1.13k likes | 1.46k Views
UbiCom Book Slides (Abridged Version). Chapter 12 Management of Smart Devices, Environments & Interaction. Stefan Poslad http://www.eecs.qmul.ac.uk/people/stefan/ubicom. Chapter 12: Overview. Chapter 12 focuses on: Managing Smart Devices in Virtual ICT Environments
E N D
UbiCom Book Slides(Abridged Version) Chapter 12 Management of Smart Devices, Environments & Interaction Stefan Poslad http://www.eecs.qmul.ac.uk/people/stefan/ubicom Ubiquitous computing: smart devices, environmentsand interaction
Chapter 12: Overview Chapter 12 focuses on: • Managing Smart Devices in • Virtual ICT Environments • Human User-Centred Environments • Physical Environments • Internal system properties: distributed, autonomous Ubiquitous computing: smart devices, environments and interaction
Related Chapter Links • Manage devices as part of human centred activities (Section 5.6.5) • OS management of system ICT resources (Section 3.4) • Intelligent Interaction Management (Chapter 9) • Self, Autonomous System Management (Chapter 8) • Challenges & outlook is related to Management (Chapter 13) Ubiquitous computing: smart devices, environments and interaction
Chapter 12: Overview The slides for this chapter are split into several parts: • Part A: Core Management of UbiCom systems & CCI • Part B: Monitoring, Configuration, Fault & Performance Management • Part C: Security Management Basics • Part D: Security Management of Middleware, Terminals & Content • Part E: Service-Oriented Management of CCI • Part F: Information Management of CCI • Part G: Managing HCI • Part H: Privacy Management: Identification • Part I: Privacy Management: Requirements & Safeguards • Part J: Managing HPI Ubiquitous computing: smart devices, environments and interaction
Process and Application Management by the OS • In high resource smart devices MTOS manages ??? (Section 3.4.3). • In energy constrained portable devices, OS also manages power (section 4.3.4). • In mobile devices, OS & network support for mobile senders & receivers (section 11.7.6). Ubiquitous computing: smart devices, environments and interaction
Network-Oriented Management • Network viewpoint of ICT systems defines 2 main components (Section 3.1.2) • Computer nodes: system management • Network elements to interlink them: network management • Traditionally, a distinction is made between network management and system management although these two are inherently linked Ubiquitous computing: smart devices, environments and interaction
Network-Oriented Management • 2 approaches to manage heterogeneous content and applications with different requirements for jitter, delays and packet loss. • Keep management support in core network simple • management support in core network Ubiquitous computing: smart devices, environments and interaction
FCAPS • Why is good system management needed? • System & network downtime leads to lost revenue, opportunities and productivity. Ubiquitous computing: smart devices, environments and interaction
FCAPS • Standardization of common network management functions referred to as FCAP • FCAPS functions defines basic requirements for managing distributed computers and hence UbiCom systems. • TMN model for managing Open Systems within a telecommunications network defines four logical layers • FCAPS management functions spread across these logical layers. Ubiquitous computing: smart devices, environments and interaction
Implementing FCAPS • Many computer service vendors offer client-server type implementations of FCAPS functions via various APIs, • Can support via • SNMP. • ICMP • HTTP • Open source implementations Ubiquitous computing: smart devices, environments and interaction
Simple Network Management Protocol (SNMP) model Main components of model consist of: • Network elements: things to be managed or not • Agent • proxies • Managers • network management information database MIB) • simple network management protocol (SNMP) Ubiquitous computing: smart devices, environments and interaction
SNMP use to Manage UbiCom Can use EDA to support management events including SNMP events (Section 3.3.3.6). SNMP benefits for UbiCom • ???? SNMP challenges for UbiCom • ??? Ubiquitous computing: smart devices, environments and interaction
Chapter 12: Overview The slides for this chapter are split into several parts: • Part A: Core Management of UbiCom systems & CCI • Part B: Monitoring, Configuration, Fault & Performance Management • Part C: Security Management Basics • Part D: Security Management of Middleware, Terminals & Content • Part E: Service-Oriented Management of CCI • Part F: Information Management of CCI • Part G: Managing HCI • Part H: Privacy Management: Identification • Part I: Privacy Management: Requirements & Safeguards • Part J: Managing HPI Ubiquitous computing: smart devices, environments and interaction
Monitoring • Monitoring obtains the information required to support management functions. • Typical information includes ? • Monitoring can be configured how? Ubiquitous computing: smart devices, environments and interaction
Monitoring • . Monitoring involves three separate processes: • analysis • filtering • auditing. Ubiquitous computing: smart devices, environments and interaction
Monitoring • 2 main methods or protocols to monitor networked devices or hosts are to use • ICMP • SNMP Ubiquitous computing: smart devices, environments and interaction
