Presentation is loading. Please wait.

Presentation is loading. Please wait.

Architecting Secure Mobile P2P Systems James Walkerdine, Peter Phillips, Simon Lock Lancaster University.

Published byFelicity Andrews Modified over 8 years ago

Similar presentations

Presentation on theme: "Architecting Secure Mobile P2P Systems James Walkerdine, Peter Phillips, Simon Lock Lancaster University."— Presentation transcript:

1 Architecting Secure Mobile P2P Systems James Walkerdine, Peter Phillips, Simon Lock Lancaster University

2 Overview Mobility, P2P and Security Mobility, P2P and Security Challenges Challenges Overview of the PEPERS project Overview of the PEPERS project The PEPERS Development Methodology The PEPERS Development Methodology Architectural support Architectural support Tool support (video) Tool support (video) Evaluation Evaluation

3 Motivation Advances in wireless networking and mobile technology now make mobile P2P feasible Advances in wireless networking and mobile technology now make mobile P2P feasible Mobile P2P can support organisations that have: Mobile P2P can support organisations that have: Decentralised management style Decentralised management style Geographically dispersed or highly mobile workforces Geographically dispersed or highly mobile workforces Wide range of computing and communication devices Wide range of computing and communication devices The ad-hoc and heterogeneous nature poses significant design challenges – especially with regards to security The ad-hoc and heterogeneous nature poses significant design challenges – especially with regards to security

4 Mobile P2P and Security Connecting trusted and non-trusted devices requires: Connecting trusted and non-trusted devices requires: Secure communication and storage (via encryption) Secure communication and storage (via encryption) Robust authentication Robust authentication Difficult to achieve in decentralised and highly dynamic environments Difficult to achieve in decentralised and highly dynamic environments Adapting traditionally centralised company security policies Adapting traditionally centralised company security policies Consider distributed, mobile and intermittently connected platforms Consider distributed, mobile and intermittently connected platforms

5 PEPERS Mobile Peer-to-Peer Security Infrastructure (EU project) Mobile Peer-to-Peer Security Infrastructure (EU project) Develop an infrastructure to support the design, development and operational deployment of secure mobile P2P applications Develop an infrastructure to support the design, development and operational deployment of secure mobile P2P applications Jan 06 – Jun 08 Jan 06 – Jun 08 Partners Partners UK: Lancaster and City Universities, Symbian UK: Lancaster and City Universities, Symbian Greece: ATC, G4S, Phililetheros Greece: ATC, G4S, Phililetheros Italy: Engineering Italy: Engineering

6 PEPERS Developments Development FrameworkRuntime Framework Design and Architecture Framework (DAF) Static Verification Framework (SVF) Execution Framework (EF) Dynamic Verification Framework (DVF) Development PlatformRuntime Platform Development Methodology P2P Application Reference Architectures Tool Support

7 User Partner Scenarios Phileleftheros Phileleftheros Use mobile devices to support communication between journalists, photographers, etc, in the field Use mobile devices to support communication between journalists, photographers, etc, in the field Support the process of publication creation Support the process of publication creation G4S G4S Use mobile devices to support guard patrols on clients site (e.g. door codes), etc Use mobile devices to support guard patrols on clients site (e.g. door codes), etc Communication with HQ Communication with HQ

8 PEPERS Development Methodology (PDM)

9 Overview A Methodology and Support Tool A Methodology and Support Tool Supports developers in building secure mobile P2P applications Supports developers in building secure mobile P2P applications Stems from our previous work Stems from our previous work BANKSEC - Secure Component based development BANKSEC - Secure Component based development P2P ARCHITECT - Architecting Dependable P2P Systems P2P ARCHITECT - Architecting Dependable P2P Systems

10 Secure Mobile P2P Development Considerations Make security central to the design Make security central to the design Development perspective Development perspective Organisational perspective Organisational perspective Consider requirements and constraints on security cause by: Consider requirements and constraints on security cause by: Mobility Mobility Network and Communication Network and Communication P2P Technology P2P Technology Be architecturally driven Be architecturally driven

