Peer-to-Peer Secure Update for Heterogeneous Edge Devices E. Band, H. Herry, C. Perkins, J. Singer School of Computing Science University of Glasgow HeLP-DC, HiPEAC 2018 – University of Glasgow 1
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Peer-to-PeerSecureUpdateforHeterogeneousEdgeDevices
E.Band,H.Herry,C.Perkins,J.SingerSchoolofComputingScience
UniversityofGlasgow
HeLP-DC,HiPEAC2018– UniversityofGlasgow 1
FRµIT:FederatedRaspberryPi µ-InfrastructureTestbed(www.fruit-testbed.org)• “Massiveaggregationoflow-cost,low-power,commodityinfrastructurecanformanefficientandeffectivecomputefabricforkeydistributedapplications”
• Applications:edge-compute,IoT,portabledata-center,expendable-compute
• FundedbyUK-EPSRC
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Traditional:fewbigdata-centersvs
FRµIT:manymicrodata-centers
2
Problem:UpdatingRemoteSystem
• Updatesystemiscritical• Securitypatch• Deployfirmware,software,configurations
• Regularupdate• Limited(orno)physicalaccess
• Remotelocations• Mobile• Privateresidentiallocations
• Existingtools• RequiresdirectSSHaccess• Needswell-connectedserver
HeLP-DC,HiPEAC2018– UniversityofGlasgow 3
Problem:UpdatingRemoteSystem
• HeterogeneousNetwork• SomenodesarebehindNATs(e.g.residential)orFirewalls(e.g.university)
• Single-pointoffailure• Scalability
• DenialofServiceattackonupdateserver• Linuxdistributions:dedicatedmirrorservers• Randomizeddownloadslot-times[Pollocket.al.]
HeLP-DC,HiPEAC2018– UniversityofGlasgow 4
OurApproach
• DecentralizedmanagementframeworkusingPeer-to-Peeroverlaynetwork• Agossipprotocoltodistributesecuredupdatenotifications(torrent-file)
• STUN-basedUDPholepunchingtodiscoverandopenNATbindings(NAT-TM)
• BitTorrent tosecurelydistributeupdates(software,managementscripts,etc)
• Contribution:oursystemassumespartialnetworkconnectivity,andworksinthepresenceofNATsorfirewalls
HeLP-DC,HiPEAC2018– UniversityofGlasgow 5
OurApproach
• Otheradvantages• Bandwidthsharing• Updatescanreachindirectlyconnectednodes• Resilienttosinglepointoffailureandattacks• Wemaynotneedadedicatedupdateserver
HeLP-DC,HiPEAC2018– UniversityofGlasgow 6
Architecture
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Agent
NAT-TMBTClient(Trans-mission)
OS
P2PUpdateSystem
Puppet Chef
Deployer
Shell
7
NAT
STUNServer
Torrent-file++
HeLP-DC,HiPEAC2018– UniversityofGlasgow
• Tracker/Nodes• File-name• File-length• Piece-length• Cryptographic-hashesoffilepieces• Targetresourceidentifier• Version• Digitalsignature
Torren
t-file
(Stand
ard)
Torren
t-file++
• Targetresourceidentifier• Distinguishdifferenttargetresources
• Version(monotonicallyincreasing)• Helpagenttoignoreoutdatedupdateexistinginthenetwork
• DigitalSignature• Adminholdsaprivate-key• Eachnodehasapublic-key• Signature=encrypt(sha512(torrent-file),private-key)
• sha512(torrent-file)=?decrypt(signature,public-key)
8
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node2
Torrent-file++Update-fileNodeUpdated-Node
Walkthrough
9
IP1:Port1
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node2
Torrent-file++Update-fileNodeUpdated-Node
10
IP1:Port1
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node2
Torrent-file++Update-fileNodeUpdated-Node
11
IP1:Port1
IP2:Port2Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node2
Torrent-file++Update-fileNodeUpdated-Node
12
IP1:Port1
IP2:Port2Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node2
Torrent-file++Update-fileNodeUpdated-Node
13
IP1:Port1
IP2:Port2Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node2
Torrent-file++Update-fileNodeUpdated-Node
14
IP1:Port1
IP2:Port2Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node3
Torrent-file++Update-fileNodeUpdated-Node
NAT
STUNServer
15
Node4 Node5
NAT
IP4:Port4
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node3
Torrent-file++Update-fileNodeUpdated-Node
NAT(EIP3:EPort3)
STUNServer
16
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
Node4 Node5
NAT(EIP4:EPort4)
IP4:Port4
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node3
Torrent-file++Update-fileNodeUpdated-Node
STUNServer
17
NAT(EIP3:EPort3)
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
Node4 Node5
