demo cloud optional home iot w ndn
play

DEMO Cloud-optional Home IoT w/NDN UCLA IRL 8 9 Motivation NDN - PowerPoint PPT Presentation

Aug 02, 2023 •24 likes •304 views

DEMO Cloud-optional Home IoT w/NDN UCLA IRL 8 9 Motivation NDN primitives already provide benefits to IoT systems, we will demonstrate that here. IOTDI 16 and 17 papers discuss building higher-level functionality. Basic idea

  1. DEMO Cloud-optional Home IoT w/NDN UCLA IRL 8

  2. 9

  3. Motivation • NDN primitives already provide benefits to IoT systems, we will demonstrate that here. • IOTDI ‘16 and ‘17 papers discuss building higher-level functionality. • Basic idea for today: Avoid unnecessary cloud dependence! • Cannot add devices or authorize users when cloud is inaccessible. • Additional delay even if command issuers and target devices reside on the same local network. • Unnecessary data exposure from the local network to the external parties may lead to security and privacy issues. Figure 1: typical cloud-centric IoT architecture [1] Shang, Wentao, et al. "Breaking out of the cloud: local trust management and rendezvous in named data networking of things." Internet-of-Things Design and Implementation (IoTDI), 2017 IEEE/ACM Second 10 International Conference on. IEEE, 2017.

  4. NDN-based Home IoT authentication server Establish trust relationship device Discover services device Automatically device • Authentication Server (AS) • Serves as the trust root within this home network and a local CA • Be responsible to add devices and authorize users • May be a control hub, home router or smart phone owned by the owner of this home network. • Devices • Resource producers and / or command handlers • T emperature sensors, camera monitors, light controllers, etc. • Resource consumers and / or command issuers 11 • Smart phones, latptops, etc.,

  5. NDN-based Home IoT authentication server Establish trust relationship device Discover services device Automatically device • Key benefits “out of the box” from NDN • Schematized trust management • All data signed, no perimeter security required, though it can be implemented based on data naming. • Completely local management breaks the dependencies on Clouds • Hand over to external parties (i.e. CA in the cloud) smoothly whenever required • Data-centric and consumer-driven communication • Forget about where they are and how to reach them • Focus on what you want and how to get them 12 • Cross-layer protocol stack and rich tools simplify network configuration

  6. Bootstrap: A few steps to join NDN-based Home IoT • Basic assumptions • Each device has a physical connectivity to the authentication server • e.g., Ethernet, ad-hoc wifi, etc • Each device has an unique ID (at least locally) and keeps it as secret • Maybe a barcode set by its manufacturer, or a pin code assigned by the owner of this Home network • There is an out-of–bound way to share device’s secret to the authentication server • e.g., scan the barcode or enter the pin code • High level bootstrap process • The owner gives the ID of a new device to the AS • Authentication server initiates the bootstrap by probing for the device • Secure the process by a secret shared from the target device • The device applies generates a key-pair and asks AS to sign it • AS will sign and reply with the signing certificate first • The device sets trust anchor and requests the signed certificate 13

  7. Demo • Implementations • C++ • Ndn-cxx • NFD runs separately • Basic configurations • A laptop acts as the AS (/shannon/as) • 2 Raspberry Pi emulates temperature sensors • /temp-sensor/pi1 • /temp-sensor/pi2 • Another laptop acts as the consumer who is interested in temperatures • /alice/macbook • What to demonstrate • The bootstrap process that enable devices join the trusted network • The auto-discover process that help devices find out services in network 14

  8. Bootstrap: enable devices join the trusted network step 1 --- AS probes the device /shannon/as /shannon/temp-sensor/pi1 Interest : /localhop/probe-device/[ as name ][ Hmac Sig ] AS initiates trust establishment by probing a new device, the probe is secured by the shared secret 15

  9. Bootstrap: enable devices join the trusted network step 1 --- as probes the device /shannon/as /shannon/temp-sensor/pi1 Interest : /localhop/probe-device/[ as name ][ Hmac Sig ] AS initiates trust establishment Data : /localhop/probe-device/[as name]/[Hmac Sig]/[V] HMAC verification by probing a new device, the probe is secured by the shared secret ( content : device name, /shannon/temp-sensor/pi1 ) device will reply with its name and accessible URIs once it can verify ( signature : HMAC signature) the probe request. This reply is also secured by shared secret 16

