1 / 49

P2PWNC Wireless Community Network

P2PWNC Wireless Community Network. CMSC 711: Computer Networks Yee Lin Tan Adam Phillippy. Introduction. Ubiquitous Internet access is a necessity Email, web, VoIP, messaging, remote network access Current state Internet access far from ubiquitous Required infrastructure not yet in place

marvin
Download Presentation

P2PWNC Wireless Community Network

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. P2PWNCWireless Community Network CMSC 711: Computer Networks Yee Lin Tan Adam Phillippy

  2. Introduction • Ubiquitous Internet access is a necessity • Email, web, VoIP, messaging, remote network access • Current state • Internet access far from ubiquitous • Required infrastructure not yet in place • Wireless Internet Service Providers (WISPs) • Coverage limited to selected hotspots • Wireless LAN (WLAN) • Deployed in homes, schools, airports, etc. • Idea • Why not unite all WLANs to provide ubiquitous access to the Internet?

  3. Peer-to-Peer Wireless Network Confederation (P2PWNC) • Framework for uniting WLAN hotspots • Community of administrative domains that offer wireless internet access to each other’s users • P2P network of domain agents (DA)

  4. Peer-to-Peer Wireless Network Confederation (P2PWNC) • Administrative Domain • Examples: • Residential hotspot with 1 access point • WISP with access points in many locations • Domain Agent (DA) • Each administrative domain maintains 1 DA • Physical node that represents the WLAN • Responsibilities: • Regulates wireless service provision and consumption • Eliminates need for roaming agreements

  5. Peer-to-Peer Wireless Network Confederation (P2PWNC) • Simple accounting mechanism based on token-exchange • When roaming in another P2PWNC domain • To compensate for resources consumed, home DA transfers tokens to visited DA

  6. P2PWNC Design • Based on reciprocity • Domains must provide resources to visitors • So that their own users can consume resources of other P2PWNC domains when roaming

  7. Distinctive Characteristics • Open to all • No registration or central authority • Joining P2PWNC is similar to joining a file-sharing network • Free to use • No barrier to entry • Reciprocity drives the system • Autonomous domains • Each domain decides how much resources it wants to provide to visitors • Protects privacy • Identity and location privacy

  8. P2P Systems • Communities of economic agents cooperating for mutual benefit without centralized control • Characteristics: • Makes use of otherwise underused resources • Agent autonomy • Scalability, fault-tolerance, reliability

  9. P2PWNC as a P2P System • Underused resources • Residential hotspots typically operate only at a small percentage of maximum throughput • Cost-sharing • Distribute cost among participating administrative domains • High cost for a single provider to cover large areas • Hardware • Administration, operations, maintenance • Decentralized control • Distributed accounting to track who owes who and how much • Agent autonomy • Can dynamically adjust provisioning rates

  10. Architectural Overview • Unique logical name for each DA • Can reuse DNS name • Registered users • Local users of a particular domain • Examples: • Residential hotspot: all household members • WISP: all subscribers • Roaming users • Visiting users from another domain

  11. DA Modules • Name service • Maps logical P2PWNC domain names to IP addresses of DAs • Authentication • Maintains a database of registered users along with security credentials • Traffic-policing • Logs and shapes internet traffic • Allocates specific amounts of bandwidth to visitors • WLAN • Firewall, DHCP, DNS, access point control • Distributed accounting • Secure storage of accounting data

  12. DA Modules (2) • Consumer-strategy • Home DA’s consumer-strategy is contacted when roaming user wants service • Decides if transaction should continue • Pays required tokens to visited DA’s provider-strategy module • Provider-strategy • Decides whether to provide service to visitor • Decides current service prices

  13. DA Modules (3) • Privacy-enhancement • Protects identity privacy • Hides user name and home DA of roaming user from visited DA • Protects location privacy • Hides visited DA from home DA • Distributed Hash Table • Low-level module used by name service and distributed accounting

  14. Security and Privacy Issues • Abuse by untrustworthy visitors • Illegal activities • Traffic logging by untrustworthy providers • Possible solution: tunneling through trusted gateway (e.g. home DA) • Identity privacy • Possible solution: create a new alias for every new connection? • Identity and location privacy • Possible solution: Mix network

  15. Mix network Peer ‘A’ (mix 1) Peer ‘B’ (mix 2) Alias_X@B { MIX, C, { STOP, X }C }B Alias_X@C { STOP, X }C Alias_X@A { MIX, B, { MIX, C, { STOP, X }C }B }A Peer ‘P’ (provider) Peer ‘C’ (home) “My P2PWNC ID is Alias_X@A” Credentials include real ID and a mix chain encrypted using nested public-key encryptions X@C Idea credit: David ChaumSlide credit: George Polyzos

  16. Economic Considerations • Optimal system parameters • Consumer/Provider strategies, token prices • Secure distributed accounting subsystem • Monitors peer contribution and consumption • Uses cryptographically secure tokens (cannot be forged) • Domain strategies • How to charge usage: • KBytes or hour, current congestions levels, identity of consumer • How to balance conflicting requirements: • Want best possible service for its own roaming users • Must provide service to visitors to earn tokens for use by roaming users • May affect service provided to its own local users

  17. Economic Considerations (2) • Offline DAs • Problem • Roaming user requests service from visited DA • Visited DA unable to contact home DA • Possible Solution (decentralized version) • Home DA distributes token allowances to users • User pays without intervention of home DA • Token generation • How DAs first acquire tokens • Distributed banks generate tokens and distribute to new entrants

  18. Economic Considerations (3) • Domain heterogeneity • Different in terms of: • Coverage size • Coverage location • Number of registered users • Problem: • Domains with few visitors, difficult to earn tokens • Possible solution: set high token prices • More general problem: • How to make sure a few domains don’t monopolize all tokens?

