1 / 110

UbiCom Book Slides (Abridged Version)

UbiCom Book Slides (Abridged Version). Chapter 12 Management of Smart Devices, Environments & Interaction. Stefan Poslad http://www.eecs.qmul.ac.uk/people/stefan/ubicom. Chapter 12: Overview. Chapter 12 focuses on: Managing Smart Devices in Virtual ICT Environments

avidan
Télécharger la présentation

UbiCom Book Slides (Abridged Version)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. UbiCom Book Slides(Abridged Version) Chapter 12 Management of Smart Devices, Environments & Interaction Stefan Poslad http://www.eecs.qmul.ac.uk/people/stefan/ubicom Ubiquitous computing: smart devices, environmentsand interaction

  2. Chapter 12: Overview Chapter 12 focuses on: • Managing Smart Devices in • Virtual ICT Environments • Human User-Centred Environments • Physical Environments • Internal system properties: distributed, autonomous Ubiquitous computing: smart devices, environments and interaction

  3. Related Chapter Links • Manage devices as part of human centred activities (Section 5.6.5) • OS management of system ICT resources (Section 3.4) • Intelligent Interaction Management (Chapter 9) • Self, Autonomous System Management (Chapter 8) • Challenges & outlook is related to Management (Chapter 13) Ubiquitous computing: smart devices, environments and interaction

  4. Chapter 12: Overview The slides for this chapter are split into several parts: • Part A: Core Management of UbiCom systems & CCI  • Part B: Monitoring, Configuration, Fault & Performance Management • Part C: Security Management Basics • Part D: Security Management of Middleware, Terminals & Content • Part E: Service-Oriented Management of CCI • Part F: Information Management of CCI • Part G: Managing HCI • Part H: Privacy Management: Identification • Part I: Privacy Management: Requirements & Safeguards • Part J: Managing HPI Ubiquitous computing: smart devices, environments and interaction

  5. Process and Application Management by the OS • In high resource smart devices MTOS manages ??? (Section 3.4.3). • In energy constrained portable devices, OS also manages power (section 4.3.4). • In mobile devices, OS & network support for mobile senders & receivers (section 11.7.6). Ubiquitous computing: smart devices, environments and interaction

  6. Network-Oriented Management • Network viewpoint of ICT systems defines 2 main components (Section 3.1.2) • Computer nodes: system management • Network elements to interlink them: network management • Traditionally, a distinction is made between network management and system management although these two are inherently linked Ubiquitous computing: smart devices, environments and interaction

  7. Network-Oriented Management • 2 approaches to manage heterogeneous content and applications with different requirements for jitter, delays and packet loss. • Keep management support in core network simple •  management support in core network Ubiquitous computing: smart devices, environments and interaction

  8. FCAPS • Why is good system management needed? • System & network downtime leads to lost revenue, opportunities and productivity. Ubiquitous computing: smart devices, environments and interaction

  9. FCAPS • Standardization of common network management functions referred to as FCAP • FCAPS functions defines basic requirements for managing distributed computers and hence UbiCom systems. • TMN model for managing Open Systems within a telecommunications network defines four logical layers • FCAPS management functions spread across these logical layers. Ubiquitous computing: smart devices, environments and interaction

  10. TMN Model

  11. Implementing FCAPS • Many computer service vendors offer client-server type implementations of FCAPS functions via various APIs, • Can support via • SNMP. • ICMP • HTTP • Open source implementations Ubiquitous computing: smart devices, environments and interaction

  12. Simple Network Management Protocol (SNMP) model Main components of model consist of: • Network elements: things to be managed or not • Agent • proxies • Managers • network management information database MIB) • simple network management protocol (SNMP) Ubiquitous computing: smart devices, environments and interaction

  13. SNMP

  14. SNMP use to Manage UbiCom Can use EDA to support management events including SNMP events (Section 3.3.3.6). SNMP benefits for UbiCom • ???? SNMP challenges for UbiCom • ??? Ubiquitous computing: smart devices, environments and interaction

  15. Chapter 12: Overview The slides for this chapter are split into several parts: • Part A: Core Management of UbiCom systems & CCI • Part B: Monitoring, Configuration, Fault & Performance  Management • Part C: Security Management Basics • Part D: Security Management of Middleware, Terminals & Content • Part E: Service-Oriented Management of CCI • Part F: Information Management of CCI • Part G: Managing HCI • Part H: Privacy Management: Identification • Part I: Privacy Management: Requirements & Safeguards • Part J: Managing HPI Ubiquitous computing: smart devices, environments and interaction

  16. Monitoring • Monitoring obtains the information required to support management functions. • Typical information includes ? • Monitoring can be configured how? Ubiquitous computing: smart devices, environments and interaction