  10. Bootstrap: enable devices join the trusted network step 2 --- device applies for as-signed certificate /shannon/as /shannon/temp-sensor/pi1 Interest : /localhop/probe-device/[ as name ][ Hmac Sig ] Data : /localhop/probe-device/[as name]/[Hmac Sig]/[V] HMAC verification ( content : device name, /shannon/temp-sensor/pi1 ) device will reply with its name and accessible URIs once it can verify ( signature : HMAC signature) the probe request. This reply is also secured by shared secret HMAC verification after verifying the reply, AS will S i g ] c m a register the device’s name to the H n f o ] [ y - i k e 1 [ / p i s o r s e n p - e m n / t n n o h a local forwarding daemon to get t / s c e r p l y - a p a s / o n / n n h a t : / s r e s n t e I ready for the device’s Interests device register AS’s name to the local forwarding daemon, and then creates a key-pair and send out a request for signed certificate to AS 17

  11. Bootstrap: enable devices join the trusted network step 2 --- device applies for as-signed certificate /shannon/as /shannon/temp-sensor/pi1 Interest : /localhop/probe-device/[ as name ][ Hmac Sig ] Data : /localhop/probe-device/[as name]/[Hmac Sig]/[V] HMAC verification ( content : device name, /shannon/temp-sensor/pi1 ) ( signature : HMAC signature) HMAC verification after verifying the reply, AS will S i g ] c m a register the device’s name to the H n f o ] [ y - i k e 1 [ / p i s o r s e n p - e m n / t n n o h a local forwarding daemon to get t / s c e r p l y - a p a s / o n / n n h a t : / s r e s n t e I ready for the device’s Interests device register AS’s name to the local forwarding daemon, and then creates Data : /shannon/as /apply-cert/ shannon/temp-sensor/pi1/xxxx /[V] HMAC verification a key-pair and send out a request for signed certificate to AS (content : trust anchor, i.e., cert of as-key) HMAC verification ( signature : HMAC signature) after verifying the request, AS will sign device’s public key dev-key verify the received certificate and then set it as the trust anchor with its own key as-key . Then send the certificate of as-key to the device 18

  12. Bootstrap: enable devices join the trusted network step 3 --- device requests for the as-signed certificate /shannon/as /shannon/temp-sensor/pi1 I n t e r e s t : / l o c a l h o p / p r o b e - d e v i c e / [ a s n a m e ] [ H m a c S i g ] ] [ V g ] / HMAC verification S i c m a H / [ e ] a m n s / [ a c e v i d e e - b r o / p o p l h c a l o a : / a t D 1 ) p i o r / s e n - s m p e / t o n n n a s h , / m e a n c e v i d e t : e n n t o ( c e ) u r a t n s i g C A M H r e : t u n a g s i ( HMAC verification Interest : /shannon/as /apply-cert /shannon/temp-sensor/pi1 [ key-info ][ Hmac Sig ] Data : /shannon/as /apply-cert/ shannon/temp-sensor/pi1/xxxx /[V] HMAC verification (content : trust anchor, i.e., cert of as-key) HMAC verification ( signature : HMAC signature) after verifying the request, AS will sign device’s public key dev-key with its own key as-key . Then send the certificate of as-key to Interest : /shannon/temp-sensor/pi1/KEY/[k-id] the device express a regular interest to ask for the signed certificate of dev-key Data : /shannon/temp-sensor/pi1/KEY/[k-id]/ID-CERT/[c-id] /[V] ( signature : sign by as-key) 19

  13. Auto-discovery: discovery neighbors and surrounding services • Pre-conditions • A device will not be able to discovery unless the Bootstrap is done • A device can reach potential targets physically (directly or via the AS) • Device/Service discovery • A device initiates one discovery by probing its neighbors • Automatically triggered after bootstrap (proactive) • Secured by the AS-signed certificate • With its own name embedded to enable reactive discovery • Any receiver reply the probe Interest if it’s verifiable • Reply with its routable name • Reply with all accessible services (identified by names) 20

  14. Producers reply to trusted discovery requests with names and services Authorization /shannon/as and certificates Temperatures record /temp-sensor/pi1 authentication server /temp-sensor/pi2 temp-sensor temp-sensor Temperatures record consumer /alice/mackbook What services are there? 21

  15. Q&A 22

  16. Open mHealth UCLA IRL / REMAP 23

  17. Open mHealth: Motivation Prakash, R . Adoption of block-chain to enable the scalability and adoption of Accountable Care . 2016. 24 http://www.hhs.gov/about/news/2016/08/29/onc-announces-blockchain-challenge-winners.html

Recommend

Vagrant Up Your Rackspace Private Cloud Hello! Who are you? Live Background Demo Why?

Vagrant Up Your Rackspace Private Cloud Hello! Who are you? Live Background Demo Why?