  19. Summary of DA Responsibilities • Regulate prices for service • Make sure visitor traffic does not adversely affect traffic from registered users • Ensure best possible treatment for own (registered) users that are roaming

  20. Business Models - Who can make a profit • Upstream ISPs that allow P2PWNC may be preferred by customers • “Pay-as-you-go” domains • Vendors can sell pre-paid cards containing P2PWNC user id and credentials • Virtual P2PWNC • Virtual DA obtains tokens from P2PWNC domains outside normal interaction model • Sells tokens in the form of pre-paid cards

  21. Business Models – Who can make a profit (2) • P2PWNC domain aggregators • Host DA for multiple small WLANs • Similar to web hosting • Vendors of DA modules • Provide consumer-strategy and provider-strategy modules • Hotspot indexing engines • Tune DA parameters • Security and privacy enhancements

  22. Operational Issues • Need more economic analysis and simulations • How P2PWNC and token-based incentive operate in real-world environment • Regulatory obstacles • Some ISPs prohibit sharing of broadband connections

  23. P2PWNC Implementation • http://mm.aueb.gr/research/p2pwnc • GPL Licensed • AP: Linksys WRT54GS • Firmware • Client: QTEK 9100 • C and Java

  24. Implementation Assumptions • Good • No central authority • Users may use unlimited, free IDs • User consumption is not homogeneous • Software can be modified/hacked • Teams (domains) will try and cheat • Teams will collude • Not so good • Team consumption is homogeneous • Team members trust each other • ISPs allow connection sharing

  25. Teams, users, and receipts (IOUs) Team AP Team member

  26. Receipt accounting C CONN RREQ RCPT RREQ CACK RREQ RCPT t0 w1 t0 w2 ? RCPT P R provider, team timestamp, weight t0 w2

  27. R Centralized

  28. Decentralized R R R

  29. Decentralized • One receipt server per team • Gossiping protocol • Devices carry a sample of receipts • Consumers share receipts with providers • Adds overhead for verifying receipts • Incomplete view of the “receipt graph”

  30. Receipt graph F E G G B B A I D D C C H H Does C owe H?

  31. Maxflow decision • Probability of me granting you service What IOU What you owe me

  32. Maxflow (bottle neck flow) F E G B A Min C-H cut I D C H

  33. Abuse • Uncooperative teams • Evident from receipt graph • Other teams will stop providing service • DOS attacks • Centralized server is vulnerable • Decentralized servers have secret IPs • Teams do not communicate via Internet • Colluding teams…

  34. Naive collusion F G X0 B X1 X2 I C H

  35. Sophisticated collusion F G X1 B X0 X2 I X3 C H

  36. Generalized Maxflow • Look for collusion hub X0 • Discount suspicious paths • Discount flow passing through vertices with a high sum of outgoing edge weights • Discount flow passing through many vertices • Assumes homogeneous team usage

  37. Security • Team leader • Public/private keys for team identity • Signs member certificates • Team members • Public/private keys for member identity • All receipts are signed • Elliptic Curve Digital Signature Algorithm (ECDSA) • Signing faster than verification • Mobile devices have limited computing power • No central authority (decentralized)

  38. Security

  39. Simulation • Providers and consumers make decisions based on benefit-to-cost ratio • Evolutionary learning • Providing +cost, consuming +benefit • Simulate interaction across 500 rounds • 1 new team added per round • 300 total teams

  40. Strategies • Switch to best strategy after each round • Most teams adopt cooperative strategies • After 500 rounds • 175 Reciprocative teams • 100 Unconditional cooperator teams • 20 Random cooperator teams • 5 Unconditional defector teams

  41. Strategy

  42. Questions • Will it work in the real world? • Sporadic usage • Receipt history flushing • Is it scalable? • Maxflow could get expensive • What about heterogeneous team usage? • Variable cost of bandwidth • Who is responsible for the AP’s traffic? • Will the RIAA believe it wasn’t you?

  43. P2PWNC Publications • Initial idea • A Peer-to-Peer Approach to Wireless LAN Roaming. Efstathiou EC, Polyzos GC. ACM WMASH, 2003. • Implementation details • Stimulating Participation in Wireless Community Networks. Efstathiou EC, Frangoudis PA, Polyzos GC. IEEEINFOCOM, 2006.

  44. Receipt repository

  45. Collusion

  46. Maxflow overhead

  47. Cryptographic overhead

  48. Real-World Example - FON • Largest WiFi community in the world • Idea • Members (aka Foneros) share wireless Internet access at home • In return, get free WiFi wherever there is a Fonero Access Point • Use Fonero login • How to become a member: • Buy a WiFi router (aka La Fonera) from FON

  49. More about FON • 3 types of Foneros (members) • Linuses • People who share home WiFi to get free WiFi wherever there is a FON Access Point • Aliens • People who do not share their WiFi but want access to a FON Access Point • Charged $3 per day • Bills • Businesses who want to make money off their WiFi • Don’t want free roaming • Get 50% of money Aliens pay • Can advertise on their own personalized FON Access Point homepage

More Related