1 / 26

Architecting Secure Mobile P2P Systems

Architecting Secure Mobile P2P Systems. James Walkerdine , Peter Phillips, Simon Lock Lancaster University. Overview. Mobility, P2P and Security Challenges Overview of the PEPERS project The PEPERS Development Methodology Architectural support Tool support (video) Evaluation.

orrin
Download Presentation

Architecting Secure Mobile P2P Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Architecting Secure Mobile P2P Systems James Walkerdine, Peter Phillips, Simon Lock Lancaster University

  2. Overview • Mobility, P2P and Security • Challenges • Overview of the PEPERS project • The PEPERS Development Methodology • Architectural support • Tool support (video) • Evaluation

  3. Motivation • Advances in wireless networking and mobile technology now make mobile P2P feasible • Mobile P2P can support organisations that have: • Decentralised management style • Geographically dispersed or highly mobile workforces • Wide range of computing and communication devices • The ad-hoc and heterogeneous nature poses significant design challenges – especially with regards to security

  4. Mobile P2P and Security • Connecting trusted and non-trusted devices requires: • Secure communication and storage (via encryption) • Robust authentication • Difficult to achieve in decentralised and highly dynamic environments • Adapting traditionally centralised company security policies • Consider distributed, mobile and intermittently connected platforms

  5. PEPERS • Mobile Peer-to-Peer Security Infrastructure (EU project) • Develop an infrastructure to support the design, development and operational deployment of secure mobile P2P applications • Jan 06 – Jun 08 • Partners • UK: Lancaster and City Universities, Symbian • Greece: ATC, G4S, Phililetheros • Italy: Engineering

  6. DevelopmentFramework RuntimeFramework Development Methodology Dynamic Design Execution Static Verification and Framework Verification Framework Architecture (EF) Framework (DVF) Framework (SVF) (DAF) P2P Application Reference Architectures Development Platform Runtime Platform Tool Support PEPERS Developments

  7. User Partner Scenarios • Phileleftheros • Use mobile devices to support communication between journalists, photographers, etc, in the field • Support the process of publication creation • G4S • Use mobile devices to support guard patrols on clients site (e.g. door codes), etc • Communication with HQ

  8. PEPERS Development Methodology(PDM)

  9. Overview • A Methodology and Support Tool • Supports developers in building secure mobile P2P applications • Stems from our previous work • BANKSEC - Secure Component based development • P2P ARCHITECT - Architecting Dependable P2P Systems

  10. Secure Mobile P2P Development Considerations • Make security central to the design • Development perspective • Organisational perspective • Consider requirements and constraints on security cause by: • Mobility • Network and Communication • P2P Technology • Be architecturally driven

  11. Key types of P2P Topology

  12. Topology support for Security

  13. Development Methodology • 5 stage method • Spiral – developers do not need follow fixed phases • Iterative – stages can be revisited (e.g. when new requirements are discovered, etc) • Flexible – can accommodate different software engineering techniques (components, etc) • Each stage contains activities geared specifically for supporting secure mobile P2P application development

  14. Requirements Propose System Elicitation Architecture Start Propose Sub - System Verification Design and Validation System Implementation Each stage tailored to consider P2P, Security and Mobile aspects

  15. Support Tool • Web based • Knowledge base of analysis and reference architectures • Support for identifying, specifying and managing requirements • Support for P2P topology selection • Support for the identification of key secure mobile P2P application functionality • Support for Secure Mobile P2P Application Reference Architecture selection • Support for Sub-system identification and initial description • Support for general managerial and trace ability activities.

  16. G4S Case Study • Allow guards and mobile patrols to transmit/receive sensitive data • With one another • With the ARC • Often ad-hoc exceptional situations • Emergencies guards are responding too • Change in guard roles (team leader, etc) • Access privileges can change

  17. Requirements Propose System Elicitation Architecture Start Propose Sub - System Verification Design and Validation System Implementation

  18. Propose System Architecture • Key Activities • Select P2P suitable topologies • Derive system functional capabilities • Select mobile P2P application reference architectures • Establish architectural model • Describe sub-systems • Initial PEPERS runtime platform consideration • Where possible, allocate requirements to sub-systems • Evaluate architecture

  19. Application Reference Architectures • Developed within PEPERS • Key P2P application domains (IM, shared workspace, DL,…) • Decentralised and semi-centralised versions • Provide guidance on the functionality and structure that would be required for particular types of application • Identified capabilities • Represent abstract system functionality • Capabilities of individual layers and whole architectures

  20. Application/GUI Workspace Management Real - time Connection Local Awareness Monitor Monitor/Synchronisation Data Decentralised Distributed Authentication/Authorisation P2P Distributed Logging Communication Encryption Known Distributed Peer P2P Network Layer Log Storage Repository Shared Workspace ApplicationReference Architecture

  21. Case Study • Designers began to investigate the suitability of the different P2P topologies and reference architectures • Semi-centralised topology chosen • Fitted in with their current systems • Distributed Repository, Shared Workspace reference architectures chosen • Sub-systems identified, high level architecture created • Drawing upon reference architectures – though not all sub-systems used • Identifed suitable PEPERS runtime platform modules that can be used

  22. Tool Video

  23. Evaluation • Two evaluations performed • External (mobile phone software companies, developers, etc) • Internal (PEPERS partners) • Good starting point for building secure mobile P2P applications • Improvements • More thorough security and mobility analysis • Threat analysis, weightings for security properties • Degree of mobility • Encourage the consideration of technologies • Support other non-functional properties (reliability, scalability, etc) • Rationale behind tool recommendations • Better integration with 3rd party tools

  24. Summary • Mobile P2P systems are now a feasible possibility • Introduces new challenges in terms of mobility and security • Presented the PDM and supporting tool • Method to support the development of secure mobile P2P systems • Focused on the architectural support the PDM provides • Evaluation has shown benefits, but still areas of improvement • Tool and further information can be found at www.pepers.org

More Related