11 Key types of P2P Topology

12 Topology support for Security

13 Development Methodology 5 stage method 5 stage method Spiral – developers do not need follow fixed phases Spiral – developers do not need follow fixed phases Iterative – stages can be revisited (e.g. when new requirements are discovered, etc) Iterative – stages can be revisited (e.g. when new requirements are discovered, etc) Flexible – can accommodate different software engineering techniques (components, etc) Flexible – can accommodate different software engineering techniques (components, etc) Each stage contains activities geared specifically for supporting secure mobile P2P application development Each stage contains activities geared specifically for supporting secure mobile P2P application development

14 Requirements Elicitation Propose System Architecture Start Propose Sub-System Design System Implementation Verification and Validation Each stage tailored to consider P2P, Security and Mobile aspects

15 Support Tool Web based Web based Knowledge base of analysis and reference architectures Knowledge base of analysis and reference architectures Support for identifying, specifying and managing requirements Support for identifying, specifying and managing requirements Support for P2P topology selection Support for P2P topology selection Support for the identification of key secure mobile P2P application functionality Support for the identification of key secure mobile P2P application functionality Support for Secure Mobile P2P Application Reference Architecture selection Support for Secure Mobile P2P Application Reference Architecture selection Support for Sub-system identification and initial description Support for Sub-system identification and initial description Support for general managerial and trace ability activities. Support for general managerial and trace ability activities.

16 G4S Case Study Allow guards and mobile patrols to transmit/receive sensitive data Allow guards and mobile patrols to transmit/receive sensitive data With one another With one another With the ARC With the ARC Often ad-hoc exceptional situations Often ad-hoc exceptional situations Emergencies guards are responding too Emergencies guards are responding too Change in guard roles (team leader, etc) Change in guard roles (team leader, etc) Access privileges can change Access privileges can change

17 Requirements Elicitation Propose System Architecture Start Propose Sub-System Design System Implementation Verification and Validation

18 Propose System Architecture Key Activities Key Activities Select P2P suitable topologies Select P2P suitable topologies Derive system functional capabilities Derive system functional capabilities Select mobile P2P application reference architectures Select mobile P2P application reference architectures Establish architectural model Establish architectural model Describe sub-systems Describe sub-systems Initial PEPERS runtime platform consideration Initial PEPERS runtime platform consideration Where possible, allocate requirements to sub-systems Where possible, allocate requirements to sub-systems Evaluate architecture Evaluate architecture

19 Application Reference Architectures Developed within PEPERS Developed within PEPERS Key P2P application domains (IM, shared workspace, DL,…) Key P2P application domains (IM, shared workspace, DL,…) Decentralised and semi-centralised versions Decentralised and semi-centralised versions Provide guidance on the functionality and structure that would be required for particular types of application Provide guidance on the functionality and structure that would be required for particular types of application Identified capabilities Identified capabilities Represent abstract system functionality Represent abstract system functionality Capabilities of individual layers and whole architectures Capabilities of individual layers and whole architectures

20 Shared Workspace Application Reference Architecture Application/GUI Real-time Connection Monitor/Synchronisation Distributed Authentication/Authorisation Awareness Monitor Decentralised P2P Communication Encryption Distributed Logging P2P Network Layer Known Peer Repository Distributed Log Storage Workspace Management Local Data

21 Case Study Designers began to investigate the suitability of the different P2P topologies and reference architectures Designers began to investigate the suitability of the different P2P topologies and reference architectures Semi-centralised topology chosen Semi-centralised topology chosen Fitted in with their current systems Fitted in with their current systems Distributed Repository, Shared Workspace reference architectures chosen Distributed Repository, Shared Workspace reference architectures chosen Sub-systems identified, high level architecture created Sub-systems identified, high level architecture created Drawing upon reference architectures – though not all sub-systems used Drawing upon reference architectures – though not all sub-systems used Identifed suitable PEPERS runtime platform modules that can be used Identifed suitable PEPERS runtime platform modules that can be used

