Architecting Secure Mobile P2P Systems James Walkerdine, Peter Phillips, Simon Lock Lancaster University.

Slides:



Advertisements
Similar presentations
HOlistic Platform Design for Smart Buildings
Advertisements

 Dr. Syed Noman Hasany.  Review of known methodologies  Analysis of software requirements  Real-time software  Software cost, quality, testing and.
Chapter 2 – Software Processes
Chapter 2 – Software Processes Lecture 1 1Chapter 2 Software Processes.
Software Processes Coherent sets of activities for specifying, designing, implementing and testing software systems.
Software Modeling SWE5441 Lecture 3 Eng. Mohammed Timraz
4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.
SmartER Semantic Cloud Sevices Karuna P Joshi University of Maryland, Baltimore County Advisors: Dr. Tim Finin, Dr. Yelena Yesha.
8.
Software Engineering COMP 201
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
1 SWE Introduction to Software Engineering Lecture 5.
Course Instructor: Aisha Azeem
Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.
Software Process Activities. Process activities Real software processes are inter-leaved sequences of technical, collaborative and managerial activities.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 11 Slide 1 Architectural Design.
S/W Project Management
Introduction to the Mobile Security (MD)  Chaitanya Nettem  Rawad Habib  2015.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 12 Slide 1 Distributed Systems Architectures.
International Workshop on Web Engineering ACM Hypertext 2004 Santa Cruz, August 9-13 An Engineering Perspective on Structural Computing: Developing Component-Based.
IP-Based Emergency Applications and Services for Next Generation Networks PEACE Presented by Suji Gunaratne PhD.
18 September Licensing for Next Generation Signalling Buddhadev Dutta Chowdhury 27 th April 2012.
System Development Process Prof. Sujata Rao. 2Overview Systems development life cycle (SDLC) – Provides overall framework for managing system development.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 4 Slide 1 Software Processes.
©Ian Sommerville 2000, Mejia-Alvarez 2009 Slide 1 Software Processes l Coherent sets of activities for specifying, designing, implementing and testing.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 3 Slide 1 Software Processes l Coherent sets of activities for specifying, designing,
Software Requirements Engineering CSE 305 Lecture-2.
Architecting Web Services Unit – II – PART - III.
 CS 5380 Software Engineering Chapter 2 – Software Processes Chapter 2 Software Processes1.
Lecture 3 Software Engineering Models (Cont.)
OOI CI LCA REVIEW August 2010 Ocean Observatories Initiative OOI Cyberinfrastructure Architecture Overview Michael Meisinger Life Cycle Architecture Review.
Architectural Design lecture 10. Topics covered Architectural design decisions System organisation Control styles Reference architectures.
The roots of innovation Future and Emerging Technologies (FET) Future and Emerging Technologies (FET) The roots of innovation Proactive initiative on:
Lecture 7: Requirements Engineering
1 Introduction to Software Engineering Lecture 1.
Copyright © 2002 Intel Corporation. Intel Labs Towards Balanced Computing Weaving Peer-to-Peer Technologies into the Fabric of Computing over the Net Presented.
An Introduction to Software Engineering
Understanding Code Mobility A Fuggetta, G P Picco and G Vigna Presenter Samip Bararia.
10/03/05 Johan Muskens ( TU/e Computer Science, System Architecture and Networking.
 Dr. Syed Noman Hasany.  Review of known methodologies  Analysis of software requirements  Real-time software  Software cost, quality, testing and.
CSC480 Software Engineering Lecture 10 September 25, 2002.
Chapter 2 – Software Processes Lecture 1 Chapter 2 Software Processes1.
Chapter 2 Software Processes Chapter 2 – Software Processes Major Reorganization (but not elimination) of Topics 1.
Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.
 Dr. Syed Noman Hasany.  Review of known methodologies  Analysis of software requirements  Real-time software  Software cost, quality, testing and.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 4 Slide 1 Software Processes.
Chapter 2 – Software Processes Lecture 1 1Chapter 2 Software Processes.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Computer Science and Engineering 1 Mobile Computing and Security.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 4 Slide 1 Software Processes.
4+1 View Model of Software Architecture
From Use Cases to Implementation 1. Structural and Behavioral Aspects of Collaborations  Two aspects of Collaborations Structural – specifies the static.
By Ramesh Mannava.  Overview  Introduction  10 secure software engineering topics  Agile development with security development activities  Conclusion.
Systems Architectures System Integration & Architecture.
LECTURE 5 Nangwonvuma M/ Byansi D. Components, interfaces and integration Infrastructure, Middleware and Platforms Techniques – Data warehouses, extending.
From Use Cases to Implementation 1. Mapping Requirements Directly to Design and Code  For many, if not most, of our requirements it is relatively easy.
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 10Slide 1 Chapter 5:Architectural Design l Establishing the overall structure of a software.
Wrap up. Structures and views Quality attribute scenarios Achieving quality attributes via tactics Architectural pattern and styles.
1 Process activities. 2 Software specification Software design and implementation Software validation Software evolution.
Distributed Systems Architectures. Topics covered l Client-server architectures l Distributed object architectures l Inter-organisational computing.
Bob Jones EGEE Technical Director
CS 389 – Software Engineering
DT249/4 Information Systems Engineering Lecture 0
Software Processes.
Model-Driven Analysis Frameworks for Embedded Systems
Chapter 2 – Software Processes
Chapter 5 Designing the Architecture Shari L. Pfleeger Joanne M. Atlee
Chapter 2 – Software Processes
From Use Cases to Implementation
Presentation transcript:

Architecting Secure Mobile P2P Systems James Walkerdine, Peter Phillips, Simon Lock Lancaster University

Overview Mobility, P2P and Security Mobility, P2P and Security Challenges Challenges Overview of the PEPERS project Overview of the PEPERS project The PEPERS Development Methodology The PEPERS Development Methodology Architectural support Architectural support Tool support (video) Tool support (video) Evaluation Evaluation

Motivation Advances in wireless networking and mobile technology now make mobile P2P feasible Advances in wireless networking and mobile technology now make mobile P2P feasible Mobile P2P can support organisations that have: Mobile P2P can support organisations that have: Decentralised management style Decentralised management style Geographically dispersed or highly mobile workforces Geographically dispersed or highly mobile workforces Wide range of computing and communication devices Wide range of computing and communication devices The ad-hoc and heterogeneous nature poses significant design challenges – especially with regards to security The ad-hoc and heterogeneous nature poses significant design challenges – especially with regards to security

Mobile P2P and Security Connecting trusted and non-trusted devices requires: Connecting trusted and non-trusted devices requires: Secure communication and storage (via encryption) Secure communication and storage (via encryption) Robust authentication Robust authentication Difficult to achieve in decentralised and highly dynamic environments Difficult to achieve in decentralised and highly dynamic environments Adapting traditionally centralised company security policies Adapting traditionally centralised company security policies Consider distributed, mobile and intermittently connected platforms Consider distributed, mobile and intermittently connected platforms

PEPERS Mobile Peer-to-Peer Security Infrastructure (EU project) Mobile Peer-to-Peer Security Infrastructure (EU project) Develop an infrastructure to support the design, development and operational deployment of secure mobile P2P applications Develop an infrastructure to support the design, development and operational deployment of secure mobile P2P applications Jan 06 – Jun 08 Jan 06 – Jun 08 Partners Partners UK: Lancaster and City Universities, Symbian UK: Lancaster and City Universities, Symbian Greece: ATC, G4S, Phililetheros Greece: ATC, G4S, Phililetheros Italy: Engineering Italy: Engineering

PEPERS Developments Development FrameworkRuntime Framework Design and Architecture Framework (DAF) Static Verification Framework (SVF) Execution Framework (EF) Dynamic Verification Framework (DVF) Development PlatformRuntime Platform Development Methodology P2P Application Reference Architectures Tool Support

User Partner Scenarios Phileleftheros Phileleftheros Use mobile devices to support communication between journalists, photographers, etc, in the field Use mobile devices to support communication between journalists, photographers, etc, in the field Support the process of publication creation Support the process of publication creation G4S G4S Use mobile devices to support guard patrols on clients site (e.g. door codes), etc Use mobile devices to support guard patrols on clients site (e.g. door codes), etc Communication with HQ Communication with HQ

PEPERS Development Methodology (PDM)

Overview A Methodology and Support Tool A Methodology and Support Tool Supports developers in building secure mobile P2P applications Supports developers in building secure mobile P2P applications Stems from our previous work Stems from our previous work BANKSEC - Secure Component based development BANKSEC - Secure Component based development P2P ARCHITECT - Architecting Dependable P2P Systems P2P ARCHITECT - Architecting Dependable P2P Systems

Secure Mobile P2P Development Considerations Make security central to the design Make security central to the design Development perspective Development perspective Organisational perspective Organisational perspective Consider requirements and constraints on security cause by: Consider requirements and constraints on security cause by: Mobility Mobility Network and Communication Network and Communication P2P Technology P2P Technology Be architecturally driven Be architecturally driven

Key types of P2P Topology

Topology support for Security

Development Methodology 5 stage method 5 stage method Spiral – developers do not need follow fixed phases Spiral – developers do not need follow fixed phases Iterative – stages can be revisited (e.g. when new requirements are discovered, etc) Iterative – stages can be revisited (e.g. when new requirements are discovered, etc) Flexible – can accommodate different software engineering techniques (components, etc) Flexible – can accommodate different software engineering techniques (components, etc) Each stage contains activities geared specifically for supporting secure mobile P2P application development Each stage contains activities geared specifically for supporting secure mobile P2P application development