  17. Monitoring • . Monitoring involves three separate processes: • analysis • filtering • auditing. Ubiquitous computing: smart devices, environments and interaction

  18. Monitoring • 2 main methods or protocols to monitor networked devices or hosts are to use • ICMP • SNMP Ubiquitous computing: smart devices, environments and interaction

  19. Accounting • Track service usage and inform authorities about usage and usage costs • Set limits on resource usage. • Automatic handling when usage exceeds limits. Ubiquitous computing: smart devices, environments and interaction

  20. ICMP • Internet Control Message Protocol or ICMP can be used to? • Protocol defines? • ICMP Cons? Ubiquitous computing: smart devices, environments and interaction

  21. Configuration Management Objectives: • Set or modify parameters that control routine operation • Track resources defined by their resource descriptions • Track changes in status of resources such as failures • Manage activation and deactivation of resources Ubiquitous computing: smart devices, environments and interaction

  22. Configuration Management • A configuration is used as a specification of the settings that are • Variant: e.g., ?? • Invariant : e.g., ?? • Configuration management involves 4 main management functions: • ?? • Drivers for reconfiguration ? Ubiquitous computing: smart devices, environments and interaction

  23. ReConfiguration Management Side effects of reconfiguration • Systems need to interrupt their service and reboot themselves for reconfiguration changes to take effect. • Configuration conflicts may also become common in multi domains managed UbiCom systems • Users can misconfigure devices Ubiquitous computing: smart devices, environments and interaction

  24. Reconfiguration Management Easing Configuration & Avoiding Misconfiguration • Ideally, zero manual configuration of devices by users. • Devices should support automatic remote service discovery • Devices should support automatic device installation Ubiquitous computing: smart devices, environments and interaction

  25. Fault Management • A fault is defined as the cause of one or more observed error, or abnormal, events. • Fault Management or Safety management concerns maintaining core ICT service operations. • Fault management overlaps with security management How? Ubiquitous computing: smart devices, environments and interaction

  26. Fault Management • Detect the fault type of events that lead to system failure. • Organise and manage fault cascades in which a root fault leads to numerous child faults, generally the child faults should be suppressed. • Report faults to an appropriate authority or manager. • Automatic correction and handling of some faults. Ubiquitous computing: smart devices, environments and interaction

  27. Fault Management • Fault management is crucial for maintaining the operation of critical infrastructures through monitoring, detecting, preventing and anticipating anomaly events • E.g., utility distribution, telecomms, transport, logistics, intelligent HVAC, banking, medicine etc. • Fault or safety management involves: • fault prevention, • fault prediction, • fault event monitoring, • fault detection, • fault diagnosis, • fault handling • fault-tolerance. Ubiquitous computing: smart devices, environments and interaction

  28. Fault Management • Faults may be random or non-deterministic • Causes? Ubiquitous computing: smart devices, environments and interaction

  29. Performance Management • Collect network statistics using polling or event push • Evaluate performance under normal and degraded conditions • Monitor events that exceed thresholds etc. Ubiquitous computing: smart devices, environments and interaction

  30. Performance Management • Sometimes it may not be possible to specify absolute single point boundaries for system • There are several specific ways to manage performance: • Best effort • QoS • SLA. Ubiquitous computing: smart devices, environments and interaction

  31. Chapter 12: Overview The slides for this chapter are split into several parts: • Part A: Core Management of UbiCom systems & CCI • Part B: Monitoring, Configuration, Fault & Performance Management • Part C: Security Management Basics  • Part D: Security Management of Middleware, Terminals & Content • Part E: Service-Oriented Management of CCI • Part F: Information Management of CCI • Part G: Managing HCI • Part H: Privacy Management: Identification • Part I: Privacy Management: Requirements & Safeguards • Part J: Managing HPI Ubiquitous computing: smart devices, environments and interaction

  32. Security management • Security management concerns • assessment of risk of threats which cause some loss of value to system assets • heightened through any system vulnerabilities or weaknesses and developing • maintaining appropriate safeguards or security controls to protect assets against threats • 3 basic types of safeguard: • Detection, • Prevention • Correction • Both detection and correction offer a priori protection • Correction offers a posterior protection. Ubiquitous computing: smart devices, environments and interaction

  33. Security Safeguards UbiCom System security can be modelled in terms of: • Viewpoints of sets of Safeguards that protect the system Assets (the items of value in a system) • against Threats (actions that actively  value of assets) • V-SAT model of security Ubiquitous computing: smart devices, environments and interaction

  34. V-SAT Model for Security Management

  35. V-SAT Model for Security Management Example • Threat • Sender masquerade • Asset • Information about real sender shared with fake sender • Actions requested by a fake sender are performed by receiver. • Safeguards • Authenticate caller identity • Call back real sender • Strong password based access control Ubiquitous computing: smart devices, environments and interaction

