1
MOBILE & UBIQUITOUS COMPUTING
Lâm Vĩnh Tuyên
Nguyễn Công Thương
2
Outline
- Introduction
- Association
- Interoperation
- Sensing and context-awareness
- Security and privacy
- Adaptation
- Summary
3
Introduction
- Mobile computing: (1980)
- Paradigm in which users
could carry their personal
computers and retain some connectivity
to other machines
- Laptops, PDAs, mobile phones, …
- Infrared, WiFi, Bluetooth,
GPRS, …
- Size, battery capacity ><
processing power, screen and resource restrictions
4
Introduction (cont)
- Ubiquitous computing: (Mark
Weiser 1988)
- Wearable computing:
- Devices attached to clothes,
worn like watches, jewellery, …
- Context-aware computing:
- E.g: device will automatically
switch itself to “vibrate” instead
of “ring” when
it is in the cinema
5
Introduction (cont)
- Volatile systems: changes
are common rather than exceptional
- Relevant forms of volatility:
- Failures of devices and
communication links
- Changes in the characteristics
of communication such as bandwidth
- The creation and destruction
of associations between software components resident on the devices
6
Introduction (cont)
- Smart space (SS): physical
space with embedded services (servers, printers, sensors, …)
- Types of movement occur
in SS:
- Physical mobility
- Logical mobility
- Add or withdraw static devices
- Devices may fail and disappear
from a space
7
Introduction (cont)
- Device model:
- Limited energy
- Resource constraints
- Sensors and actuators
- Motes
- Camera phones
8
Introduction (cont)
- Volatile connectivity:
- Technology: Bluetooth, WiFi,
GPRS, …
- Disconnection
- Variable bandwidth and
latency:
- Too big => increase error
rates
- Too small => increase
congestion and waste energy
9
Introduction (cont)
- Spontaneous interoperation:
interactions during association
- Lowered trust and privacy:
- Trust in volatile systems
is problematic because of spontaneous interoperation
- Privacy: user may distrust
systems because of their sensing capabilities
10
Association
- Logical relationship formed
when at least one of a given pair of components communicates with the
other over some well-defined period of time
- Network bootstrapping:
solutions rely on servers accessible within SS (e.g: DHCP)
11
Association (cont)
- The association problem
and the boundary principle:
- How to associate approximately
=> address 2 main aspects: scale and scope
- Smart space need to have
system boundaries
- Solution to the association
problem is using “Discovery
services”
12
Association (cont)
- Discovery services (DS):
is a directory service
- The directory data required
by a particular client
- There may be no infrastructure
in the SS to host a directory server
- Services registered in the
directory may spontaneously disappear
- The protocols need to be
sensitive to the energy and bandwidth they consume
13
Association (cont)
Remove the service record registered
under the given lease
Deregister(lease)
Refresh the lease returned at registration
Refresh(lease)
Register the service at the given address
with the given attributes; a lease is returned
Lease:=register(address,attributes)
Explanation
Methods for service de/registration
Return a set of registered services
whose attributes match the given specification
serviceSet:=query(attributeSpecification)
Method invoked to look up a service
14
Association (cont)
- Issues in the design of
a DS:
- Low-effort, appropriate
association: without any human effort
- Service description and
query language: match services to client’s request for services
- Smart-space-specific discovery:
access an instance (scope) of DS which is appropriate to physical circumstances
- Directory implementation:
network bandwidth, timeliness of DS and energy consumption
- Service volatility: handle
client and service disappearance
15
Association (cont)
- Physical association: the
following techniques have been developed
- Human input to scope discovery:
- Sensing and physical constrained
channels to scope discover:
- Direct association: without
using a DS
- Address-sensing: use a device
to sense the network address of the target device directly
- Physical stimulus: use it
to cause the target device to send its address
- Temporal or physical correlation:
use temporary or physically correlated stimuli to associate devices
16
Interoperation
- Models for interoperation
including various forms of inter-process communication, method invocation
and procedure invocation
- Problem: software interface
incompatibility
- Approach:
- Allow interfaces to be heterogeneous
- Constrain interfaces to
be identical in syntax across as wide a class of components as possible
17
Interoperation (cont)
- Data-oriented programming
for volatile systems:
- Models for interoperation
between indirectly associated components:
- Event systems
- Tuple spaces
- Designs for interoperation
between directly associated components:
- JetSend: for interactions
between appliances such as cameras, printers, scanners and TVs
- Speakeasy
18
Interoperation (cont)
Event System
Event Service
Publisher
Subscriber
event
(structured data)
event
19
Sensing & context-awareness
- Sensors: some examples
- Location, velocity and orientation:
satellite navigation units, accelerometers, magnetometer
- Ambient conditions: thermometers,
sensors measure light intensity, sound intensity
- Presence: sensors measure
physical load
20
Sensing & context-awareness (cont)
- 4 challenges in designing
context-aware systems:
- Integration of idiosyncratic
sensors
- Abstracting from sensor
data
- Sensor outputs may need
to be combined
- Context is dynamic
21
Sensing & context-awareness (cont)
- Architectures support context-aware
applications:
- Sensing in the infrastructure:
set of sensors is relatively stable
- Wireless sensor networks:
- Set of sensors forms a volatile
system
- Consist of a number of small,
low-cost devices or nodes each with facilities for sensing, computing
and wireless communication
22
Sensing & context-awareness (cont)
- Location-sensing: the most
attention
No
Relative (room) coordinates
Variable
Camera installations
Vision, triangulation
Easy Living
Tag identity disclosed
Proximity to known entity
Room size
Sunlight or fluorescent light
Infrared sensing
Active Bat
Yes
Absolute geographic coordinates (latitude,
longitude, altitude)
1-10m
Outdoors only (satellite visibility)
Multilateration from satellite radio
sources
GPS
Privacy
Type of location data
Accuracy
Limitations
Mechanism
Type
23
Sensing & context-awareness (cont)
- Architecture for location-sensing:
- The location stack: it divides
location-sensing systems for individual SS into layers
- The sensor layer: contains
drivers for extracting raw data from a variety of location sensors
- The measurements layer:
turns raw data into common measurement types including distance, angle
and velocity
- The fusion layer: combines
the measurements from different sensors to infer the location of an
object
24
Security and Privacy
- User and admin require
security for their data and resources (confidentiality, integrity, availability) – Trust
is lowered in volatile systems.
