80 likes | 169 Views
Building Secure Media Applications over Wireless Community Networks. E.C. Efstathiou, F.A. Elianos, P.A. Frangoudis, V.P. Kemerlis, D.C. Paraskevaidis, G.C. Polyzos, E.C. Stefanis Mobile Multimedia Laboratory Department of Computer Science Athens University of Economics and Business
E N D
Building Secure Media Applications over Wireless Community Networks E.C. Efstathiou, F.A. Elianos, P.A. Frangoudis, V.P. Kemerlis, D.C. Paraskevaidis, G.C. Polyzos, E.C. Stefanis Mobile Multimedia Laboratory Department of Computer Science Athens University of Economics and Business GR-11362 Athens, Greece http://mm.aueb.gr/ efstath@aueb.gr, elianos@cs.aueb.gr, pfrag@aueb.gr, vpk@cs.aueb.gr, dcp@aueb.gr, polyzos@aueb.gr, leste@aueb.gr
Agenda • Motivation • Distinctive Characteristics • Prior Work • QoS Enhancements • Secure Decentralized VoIP • Local Content Services
Motivation • Many private WLANs in cities • Connected to DSL/Cable links • Secured • Underutilized • Wireless Community Networks • Wireless backbone – long distance point-to-point links • Operated by volunteers/WLAN enthusiasts • Variety of services to members • Citywide coverage
Distinctive Characteristics • Peer-to-Peer Wireless Network Confederation: An incentive scheme for WLAN sharing • Relies on (indirect) service reciprocity • Fully decentralized • User identifiers: Disposable public/private key pairs • Metropolitan WLAN coverage through private WLANs • Internet access & VoIP to pedestrians through DSL/WLAN internet connection sharing • Complementary services to GSM • Open protocol specification • Accounting based on digital “receipts” • Implementation on top of common WLAN equipment and WLAN-enabled smartphones (e.g. QTEK 9100 and similar)
Prior Work • Centralized design • P2PWNC protocol specification (first version) • Early P2PWNC implementation • Performance analysis of maximum-flow based reciprocity algorithms and cryptographic operations • Presented at HPOVUA 2005
QoS Enhancements • QoS levels to punish/reward roamers • Traffic Shaping – protecting WLAN resources • P2PWNC protocol extensions • Implementation: • Application-level daemon based on Linux iproute/tc • Use classic algorithms such as HTB, SFQ…
Secure Decentralized VoIP • Decentralized architecture for secure mobile multimedia • Traffic secured from AP eavesdropping • End-to-end security possible with minor modifications • Free/Secure complementary service to GSM VoIP call setup details: • W1, W2 open secure VPN connections to H1, H2 • W1 (caller) sends GSM SMS to W2 with caller’s home IP address • W2 starts VoIP stream through H2 to H1 • Port forwarding is set up at H1 and H2
Local Content Services Over P2PWNC • Content services • Entertainment • Video streaming, Podcasting • Location-based services • Information about nearby venues • Accounting scheme • Keeping P2PWNC receipt-based accounting • Differentially-charged classes of services • Assumption • Internet traffic more costly to operator than (local) content services traffic • Motivation • Inexpensive operation for content services • Valuable receipts earned