Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

PAWS Architecture


Published on

The slides persented by one of junior members of the PAWS team at the University of Cambridge, Computer Labs. For more information on the project, visit

Published in: Technology
  • Be the first to like this

PAWS Architecture

  1. 1. Prof. Jon Crowcroft, Dr. Murray Goulden, Dr. Christian Greiffenhagen,Heidi Howard, Prof. Derek McAuley, Dr. Richard Mortier, Dr. MilenaRadenkovic, Dr. Arjuna SathiaseelanUbiquitous Access toPublic Services Onlinewith PAWS
  2. 2. "All people should be allowed to connect to and expressthemselves freely on the Internet" - UN Human RightsCouncil
  3. 3. Lowest Cost Denominator NetworkIntroducing a new level of basic access,bridging the gap between no access and fullaccessOffering less than best effort access to all10 % of the UK population do not have internetaccess
  4. 4. Aspley, Nottingham3 month trialOne of the mostdeprived areas inthe country~1/3 without internetaccess50 new users50 sharers
  5. 5. Wireless Community Networks (WCN)Forming Co-ops where you share your WiFiand in turn can use othersFon is the most popular WCN, with > 8 millionFON hotspots worldwideThis demonstratesthat people are willingto share their internetconnection
  6. 6. Introducing PAWSPublic Access Wifi Service (PAWS) works withlocal councils and communities to giveeveryone access to basic public servicesonline.Aims● Confidentiality● Accountability● Ease of Use● Priority● Authentication● Scalability
  7. 7. Ease of UseMost home routers are provided by ISPs,plugged in and left on default settingsNot scalable to re-configure everyones routersIntroducing the PAWS access point, a Netgearrouter running OpenWRT
  8. 8. PriorityWe need to measure the spare networkcapacity available to each PAWS access pointProject BISmark by Georgia Tech3 month trial: 1 month of measurement, then 2months of useThrottling traffic at the PAWS access point
  9. 9. AuthenticationUser need to be able to authenticatethemselves to the PAWS network at any PAWSboxWe have a RADIUS server in NottinghamThis can be linked to the councilsauthentication servers
  10. 10. AccountabilityPAWS users need to have a separate public IPaddress from the sharer. Sharers must not beaccountable for users actions onlineUsing a virtual private network (VPN) to a secureendpoint so all PAWS network traffic has thesame IP addressUse PAWS access point firewallsto enforce use of PAWS VPN
  11. 11. ConfidentialityWiFi Encryption often provides weak securityTraffic passes through the sharers home routerwhere it can be sniffedWe already get this fixed for free with VPN tothe users devices
  12. 12. ScalabilityAuthentication across deployment areasYou are registered with your home area,authentication when travelling is directed toyour home authentication server but we allowuse of the nearest VPN server
  13. 13. Limitations- VPN setup on some client devices is difficult- The most widely supported VPN is PPTP, butits been proven insecure- Some home routers block VPN traffic bydefault- PAWS Routers currently cost £130 each- Single point of failure, all traffic routed thoughVPN server- Little incentive to share
  14. 14. Ideas for Future Work- Two tier system, where users who are alsosharers get more bandwidth- For users who are also sharers use theirPAWS box as the VPN endpoint instead- VPN from PAWS AP instead of client devices,combined with WPA Enterprise from the deviceto PAWS AP- Client apps to map coverage, automaticallyconnect to VPN etc..- Implement fallback in PAWS access points
  15. 15. Questions & CommentsHeidi