Accounting • Track service usage and inform authorities about usage and usage costs • Set limits on resource usage. • Automatic handling when usage exceeds limits. Ubiquitous computing: smart devices, environments and interaction
ICMP • Internet Control Message Protocol or ICMP can be used to? • Protocol defines? • ICMP Cons? Ubiquitous computing: smart devices, environments and interaction
Configuration Management Objectives: • Set or modify parameters that control routine operation • Track resources defined by their resource descriptions • Track changes in status of resources such as failures • Manage activation and deactivation of resources Ubiquitous computing: smart devices, environments and interaction
Configuration Management • A configuration is used as a specification of the settings that are • Variant: e.g., ?? • Invariant : e.g., ?? • Configuration management involves 4 main management functions: • ?? • Drivers for reconfiguration ? Ubiquitous computing: smart devices, environments and interaction
ReConfiguration Management Side effects of reconfiguration • Systems need to interrupt their service and reboot themselves for reconfiguration changes to take effect. • Configuration conflicts may also become common in multi domains managed UbiCom systems • Users can misconfigure devices Ubiquitous computing: smart devices, environments and interaction
Reconfiguration Management Easing Configuration & Avoiding Misconfiguration • Ideally, zero manual configuration of devices by users. • Devices should support automatic remote service discovery • Devices should support automatic device installation Ubiquitous computing: smart devices, environments and interaction
Fault Management • A fault is defined as the cause of one or more observed error, or abnormal, events. • Fault Management or Safety management concerns maintaining core ICT service operations. • Fault management overlaps with security management How? Ubiquitous computing: smart devices, environments and interaction
Fault Management • Detect the fault type of events that lead to system failure. • Organise and manage fault cascades in which a root fault leads to numerous child faults, generally the child faults should be suppressed. • Report faults to an appropriate authority or manager. • Automatic correction and handling of some faults. Ubiquitous computing: smart devices, environments and interaction
Fault Management • Fault management is crucial for maintaining the operation of critical infrastructures through monitoring, detecting, preventing and anticipating anomaly events • E.g., utility distribution, telecomms, transport, logistics, intelligent HVAC, banking, medicine etc. • Fault or safety management involves: • fault prevention, • fault prediction, • fault event monitoring, • fault detection, • fault diagnosis, • fault handling • fault-tolerance. Ubiquitous computing: smart devices, environments and interaction
Fault Management • Faults may be random or non-deterministic • Causes? Ubiquitous computing: smart devices, environments and interaction
Performance Management • Collect network statistics using polling or event push • Evaluate performance under normal and degraded conditions • Monitor events that exceed thresholds etc. Ubiquitous computing: smart devices, environments and interaction
Performance Management • Sometimes it may not be possible to specify absolute single point boundaries for system • There are several specific ways to manage performance: • Best effort • QoS • SLA. Ubiquitous computing: smart devices, environments and interaction
Chapter 12: Overview The slides for this chapter are split into several parts: • Part A: Core Management of UbiCom systems & CCI • Part B: Monitoring, Configuration, Fault & Performance Management • Part C: Security Management Basics • Part D: Security Management of Middleware, Terminals & Content • Part E: Service-Oriented Management of CCI • Part F: Information Management of CCI • Part G: Managing HCI • Part H: Privacy Management: Identification • Part I: Privacy Management: Requirements & Safeguards • Part J: Managing HPI Ubiquitous computing: smart devices, environments and interaction
Security management • Security management concerns • assessment of risk of threats which cause some loss of value to system assets • heightened through any system vulnerabilities or weaknesses and developing • maintaining appropriate safeguards or security controls to protect assets against threats • 3 basic types of safeguard: • Detection, • Prevention • Correction • Both detection and correction offer a priori protection • Correction offers a posterior protection. Ubiquitous computing: smart devices, environments and interaction
Security Safeguards UbiCom System security can be modelled in terms of: • Viewpoints of sets of Safeguards that protect the system Assets (the items of value in a system) • against Threats (actions that actively value of assets) • V-SAT model of security Ubiquitous computing: smart devices, environments and interaction
V-SAT Model for Security Management Example • Threat • Sender masquerade • Asset • Information about real sender shared with fake sender • Actions requested by a fake sender are performed by receiver. • Safeguards • Authenticate caller identity • Call back real sender • Strong password based access control Ubiquitous computing: smart devices, environments and interaction