22 Tool Video

23

24

25 Evaluation Two evaluations performed Two evaluations performed External (mobile phone software companies, developers, etc) External (mobile phone software companies, developers, etc) Internal (PEPERS partners) Internal (PEPERS partners) Good starting point for building secure mobile P2P applications Good starting point for building secure mobile P2P applications Improvements Improvements More thorough security and mobility analysis More thorough security and mobility analysis Threat analysis, weightings for security properties Threat analysis, weightings for security properties Degree of mobility Degree of mobility Encourage the consideration of technologies Encourage the consideration of technologies Support other non-functional properties (reliability, scalability, etc) Support other non-functional properties (reliability, scalability, etc) Rationale behind tool recommendations Rationale behind tool recommendations Better integration with 3 rd party tools Better integration with 3 rd party tools

26 Summary Mobile P2P systems are now a feasible possibility Mobile P2P systems are now a feasible possibility Introduces new challenges in terms of mobility and security Introduces new challenges in terms of mobility and security Presented the PDM and supporting tool Presented the PDM and supporting tool Method to support the development of secure mobile P2P systems Method to support the development of secure mobile P2P systems Focused on the architectural support the PDM provides Focused on the architectural support the PDM provides Evaluation has shown benefits, but still areas of improvement Evaluation has shown benefits, but still areas of improvement Tool and further information can be found at www.pepers.org Tool and further information can be found at www.pepers.org

Download ppt "Architecting Secure Mobile P2P Systems James Walkerdine, Peter Phillips, Simon Lock Lancaster University."

Similar presentations

HOlistic Platform Design for Smart Buildings

HOlistic Platform Design for Smart Buildings
 Dr. Syed Noman Hasany.  Review of known methodologies  Analysis of software requirements  Real-time software  Software cost, quality, testing and.

 Dr. Syed Noman Hasany.  Review of known methodologies  Analysis of software requirements  Real-time software  Software cost, quality, testing and.
Chapter 2 – Software Processes

Chapter 2 – Software Processes
Chapter 2 – Software Processes Lecture 1 1Chapter 2 Software Processes.

Chapter 2 – Software Processes Lecture 1 1Chapter 2 Software Processes.
Software Processes Coherent sets of activities for specifying, designing, implementing and testing software systems.

Software Processes Coherent sets of activities for specifying, designing, implementing and testing software systems.
Software Modeling SWE5441 Lecture 3 Eng. Mohammed Timraz

Software Modeling SWE5441 Lecture 3 Eng. Mohammed Timraz
4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.

4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.
SmartER Semantic Cloud Sevices Karuna P Joshi University of Maryland, Baltimore County Advisors: Dr. Tim Finin, Dr. Yelena Yesha.

SmartER Semantic Cloud Sevices Karuna P Joshi University of Maryland, Baltimore County Advisors: Dr. Tim Finin, Dr. Yelena Yesha.
8.

8.
Software Engineering COMP 201

Software Engineering COMP 201
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.

Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
1 SWE 205 - Introduction to Software Engineering Lecture 5.

1 SWE Introduction to Software Engineering Lecture 5.
Course Instructor: Aisha Azeem

Course Instructor: Aisha Azeem
Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.

Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.
Software Process Activities. Process activities Real software processes are inter-leaved sequences of technical, collaborative and managerial activities.

Software Process Activities. Process activities Real software processes are inter-leaved sequences of technical, collaborative and managerial activities.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 11 Slide 1 Architectural Design.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 11 Slide 1 Architectural Design.
S/W Project Management

S/W Project Management
Introduction to the Mobile Security (MD)  Chaitanya Nettem  Rawad Habib  2015.

Introduction to the Mobile Security (MD)  Chaitanya Nettem  Rawad Habib  2015.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 12 Slide 1 Distributed Systems Architectures.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 12 Slide 1 Distributed Systems Architectures.
International Workshop on Web Engineering ACM Hypertext 2004 Santa Cruz, August 9-13 An Engineering Perspective on Structural Computing: Developing Component-Based.

International Workshop on Web Engineering ACM Hypertext 2004 Santa Cruz, August 9-13 An Engineering Perspective on Structural Computing: Developing Component-Based.

Similar presentations

Ads by Google