The document proposes a cloud-assisted method for securely grouping client devices at the network edge using wireless connections. It involves a 3-way handshake between clients and the cloud to establish a shared hashkey that is then used as a wireless SSID, allowing direct communication. Modeling of mobility traces shows this approach can improve effective communication range and session duration compared to direct device-to-device grouping. Infrastructure nodes identified via trace analysis may further enhance performance by pre-fetching handshake information. The method provides a basic component that could also be integrated with blockchain-based edge security solutions.
Streamlining Python Development: A Guide to a Modern Project Setup
A Method for Cloud-Assisted Secure Wireless Grouping of Client Devices at Network Edge
1. A Method for Cloud-Assisted Secure Wireless Grouping of
Client Devices at Network Edge
Marat Zhanikeev – maratishe@gmail.com — PDF: bit.do/190806
presented as CyberSciTech 2019 @ Fukuoka
2019/08/06
Marat Zhanikeev – maratishe@gmail.com — PDF: bit.do/190806A Method for Cloud-Assisted Secure Wireless Grouping of Client Devices at Network Edge 1/9
1/9
2. Theoretical comm. capabilities at network
edge
• vast majority of (smartphone) apps today run online
◦ for example, see if you can find an offline news reader
• yet there are at least 3 separate methods for P2P WiFi
WiFi
3G
Connectivity
WebApp
Cloud
New
paradigm
Beacon
Stuffing
Marat Zhanikeev – maratishe@gmail.com — PDF: bit.do/190806A Method for Cloud-Assisted Secure Wireless Grouping of Client Devices at Network Edge 1/9
1/9
3. Cloud-Backed Device Groups at NetEdge
• devices should not trust each
other when forming groups
• a 3-way cloud-in-the-middle
handshake is proposed
• locally visible info is meaningless
code, which makes sense only when
run via the cloud
• this paper: a hashkey as SSID
Marat Zhanikeev – maratishe@gmail.com — PDF: bit.do/190806A Method for Cloud-Assisted Secure Wireless Grouping of Client Devices at Network Edge 2/9
2/9
4. The 3-Way Handshake
Cloud
Client A Client B
id,
GPS,
APs
Seeking group!
Check -in
HashkeyHashkey
>> SSID
Grouping
request
Matching
Check-in
B s hashkey
Hashkey
>> SSID
Direct comm.
• both sides need to ① put up WiFi APs and
➁ run AP scans
◦ doable on Android? I have had mixed results, but
the worst case is to toggle between AP and scan
• the matching part is non-trivial: the
cloud can pack ① GPS, ➁ WiFi signal level, ③
mobility trace/prediction, ④ sampling in dense
crowds ... into a smart grouping candidate
list
Marat Zhanikeev – maratishe@gmail.com — PDF: bit.do/190806A Method for Cloud-Assisted Secure Wireless Grouping of Client Devices at Network Edge 3/9
3/9
5. Session Modeling
• the biggest impact comes from lazy beaconing, no practical way to make it
better
• always-on-alert mode for short periods of time is possible, but out of scope for now
Cloud API
Client A
Effective
range
Walking path
Lazy Beaconing
WiFi Direct
GroupingDiscovery
Client B
Local traffic
Marat Zhanikeev – maratishe@gmail.com — PDF: bit.do/190806A Method for Cloud-Assisted Secure Wireless Grouping of Client Devices at Network Edge 4/9
4/9
6. Trace-Based Modeling
0 1 2 3 4 5 6 7 8 9
Time order
20
40
60
80
100
120
140
160
180
200
distance
0 1 2 3 4 5 6 7 8 9
Time order
0
0.2
0.4
0.6
0.8
1
speed
• mobility traces
from crawdad
(Statefair)
• mined the trace and
extracted pairwise
encounters
• each such encounter
is extraced and made
ready for easy replay
Marat Zhanikeev – maratishe@gmail.com — PDF: bit.do/190806A Method for Cloud-Assisted Secure Wireless Grouping of Client Devices at Network Edge 5/9
5/9
7. d2d vs d2i cases
• gridify the trace, track counts for each grid cell
to visualize the best spots for the infra
nodes – those are slow mobility, high density grid
cells
Speed map Density mapMap for potential infrastructure hubs
Marat Zhanikeev – maratishe@gmail.com — PDF: bit.do/190806A Method for Cloud-Assisted Secure Wireless Grouping of Client Devices at Network Edge 6/9
6/9
9. Wrapup
• the infra-assisted case is best described as much better performance for
some of the clients
• otherwise, infra nodes facilitate much faster handshake due to prefetch
◦ 3-way handshakes inevitably infer additional cost
• side note ① already implemented and tried on Android and RPi
• side note ➁ the proposal can be used as a component in a blockchain-based
security at network edge01
01 M.Zhanikeev ”The Last Man Standing Technique for Proof-of-Location in IoT Infrastructures at Network Edge” Wireless Comm. and Mobile Comp. (2019)
Marat Zhanikeev – maratishe@gmail.com — PDF: bit.do/190806A Method for Cloud-Assisted Secure Wireless Grouping of Client Devices at Network Edge 8/9
8/9
10. That’s all, thank you ...
Marat Zhanikeev – maratishe@gmail.com — PDF: bit.do/190806A Method for Cloud-Assisted Secure Wireless Grouping of Client Devices at Network Edge 9/9
9/9