June 22, 2022 Hailiang Mei, [email protected] TU/e Computer Science, System Architecture and Networking 1 Hailiang Mei [email protected] Remote Terminal Management (RTM) and Access Control in SPACE4U
Mar 31, 2015
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
1
Hailiang [email protected]
Remote Terminal Management (RTM) and Access Control in SPACE4U
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
2
Outline
• Goals of RTM• Possible RTM Approaches (review of
existing solutions)• Consideration on Security and Access
Control• Design of RTM Framework• Conclusion and Future Work
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
3
Scenarios
3 Repair
2 Diagnosis
1 Observing
Remote server
Remote server can be within local network or at service provider’s site
Self observes problem + Remote diagnosis + Remote Repair
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
4
Requirements for RTM
• Secured RTM (RTM.01, mandatory)• Management client oriented
– Healthy terminal oriented• Component downloading due to context changing
(CAC.01&02)• (Legal) Component sharing (RTM.02, optional)• Service discovery (RTM.03, optional)
– Non-healthy terminal oriented• Remote diagnosis (RTM.04, similar to HM.03, Mandatory ) • Remote repair (RTM.05, similar to HM.04, Mandatory )
• Management server oriented• User service data survey (RTM.06, optional)
• User transparent control (RTM.07, Mandatory)
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
5
Outline
• Goals of RTM• Possible RTM Approaches (review of
existing solutions)• Consideration on Security and Access
Control• Design of RTM Framework• Conclusion and Future Work
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
6
Possible RTM approaches
• Telnet/SSH• Virtual Network Computing (VNC)• Web server• UPnP• SNMP• SyncML (Open Mobile Alliance)
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
7
Virtual Network Computing
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
8
Virtual Network Computing
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
9
Web Server
•The device runs a small web server application
•A service runs on the device to generate run-time HTML file
•The remote terminal manager access the device via the web browser and execute scripts on the device
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
10
Web Server (example)
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
11
UPnP
UPnP Vendor Defined
UPnP Forum WorkingCommittee Defined
UPnP Device ArchitectureDefined
SOAP
HTTP
TCP
IP
UPnP Vendor Defined
UPnP Forum Working Committee Defined
UPnP Device Architecture Defined
HTTPMU(Discovery)
HTTPU(Discovery)
SOAP(Control)
HTTP(Description)
UDP TCP
SSDP GENA SSDP
IP
HTTP
GENA(Events)
Overall stack Control stack
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
12
SNMP
UDP
IP IP
SNMP manager
SNMP
SNMP agent
SNMP
MIB
set/get requests
response and traps
read/change
managing device managed device
TCP TCP UDP
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
13
SNMP (example)
Network
DVD
Printer
Remote server
Dis
patc
h ag
ents
Monitoring
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
14
SyncML DM (OMA)
OMA DM
Inside client
Server
DM protocol
root
Vendor SyncML
… X*
… …
client
Data Synch protocol
•Add
•Get
•Replace
•Exec
Logical tree for addressing purposes.
In scope of DM standard!
proprietaryWAPclient
proprietaryupgrade
client
Over the air
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
15
SyncML DM (OMA)
OMA DM
• Server<Get>
<CmdID>4</CmdID>
<Item>
<Target>
<LocURI>Vendor/Ring_signals/Default_ring</LocURI>
</Target>
</Item>
</Get>
• Client<Results>
<CmdRef>4</CmdRef>
<CmdID>7</CmdID>
<Item>
<Data>MyOwnRing</Data>
</Item>
</Results>
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
16
SyncML DM (OMA)
OMA DM
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
17
Review of approaches
• Virtual Network Computing (VNC, open source) (Dropped due to obvious security problems)
• Web server (Dropped due to less flexibility and limited functionalities)
• UPnP based (Dropped due to less competitive with SyncML DM)
• SNMP based (Continuing as the complementary)
• SyncML DM (Continuing as the main reference)
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
18
Outline
• Goals of RTM• Possible RTM Approaches (review of
existing solutions)• Consideration on Security and Access
Control• Design of RTM Framework• Conclusion and Future Work
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
19
Scenario
RTM ClientRTM Server
Remote server
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
20
Hacker on the link
RTM ClientRTM Server
Confidentiality+ Integrity
Remote server
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
21
Hacker on RTM Server
RTM ClientRTM Server
Remote server
Confidentiality( Authentication + Authorization )
Availability
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
22
User is a “Hacker”
RTM ClientRTM Server
Non-repudiation
Remote server
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
23
Hackers 4 ALL
RTM ClientRTM Server
Confidentiality+ Integrity
Non-repudiation
Remote server
Confidentiality( Authentication + Authorization )
Availability
CIA + non-repudiation
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
24
“Kill” Hackers
RTM ClientRTM Server
Confidentiality+ Integrity
Non-repudiation
Remote server
Confidentiality( Authentication + Authorization )
Availability
PKI is the solution !