  36. Security Policies • Security management involves specifying 2 main relationships: • of threats against assets • of safeguards against assets. • A security policy specifies? • . • Security policies are often represented using? Ubiquitous computing: smart devices, environments and interaction

  37. Risk Assessment • Risk assessment is used to model: • the assets of value in a system • their loss in value in relation to • the probability of the threat happening and • to the probability of the threat succeeding. • Information on which to quantify the risk of threats can be based upon? Ubiquitous computing: smart devices, environments and interaction

  38. Encryption support for Confidentiality, Authentication and Authorisation • Core security techniques to safeguard distributed systems use • encryption & decryption, • symmetric or asymmetric keys, • to support confidentiality, authentication and authorisation. • Encryption algorithm or cipher: transforms clear or plain content into encrypted content using an encryption key. • Decryption algorithm: transform encrypted content back into plain content using a corresponding decryption key. Ubiquitous computing: smart devices, environments and interaction

  39. Encryption support for Confidentiality, Authentication and Authorisation • In symmetric encryption, same key is used for encryption and decryption • Key needs to be kept secret – a secret key. • Key challenge here is how to distribute secret keys while keeping them confidential in transit. • ?? Ubiquitous computing: smart devices, environments and interaction

  40. Asymmetric Encryption • Also called public key encryption algorithms • Public key is made available in an unrestricted fashion and used for encryption by the sender. • Private key, used to decrypt a message in the receiver & is kept secret by the receiver. • Private key cannot be derived from the public key. • This eases the problem of the sender and receiver having to somehow share the same secret key. • Public key encryption enables the public keys used for encryption to be made public. Ubiquitous computing: smart devices, environments and interaction

  41. Authentication • Authorisation often involves authentication • Although public key encryption can be used for authentication, a key issue is how does someone know that the public key belongs to a particular identity? • Anyone could claim that they hold a particular identity? • Something or someone is needed to attest that a particular identity is bound to a particular identity. • ??? Ubiquitous computing: smart devices, environments and interaction

  42. Authentication • Mainstream approach involve identity certificate authorities. • In open environment, greater flexibility is useful in order for one party to authorise another party to act on their behalf. • Can some restrictions be removed to enable flexibility? • Cam we have Security without identification: privacy? Ubiquitous computing: smart devices, environments and interaction

  43. Chapter 12: Overview The slides for this chapter are split into several parts: • Part A: Core Management of UbiCom systems & CCI • Part B: Monitoring, Configuration, Fault & Performance Management • Part C: Security Management Basics • Part D: Security Management of Middleware, Terminals & Content  • Part E: Service-Oriented Management of CCI • Part F: Information Management of CCI • Part G: Managing HCI • Part H: Privacy Management: Identification • Part I: Privacy Management: Requirements & Safeguards • Part J: Managing HPI Ubiquitous computing: smart devices, environments and interaction

  44. Part ?: Overview • An analysis of the use of smart mobile devices reveals an increased risks compared to desktop computers • to secure middleware, • to secure access devices • to secure content, Ubiquitous computing: smart devices, environments and interaction

  45. Securing the System and its Middleware Some examples of threats through the use of seamless (wireless) networks: • A) Compromised phones can as free-loader users in a local network; • B) Remote users can overload a network, preventing access by a local user; • C) Local and remote users can eavesdrop on a normal user. Ubiquitous computing: smart devices, environments and interaction

  46. Securing the System and its Middleware

  47. Disappearing Security Perimeter Causes •  use of seamless networks of IP networks everywhere, •  Mobile users •  Wireless access:  interfere RF interference, eavesdropping •  use of Unknown, Untrusted intermediaries: man- in-the-middle attack •  connection in a session by a user to the wrong service • These increase risk of security breaches • Solutions? Ubiquitous computing: smart devices, environments and interaction

  48. Securing Middleware • Some preventive and corrective type safeguards to handle denial of service threats to mobile devices have also been dealt with elsewhere • Remote Back-ups & occasional synchronisation (Section 12) • Remote-access model can be used to support a distributed UVE type desktop on the mobile device (Section 4.2) • Mobile devices can be designed to deal with the threat of volatile remote service access (Section 3.3.3.9) • Techniques based upon self-healing and self-protecting can also be used (Section 10.4) Ubiquitous computing: smart devices, environments and interaction

  49. Securing Access Devices Devices may be left unsecure: • Because their owners expect that they will remain under their physical control, • When Devices are discarded: • Often, devices with inbuilt network security are supplied in a wide open access mode without any security Ubiquitous computing: smart devices, environments and interaction

More Related