Security Policies • Security management involves specifying 2 main relationships: • of threats against assets • of safeguards against assets. • A security policy specifies? • . • Security policies are often represented using? Ubiquitous computing: smart devices, environments and interaction
Risk Assessment • Risk assessment is used to model: • the assets of value in a system • their loss in value in relation to • the probability of the threat happening and • to the probability of the threat succeeding. • Information on which to quantify the risk of threats can be based upon? Ubiquitous computing: smart devices, environments and interaction
Encryption support for Confidentiality, Authentication and Authorisation • Core security techniques to safeguard distributed systems use • encryption & decryption, • symmetric or asymmetric keys, • to support confidentiality, authentication and authorisation. • Encryption algorithm or cipher: transforms clear or plain content into encrypted content using an encryption key. • Decryption algorithm: transform encrypted content back into plain content using a corresponding decryption key. Ubiquitous computing: smart devices, environments and interaction
Encryption support for Confidentiality, Authentication and Authorisation • In symmetric encryption, same key is used for encryption and decryption • Key needs to be kept secret – a secret key. • Key challenge here is how to distribute secret keys while keeping them confidential in transit. • ?? Ubiquitous computing: smart devices, environments and interaction
Asymmetric Encryption • Also called public key encryption algorithms • Public key is made available in an unrestricted fashion and used for encryption by the sender. • Private key, used to decrypt a message in the receiver & is kept secret by the receiver. • Private key cannot be derived from the public key. • This eases the problem of the sender and receiver having to somehow share the same secret key. • Public key encryption enables the public keys used for encryption to be made public. Ubiquitous computing: smart devices, environments and interaction
Authentication • Authorisation often involves authentication • Although public key encryption can be used for authentication, a key issue is how does someone know that the public key belongs to a particular identity? • Anyone could claim that they hold a particular identity? • Something or someone is needed to attest that a particular identity is bound to a particular identity. • ??? Ubiquitous computing: smart devices, environments and interaction
Authentication • Mainstream approach involve identity certificate authorities. • In open environment, greater flexibility is useful in order for one party to authorise another party to act on their behalf. • Can some restrictions be removed to enable flexibility? • Cam we have Security without identification: privacy? Ubiquitous computing: smart devices, environments and interaction
Chapter 12: Overview The slides for this chapter are split into several parts: • Part A: Core Management of UbiCom systems & CCI • Part B: Monitoring, Configuration, Fault & Performance Management • Part C: Security Management Basics • Part D: Security Management of Middleware, Terminals & Content • Part E: Service-Oriented Management of CCI • Part F: Information Management of CCI • Part G: Managing HCI • Part H: Privacy Management: Identification • Part I: Privacy Management: Requirements & Safeguards • Part J: Managing HPI Ubiquitous computing: smart devices, environments and interaction
Part ?: Overview • An analysis of the use of smart mobile devices reveals an increased risks compared to desktop computers • to secure middleware, • to secure access devices • to secure content, Ubiquitous computing: smart devices, environments and interaction
Securing the System and its Middleware Some examples of threats through the use of seamless (wireless) networks: • A) Compromised phones can as free-loader users in a local network; • B) Remote users can overload a network, preventing access by a local user; • C) Local and remote users can eavesdrop on a normal user. Ubiquitous computing: smart devices, environments and interaction
Disappearing Security Perimeter Causes • use of seamless networks of IP networks everywhere, • Mobile users • Wireless access: interfere RF interference, eavesdropping • use of Unknown, Untrusted intermediaries: man- in-the-middle attack • connection in a session by a user to the wrong service • These increase risk of security breaches • Solutions? Ubiquitous computing: smart devices, environments and interaction
Securing Middleware • Some preventive and corrective type safeguards to handle denial of service threats to mobile devices have also been dealt with elsewhere • Remote Back-ups & occasional synchronisation (Section 12) • Remote-access model can be used to support a distributed UVE type desktop on the mobile device (Section 4.2) • Mobile devices can be designed to deal with the threat of volatile remote service access (Section 3.3.3.9) • Techniques based upon self-healing and self-protecting can also be used (Section 10.4) Ubiquitous computing: smart devices, environments and interaction
Securing Access Devices Devices may be left unsecure: • Because their owners expect that they will remain under their physical control, • When Devices are discarded: • Often, devices with inbuilt network security are supplied in a wide open access mode without any security Ubiquitous computing: smart devices, environments and interaction