 21. Case Study <ul><li>Designers began to investigate the suitability of the different P2P topologies and reference architectures </li></ul><ul><li>Semi-centralised topology chosen </li></ul><ul><ul><li>Fitted in with their current systems </li></ul></ul><ul><li>Distributed Repository, Shared Workspace reference architectures chosen </li></ul><ul><li>Sub-systems identified, high level architecture created </li></ul><ul><ul><li>Drawing upon reference architectures – though not all sub-systems used </li></ul></ul><ul><li>Identifed suitable PEPERS runtime platform modules that can be used </li></ul>
  22. 22. Tool Video
  23. 25. Evaluation <ul><li>Two evaluations performed </li></ul><ul><ul><li>External (mobile phone software companies, developers, etc) </li></ul></ul><ul><ul><li>Internal (PEPERS partners) </li></ul></ul><ul><li>Good starting point for building secure mobile P2P applications </li></ul><ul><li>Improvements </li></ul><ul><ul><li>More thorough security and mobility analysis </li></ul></ul><ul><ul><ul><li>Threat analysis, weightings for security properties </li></ul></ul></ul><ul><ul><ul><li>Degree of mobility </li></ul></ul></ul><ul><ul><li>Encourage the consideration of technologies </li></ul></ul><ul><ul><li>Support other non-functional properties (reliability, scalability, etc) </li></ul></ul><ul><ul><li>Rationale behind tool recommendations </li></ul></ul><ul><ul><li>Better integration with 3 rd party tools </li></ul></ul>
  24. 26. Summary <ul><li>Mobile P2P systems are now a feasible possibility </li></ul><ul><ul><li>Introduces new challenges in terms of mobility and security </li></ul></ul><ul><li>Presented the PDM and supporting tool </li></ul><ul><ul><li>Method to support the development of secure mobile P2P systems </li></ul></ul><ul><ul><li>Focused on the architectural support the PDM provides </li></ul></ul><ul><li>Evaluation has shown benefits, but still areas of improvement </li></ul><ul><li>Tool and further information can be found at www.pepers.org </li></ul>