NAT(EIP4:EPort4)
IP4:Port4 IP1:Port1EIP4:EPort4,IP4:Port4
IP1:Port1EIP3:EPort3,IP3:Port3
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node3
Torrent-file++Update-fileNodeUpdated-Node
STUNServer
18
NAT(EIP3:EPort3)
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
Node4 Node5
NAT(EIP4:EPort4)
IP4:Port4 IP1:Port1EIP4:EPort4,IP4:Port4
IP1:Port1EIP3:EPort3,IP3:Port3IP5:Port5
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node3
Torrent-file++Update-fileNodeUpdated-Node
STUNServer
19
NAT(EIP3:EPort3)
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
Node4 Node5
NAT(EIP4:EPort4)
IP4:Port4 IP1:Port1EIP4:EPort4,IP4:Port4
IP1:Port1EIP3:EPort3,IP3:Port3IP5:Port5
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node3
Torrent-file++Update-fileNodeUpdated-Node
STUNServer
20
NAT(EIP3:EPort3)
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
Node4 Node5
NAT(EIP4:EPort4)
IP4:Port4 IP1:Port1EIP4:EPort4,IP4:Port4
IP1:Port1EIP3:EPort3,IP3:Port3IP5:Port5
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node3
Torrent-file++Update-fileNodeUpdated-Node
STUNServer
21
NAT(EIP3:EPort3)
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
Node4 Node5
NAT(EIP4:EPort4)
IP4:Port4 IP1:Port1EIP4:EPort4,IP4:Port4
IP1:Port1EIP3:EPort3,IP3:Port3IP5:Port5
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node3
Torrent-file++Update-fileNodeUpdated-Node
STUNServer
22
NAT(EIP3:EPort3)
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
EIP3:EPort3,IP3:Port3EIP4:EPort4,IP4:Port4
Node4 Node5
NAT(EIP4:EPort4)
IP4:Port4 IP1:Port1EIP4:EPort4,IP4:Port4
IP1:Port1EIP3:EPort3,IP3:Port3IP5:Port5
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node6
STUNServer
Torrent-file++Update-fileNodeUpdated-Node
Firewall
23
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node6
STUNServer
Torrent-file++Update-fileNodeUpdated-Node
Firewall(EIP6:EPort6)(Adminmodifiestherules)
24
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node6
STUNServer
Torrent-file++Update-fileNodeUpdated-Node
25
EIP6:EPort6,IP6:Port6
Firewall(EIP6:EPort6)(Adminmodifiestherules)
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node6
STUNServer
Torrent-file++Update-fileNodeUpdated-Node
26
EIP6:EPort6,IP6:Port6
EIP6:EPort6,IP6:Port6
Firewall(EIP6:EPort6)(Adminmodifiestherules)
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node6
STUNServer
Torrent-file++Update-fileNodeUpdated-Node
27
EIP6:EPort6,IP6:Port6
EIP6:EPort6,IP6:Port6
IP1:Port1
Firewall(EIP6:EPort6)(Adminmodifiestherules)
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node6
STUNServer
Torrent-file++Update-fileNodeUpdated-Node
28
EIP6:EPort6,IP6:Port6
EIP6:EPort6,IP6:Port6
IP1:Port1
Firewall(EIP6:EPort6)(Adminmodifiestherules)
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node6
STUNServer
Torrent-file++Update-fileNodeUpdated-Node
29
EIP6:EPort6,IP6:Port6
EIP6:EPort6,IP6:Port6
IP1:Port1
Firewall(EIP6:EPort6)(Adminmodifiestherules)
Walkthrough
HeLP-DC,HiPEAC2018– UniversityofGlasgow
Node1
Node6
STUNServer
Torrent-file++Update-fileNodeUpdated-Node
30
EIP6:EPort6,IP6:Port6
EIP6:EPort6,IP6:Port6
IP1:Port1
Firewall(EIP6:EPort6)(Adminmodifiestherules)
Walkthrough
PreliminaryExperiment
• 6 Raspberry-Pis 2/3• Residentialnetworks(HomeNAT)– Sky,BT• FirewallNetwork– SchoolofComputingScience(UniversityofGlasgow)• STUNServeronGoogleComputeEngineVM• Update:webserverwithstaticfiles
• Puppetmanifest,puppet-modules,softwarepackages,htmlfiles
• Result:successfulupdatesonall-nodes,includingbehindhomeNATsandfirewall
HeLP-DC,HiPEAC2018– UniversityofGlasgow 31
Shortcomings
• NotworkwithallNATtypese.g.SymmetricNAT
HeLP-DC,HiPEAC2018– UniversityofGlasgow 32
Conclusion&FutureWork
• Our(prototype)frameworkcanupdatesecurelythesystemwithpartialnetworkconnectivity,andworksinthepresenceofNATsorfirewalls• IntegratethisP2PsecureupdateframeworkintoFRµITTestbed• Large-scaleexperimentsonFRµITTestbed
HeLP-DC,HiPEAC2018– UniversityofGlasgow 33
https://picycle.org
DoyouhaveanunusedRaspberryPiboardlockedawayinacupboard?Pleasedonateitforscientificresearch.
HeLP-DC,HiPEAC2018– UniversityofGlasgow 34
Thankyou!
HeLP-DC,HiPEAC2018– UniversityofGlasgow 35
Related Documents