Requirements Elicitation Propose System Architecture Start Propose Sub-System Design System Implementation Verification and Validation Each stage tailored to consider P2P, Security and Mobile aspects

Support Tool Web based Web based Knowledge base of analysis and reference architectures Knowledge base of analysis and reference architectures Support for identifying, specifying and managing requirements Support for identifying, specifying and managing requirements Support for P2P topology selection Support for P2P topology selection Support for the identification of key secure mobile P2P application functionality Support for the identification of key secure mobile P2P application functionality Support for Secure Mobile P2P Application Reference Architecture selection Support for Secure Mobile P2P Application Reference Architecture selection Support for Sub-system identification and initial description Support for Sub-system identification and initial description Support for general managerial and trace ability activities. Support for general managerial and trace ability activities.

G4S Case Study Allow guards and mobile patrols to transmit/receive sensitive data Allow guards and mobile patrols to transmit/receive sensitive data With one another With one another With the ARC With the ARC Often ad-hoc exceptional situations Often ad-hoc exceptional situations Emergencies guards are responding too Emergencies guards are responding too Change in guard roles (team leader, etc) Change in guard roles (team leader, etc) Access privileges can change Access privileges can change

Requirements Elicitation Propose System Architecture Start Propose Sub-System Design System Implementation Verification and Validation

Propose System Architecture Key Activities Key Activities Select P2P suitable topologies Select P2P suitable topologies Derive system functional capabilities Derive system functional capabilities Select mobile P2P application reference architectures Select mobile P2P application reference architectures Establish architectural model Establish architectural model Describe sub-systems Describe sub-systems Initial PEPERS runtime platform consideration Initial PEPERS runtime platform consideration Where possible, allocate requirements to sub-systems Where possible, allocate requirements to sub-systems Evaluate architecture Evaluate architecture

Application Reference Architectures Developed within PEPERS Developed within PEPERS Key P2P application domains (IM, shared workspace, DL,…) Key P2P application domains (IM, shared workspace, DL,…) Decentralised and semi-centralised versions Decentralised and semi-centralised versions Provide guidance on the functionality and structure that would be required for particular types of application Provide guidance on the functionality and structure that would be required for particular types of application Identified capabilities Identified capabilities Represent abstract system functionality Represent abstract system functionality Capabilities of individual layers and whole architectures Capabilities of individual layers and whole architectures

Shared Workspace Application Reference Architecture Application/GUI Real-time Connection Monitor/Synchronisation Distributed Authentication/Authorisation Awareness Monitor Decentralised P2P Communication Encryption Distributed Logging P2P Network Layer Known Peer Repository Distributed Log Storage Workspace Management Local Data

Case Study Designers began to investigate the suitability of the different P2P topologies and reference architectures Designers began to investigate the suitability of the different P2P topologies and reference architectures Semi-centralised topology chosen Semi-centralised topology chosen Fitted in with their current systems Fitted in with their current systems Distributed Repository, Shared Workspace reference architectures chosen Distributed Repository, Shared Workspace reference architectures chosen Sub-systems identified, high level architecture created Sub-systems identified, high level architecture created Drawing upon reference architectures – though not all sub-systems used Drawing upon reference architectures – though not all sub-systems used Identifed suitable PEPERS runtime platform modules that can be used Identifed suitable PEPERS runtime platform modules that can be used

Tool Video

Evaluation Two evaluations performed Two evaluations performed External (mobile phone software companies, developers, etc) External (mobile phone software companies, developers, etc) Internal (PEPERS partners) Internal (PEPERS partners) Good starting point for building secure mobile P2P applications Good starting point for building secure mobile P2P applications Improvements Improvements More thorough security and mobility analysis More thorough security and mobility analysis Threat analysis, weightings for security properties Threat analysis, weightings for security properties Degree of mobility Degree of mobility Encourage the consideration of technologies Encourage the consideration of technologies Support other non-functional properties (reliability, scalability, etc) Support other non-functional properties (reliability, scalability, etc) Rationale behind tool recommendations Rationale behind tool recommendations Better integration with 3 rd party tools Better integration with 3 rd party tools

Summary Mobile P2P systems are now a feasible possibility Mobile P2P systems are now a feasible possibility Introduces new challenges in terms of mobility and security Introduces new challenges in terms of mobility and security Presented the PDM and supporting tool Presented the PDM and supporting tool Method to support the development of secure mobile P2P systems Method to support the development of secure mobile P2P systems Focused on the architectural support the PDM provides Focused on the architectural support the PDM provides Evaluation has shown benefits, but still areas of improvement Evaluation has shown benefits, but still areas of improvement Tool and further information can be found at Tool and further information can be found at

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.