Vagrant Up Your Rackspace Private Cloud Hello! Who are you? Live Background Demo Why? How? Thank You! Go to thornelabs.net Search for vagrant and select the second link @jameswthorne on Twitter jthorne on irc.freenode.net

383 views • 5 slides
AWS Agility + Splunk Visibility = Cloud Success Splunk App for AWS Demo Laura Ripans, AWS

AWS Agility + Splunk Visibility = Cloud Success Splunk App for AWS Demo Laura Ripans, AWS

AWS Agility + Splunk Visibility = Cloud Success Splunk App for AWS Demo Laura Ripans, AWS Alliance Manager Disruptive innovation and business transformation starts with data I HAVE BEEN GIVEN AN AWS ACCOUNT!!! 3 Why is Splunk Important

686 views • 15 slides
Automate your home with Home Assistant Alternatives Very convinient Everything happens in

Automate your home with Home Assistant Alternatives Very convinient Everything happens in

Automate your home with Home Assistant Alternatives Very convinient Everything happens in the Cloud Nice looking bricks without internet connection Always listening and sending home data about you No incentive to integrate

1.41k views • 30 slides
following 25 slides for ACTIVITY 3 There are some tasks on here that are additional/optional. I

following 25 slides for ACTIVITY 3 There are some tasks on here that are additional/optional. I

Home learning use the following 25 slides for ACTIVITY 3 There are some tasks on here that are additional/optional. I am only asking for the timeline on the final slide to be attempted. Aim Aim I can explain what the Universal

1k views • 52 slides
TCP IN A WORLD OF CLOUD SERVICES Jiang Zhu Stanford University In collaboration with: Nandita

TCP IN A WORLD OF CLOUD SERVICES Jiang Zhu Stanford University In collaboration with: Nandita

TCP IN A WORLD OF CLOUD SERVICES Jiang Zhu Stanford University In collaboration with: Nandita Dukkipati, Sateesh Addepalli, Flavio Bonomi Cisco Systems CLOUD SERVICES WHAT IS THE DEMO ABOUT? Long wait times in accessing the cloud TCP

415 views • 24 slides
Itron Idea Labs Smart City Demo Presented by 1 Itron SDK Sequans MWC Demo - Description By

Itron Idea Labs Smart City Demo Presented by 1 Itron SDK Sequans MWC Demo - Description By

Itron Idea Labs Smart City Demo Presented by 1 Itron SDK Sequans MWC Demo - Description By combining Sequans PXL SDK and Itron Cloud services, Itron Idea Labs created a complete solution opening the path for 3rd party partners to develop

294 views • 5 slides
Advanced Exercises (optional - but then again, all of these are optional) Exercise 1 I posted

Advanced Exercises (optional - but then again, all of these are optional) Exercise 1 I posted

Advanced Exercises (optional - but then again, all of these are optional) Exercise 1 I posted solution to all the previous exercises. Go through my solutions and compare to yours. Experiment with some of the alternatives I show. Let me know of

801 views • 11 slides
DEMO: torus example DEMO: torus example DEMO: torus example M Datar, Y Gur, B Paniagua, MA

DEMO: torus example DEMO: torus example DEMO: torus example M Datar, Y Gur, B Paniagua, MA

DEMO: torus example DEMO: torus example DEMO: torus example M Datar, Y Gur, B Paniagua, MA Styner , RT Whitaker, Geometric Correspondence for Ensembles of Nonregular Shapes, MICCAI 2011 (a)

613 views • 17 slides
Deep Dive: CNCF Serverless WG/ CloudEvents Agenda CloudEvents demo Deployment pipeline

Deep Dive: CNCF Serverless WG/ CloudEvents Agenda CloudEvents demo Deployment pipeline

Deep Dive: CNCF Serverless WG/ CloudEvents Agenda CloudEvents demo Deployment pipeline CloudEvents best practices Demo Vlad Ionescu, Independent Ownzones 75 cloud e 75 c engineers wi with 100+ years s of accumulated exp

564 views • 33 slides
Adapting JDT to the Cloud Alex Boyko Pivotal Jay Arthanareeswaran - IBM John Arthorne - IBM

Adapting JDT to the Cloud Alex Boyko Pivotal Jay Arthanareeswaran - IBM John Arthorne - IBM

Adapting JDT to the Cloud Alex Boyko Pivotal Jay Arthanareeswaran - IBM John Arthorne - IBM Topics Background and motivation Adapting JDT code base to run in cloud Incorporating Java tooling in Web IDEs Demo Conclusions

851 views • 26 slides
Office of International Engagement Optional Practical Training (OPT) Optional Practical

Office of International Engagement Optional Practical Training (OPT) Optional Practical

Office of International Engagement Optional Practical Training (OPT) Optional Practical Training A period in which undergraduate and graduate students with an F-1 or F-3 status who have completed or have been pursuing a degree for one full

479 views • 14 slides
Optional Life and Optional AD&D Insurance Oregon Educators Benefit Board Standard Insurance

Optional Life and Optional AD&D Insurance Oregon Educators Benefit Board Standard Insurance

Optional Life and Optional AD&D Insurance Oregon Educators Benefit Board Standard Insurance Company Optional Life Insurance Life insurance helps protect your loved ones from financial hardship should you pass away. What is it for?

