210 likes | 386 Views
Secure M3 Chat Team 6 Bordoni Mirco Fabbri Francesco Prati Marco Boccacci Andrea Cicora Saverio. SIB. SIB. SIB. HW Architecture. PC / Laptop. Smart phone. SMART- M3. Mobile phone. Consumer. Producer. Aggregator. Update. Subscribe. Query. SMART M3. SIB. SIB. SIB.
E N D
Secure M3 Chat Team 6 Bordoni MircoFabbri FrancescoPrati MarcoBoccacci Andrea Cicora Saverio
SIB SIB SIB HW Architecture PC / Laptop Smart phone SMART- M3 Mobile phone
Consumer Producer Aggregator Update Subscribe Query SMARTM3 SIB SIB SIB SW Architecture Client LoginManager GUI KP KP Message Message RegistrationManager CREDENTIAL DB KP Message RoomManager Message KP Message GarbageCollector KP
HW/SW Infrastructure GUI GUI Mobile Client Client KP KP KP LoginManager KP RegistrationManager KP RoomManager KP GarbageCollector SIB SIB SIB Smart-M3
Data flow LoginManager Client Client Login Request Message Login Reply Message KP KP KP RegistrationManager Client Client Registration Request Message Registration Reply Message KP KP KP RoomManager Client Client Room Join Request Message Room Join Reply Message KP KP KP Client GarbageCollector Client Client Data Message Data Message KP KP KP KP
SIB SIB SIB Secure Login Protocol (1/4) LoginManager KP 1 The LoginManager KP on start puts in the SIB its public key that clients will use after to request login with an asymmetric cryptography mechanism. After that it subscribes for LoginRequestMessages from clients. ( LoginManager, HasPublicKey, KeyData ) SIB
SIB SIB SIB Secure Login Protocol (2/4) Client KP ( Message, HasType, LoginRequestMessage) 2 When the user login to the system the client retrieves the public key of LoginManager from the SIB, then publishes a new LoginRequestMessage with user’s credentials encrypted. ( LoginManager, HasPublicKey, KeyData ) ( Message, HasSource, PersonClient) ( Message, HasValue, Encrypt(User+’,’+Password)) SIB
SIB SIB SIB Secure Login Protocol (3/4) Credentials Database LoginManager KP ( Message, HasType, LoginRequestMessage) ( Message, HasType, LoginReplyMessage) When LoginManager KP receives a LoginMessage decrypts its content with its private key and check if the user’s credentials are stored in its local database. Then reply to the client with an acknowledge message (with user’s nickname) or a failure notification. 3 ( Message, HasSource, PersonClient) ( Message, HasDestination, PersonClient) ( Message, HasValue, Value) ( Message, HasValue, FAIL | OK:nickname) SIB
SIB SIB SIB Secure Login Protocol (4/4) Client KP ( Message, HasType, LoginReplyMessage) 4 The client KP acquires the LoginManager response. If not failure occurred put’s in the SIB the nickname associated to his user. ( Message, HasDestination, PersonClient) ( PersonClient, HasNickname, nickname ) ( Message, HasValue, FAIL | OK:nickname) SIB
SIB SIB SIB Secure Room Join Protocol (1/4) Room Manager Client KP KP The RoomManager and client KPs on start put in the SIB its public keys that they will use then in an asymmetric cryptography mechanism. 1 ( RoomManager, HasPublicKey, KeyData ) ( Person, HasPublicKey, KeyData ) SIB
SIB SIB SIB Secure Room Join Protocol (2/4) Client KP When the user wants to join a room retrieves the public key of RoomManager from the SIB, then publishes a new RoomJoinRequestMessage with user’s credentials encrypted. 2 ( Message, HasType, RoomJoinRequestMessage) ( RoomManager, HasPublicKey, KeyData ) ( Message, HasSource, Person) SIB
Secure Room Join Protocol (3/4) Room Manager Rooms Database KP ( Message, HasType, RoomJoinRequestMessage) ( Message, HasType, RoomJoinReplyMessage) When RoomManager KP receives a RoomJoinRequestMessage check in a database if the room and its passphrase is correct and if so reply to the client with a symmetric key used to encode messages in that room (encrypted in turn with client’s public key). 3 ( Message, HasSource, Person) ( Message, HasDestination, Person) ( Message, HasValue, Emcrypt(OK:secret) | ERROR ) ( Person, HasPublicKey, KeyData ) SIB SIB SIB SIB
Secure Room Join Protocol (4/4) SIB SIB SIB Client Client KP KP ( Message, HasType, DataMessage) ( Message, HasType, DataMessage) People in the same (protected) room can exchange messages in a secure way. 4 ( Message, HasSource, Person) ( Message, HasSource, Person) ( Message, HasDestination, Room) ( Message, HasDestination, Room) ( Message, HasValue, Emcrypt(msg, secret)) ( Message, HasValue, Decrypt(msg, secret)) SIB
Future developments • Room management by user (creation, removal, etc…). • Peer-to-peer chat. • Distributed and secure database (like MySql). • File exchange. • Application porting on Android-based smartphone devices.
Smart M3 - Pros • Open source. • Platform independent, API for many languages. • Time and space uncoupled communications. • Simplicity of communication primitives. • Interoperability between applications, through the definition of ontologies.
Smart M3 - Cons • Blocking primitives missing, difficult synchronization in multithread environments, would be useful to introduce blocking and destructives primitives like Linda ones. • Security mechanisms missing at platform level (SIB). It’s anyhow possible to ensure security at application level (KP), as Secure M3 Chat shows.