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
25
Security and Access Control
• Security assurance– PKI solve confidentiality, integrity and non-
repudiation
• Access Control– Tree structure access control list looks promising,
which is included by SNMP, Microsoft Active Directory and SyncML
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
26
Outline
• Goals of RTM• Possible RTM Approaches (review of
existing solutions)• Consideration on Security and Access
Control• Design of RTM Framework• Conclusion and Future Work
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
27
Terminal Terminal Stub TM Stub Terminal Manager
Terminal ready
Start Terminal
Start TM stub
TM stub ready
Fetch models
Remote object request
Fetch models
Models
Remote object reply
Models
Check models
Repair plans
Remote object request
Repair plans
Acknowledgement
Remote object reply
Acknowledgement
Start terminal
Start TM
Relation with SIMRemote server
get/exec
add/replace
delete/exec
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
28
Terminal Access manager
Start access manager
Access manager ready
Start terminal
Fetch models
Failed response
Success response with models
Repair plans
Acknowledgement
SCommunication
Start TM
Verify access rights
Grant/refuse
Models
Failed response
Incoming repair message
Verify access rights
Grant/refuse
Receive request
ACK
OK
OK
Incoming diagnosis message
Terminal ready
RTM Framework inside Device
Security setting
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
29
Access Management for RTM
•Each node (object) is identified by an URI•Each node has a set of properties•This tree can be extended by “add” message or a new installations on the device•Leaf node can be either a value or a pointer to an executable command
/Add=&Get=&Replace=&Delet
e=&Exec=
ObjectAGet=ServerC&Replace=ServerC
Object1Get=*
ObjectCGet=ServerA&Replace=Serv
erA
ObjectBGet=ServerA&Replace=ServerA
Object2ACL=
Object3Get=ServerB&Replace=Serv
erB&Delete=ServerB
Object5Get=ServerB&Replace=Serv
erB&Delete=ServerB
Object4ACL=
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
30
Secure Communication
• Authentication• Decryption and encryption• Maintain log file• Can keep user update with latest operations
(Transparent control)
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
31
Comply with ROBOCOP Framework
OS/drivers
•RCDP component is available•Scommunication can be implemented based on open-SSL and SyncML protocol stack•Access Manager is open
Middleware
RTM component
RC N. . .RC 2RC 1
Robocop Run-time Environment
RCDP component
Service Manager
DL target
DL Initiator
RCDP Component
RTM Component
AccessManager
Service ManagerSCommunication
Reporter
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
32
Conclusion
• Secured RTM (RTM.01, mandatory)• Management client oriented
– Healthy terminal oriented• Component downloading due to context changing
(CAC.01&02)• (Legal) Component sharing (RTM.02, optional)• Service discovery (RTM.03, optional)
– Non-healthy terminal oriented• Remote diagnosis (RTM.04, similar to HM.03, Mandatory ) • Remote repair (RTM.05, similar to HM.04, Mandatory )
• Management server oriented• User service data survey (RTM.06, optional)
• User transparent control (RTM.07, Mandatory)
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
33
Conclusion
• Secured RTM (RTM.01, mandatory) • Management client oriented
– Healthy terminal oriented• Component downloading due to context changing
(CAC.01&02)• (Legal) Component sharing (RTM.02, optional) • Service discovery (RTM.03, optional)
– Non-healthy terminal oriented• Remote diagnosis (RTM.04, similar to HM.03, Mandatory) • Remote repair (RTM.05, similar to HM.04, Mandatory )
• Management server oriented• User service data survey (RTM.06, optional)
• User transparent control (RTM.07, Mandatory)
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
34
Future Work
• Formulate access control mechanism– Some ideas borrowed from SNMP and SyncML– Limiting the root node access rights properties– Certain access management might be done by
interacting with users
• Define communication protocol and message format – Largely based on SyncML
• Implementing…
April 11, 2023 Hailiang Mei, [email protected]/e Computer Science, System Architecture and Networking
35
Questions?