407 views • 7 slides
Enabling Cloud-Native Applications with Application Credentials in Keystone Colleen Murphy Cloud

Enabling Cloud-Native Applications with Application Credentials in Keystone Colleen Murphy Cloud

Enabling Cloud-Native Applications with Application Credentials in Keystone Colleen Murphy Cloud Developer at SUSE cmurphy @_colleenm Overview Why we needed application credentials What are application credentials? (with demo!)

637 views • 25 slides
GetPowerPay.com Cloud Based Digital Financing Platform for Home Services Companies Problem with

GetPowerPay.com Cloud Based Digital Financing Platform for Home Services Companies Problem with

GetPowerPay.com Cloud Based Digital Financing Platform for Home Services Companies Problem with Indirect Lending Model Unnecessary Dealer Fees Primarily Credit Card Products Complicated Enrollment Ask Contractors to Process

986 views • 12 slides
61A Lecture 10 Wednesday, September 25 2 Data Types Every value has a type (demo) Properties

61A Lecture 10 Wednesday, September 25 2 Data Types Every value has a type (demo) Properties

Announcements Homework 3 due Tuesday 10/1 @ 11:59pm Optional Hog Contest entries due Thursday 10/3 @ 11:59pm Composition scores will be assigned this week (perhaps by Monday). 3/3 is very rare on the first project. You can gain

637 views • 4 slides
Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come from? Why Cloud? Cloud for small, medium, enterprise, and government Barriers to adoption Embracing Cloud Social Mobile Cloud

972 views • 45 slides
Design and Implementation of a Real-Time Cloud Analytics Platform OSCON Data 2011 David Pacheco

Design and Implementation of a Real-Time Cloud Analytics Platform OSCON Data 2011 David Pacheco

Design and Implementation of a Real-Time Cloud Analytics Platform OSCON Data 2011 David Pacheco (@dapsays) Brendan Gregg (@brendangregg) Agenda The Problem Cloud Analytics Demo Experiences 2 Cloud Performance The problem: weve

769 views • 39 slides
Data Warehouse 11G Overview and Live Demo Stephen Wren Senior Budget Analyst University Budget

Data Warehouse 11G Overview and Live Demo Stephen Wren Senior Budget Analyst University Budget

Data Warehouse 11G Overview and Live Demo Stephen Wren Senior Budget Analyst University Budget Office 1 FDW 11G - Objectives Navigation Functionality & Tools Live Demo 2 Look & Feel Home page Recent shows the last

573 views • 21 slides
SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud Tour of the buzzwords, myths and realities Whats in store for me, the boss, the company, the industry? Your cloud, our cloud their

224 views • 19 slides
Optional Practical Training (OPT) International Students Optional Practical Training (OPT) Today

Optional Practical Training (OPT) International Students Optional Practical Training (OPT) Today

Optional Practical Training (OPT) International Students Optional Practical Training (OPT) Today we will discuss: What is OPT When to Apply Items Needed for OPT Application How to Apply Important Considerations Social

289 views • 9 slides
Video Broadband Voice In Home In Home In Home Out of Home Out of Home Out of Home Safe

Video Broadband Voice In Home In Home In Home Out of Home Out of Home Out of Home Safe

April 2013 Video Broadband Voice In Home In Home In Home Out of Home Out of Home Out of Home Safe Harbor Cautionary Statement Concerning Forward Looking Statements Certain statements contained herein may constitute forward - looking

567 views • 32 slides
TRACK SUIT 4 NEW STYLE! JONES Prices DO NOT include GST Optional Name add $5 Optional Number

TRACK SUIT 4 NEW STYLE! JONES Prices DO NOT include GST Optional Name add $5 Optional Number

TRACK SUIT 4 NEW STYLE! JONES Prices DO NOT include GST Optional Name add $5 Optional Number add $4 PANTS JACKET Along side seam of right leg Youth $85 (YS-YXL) ProTwill on Back of jacket 4 Includes KNIGHTS Along side seam (screen)

371 views • 21 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

Cornell CS5412 Cloud Computing (Spring 2015) 1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper! The cloud business model is growing at an unparalleled pace without any limit in sight

632 views • 45 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper The cloud business model is growing at an unparalleled pace without any limit in sight In the future everything will be on the cloud

945 views • 65 slides

More recommend