- Privacy – ability to control the accessibility of information.
25
Hardware related issues
- Portable devices are more
easily stolen and tampered. A security design should not rely on the
integrity of any subset of devices.
- Devices in volatile systems
don’t
have sufficient computing resources for assymetric (public-key) cryptography
symmetric cryptography sharing key.
26
Hardware related issues
- Energy – security protocol must be design to minimize
communication overheads and new type of denial of service attack.
- Disconnected operation – avoid
security protocols that rely on continuous online access to a server.
27
New type of resource sharing
- The admin of a smart space
expose a service accessible to visitors over wireless network.
- Two employees of the same
company exchange a document between their mobile phone at a conference.
- A nurse take a wireless
heart-rate monitor from a box, attaches it to patient.
28
New type of resource sharing
- Secure spontaneous device
association –
secure transient association problem.
- Goal is to create a secure
channel between two devices by securely exchanging a session key.
- Assumptions: any device
or user
- Not share a secret with
the other.
- Not posess the other’s public
key.
- Don’t have access to a trusted third party.
29
Potential threats
- Attacker can eavesdrop,
replay and synthesize messages.
- Attacker may attempt to
launch a man-in-the-middle attack.
30
Solutions
- Users can exchange their
own key, but short string can be learned by exhaustive search.
- Using side channel with
certain physical properties: one of devices generates a fresh session
key and sends it to the other over a receive-constrained channel: physical
contact, infrared, audio, laser, barcode and camera.
31
Solutions (cont.)
- Use a constrained channel
to physically authenticate one device’s public key, then use it to exchange a session
key
devices are powerful enough.
- Exchange a session key
insecurely and then validate it - use a physical constrained channel
to verify that the key is possesed solely by the required physical source.
32
Association methods
- The methods are vary in
the degree of security but are suitable for spontaneous association:
- None requires online access.
- None requires users to authenticate
themselves.
33
Location-based authentication
- Users require privacy
don’t
want to provide personal information.
- Admins require security
require access control.
Base on location of the services’ clients.
34
Privacy protection
- Even though users withhold
their identity, there may be some type of potentially identifying information.
35
Solutions
- Provide name and addresses
in service accesses.
- Using MAC-level address – visible
to other devices such as access point.
- Using RFID tags.
-
link to the user’s
personal information.
-
using “soft” address.
36
Solutions (cont.)
- Using privacy proxy: each
device has a secure, private channel to the proxy.
- Problems:
- Central point of vulnerability.
- Proxies don’t hide which services the users access.
37
Solutions (cont.)
- Mixing:
- Construct an overlay network
of proxies that encrypt, aggregate, re-order, and forward messages.
Each proxy trusts and shares keys only with its neighbors.
- Obscure users’ locations
by exploiting the presence of many users in each location.
38
Adaptation
- Devices in volatile systems
are much more heterogeneous than PCs in processing power, I/O capabilities
and energy capacity.
- The presence of runtime
change itself: runtime conditions such as the available bandwidth and
energy are prone to chage dramatically.
39
Context-aware adaptation of content
- Multimedia application.
- Send the same content
bandwidth limitations and device heterogeneity.
- Content is a function of
context: media producer should take account not only of the consuming
device’s
capability, but also such factors as the preferences of the device’s user,
and the nature of his or her task.
40
Solutions
- HTTP protocol:
- A client specifies preferences
for the MIME types of the content it cac accept in its request header.
- The server try to match
those preferences in the content it returns.
41
Solutions (cont.)
- Type-specific compression:
proxies perform compression:
- Compression should be lossy
but specific to the media type semantic information can be used to decide
which media features it is important to retain.
- Transcoding should be performed
on the fly because statically pre-prepared content forms will not provide
sufficient flexibility to cope with dynamic data.
- Transcoding should be performed
in proxy servers so that both clients and services are transparently
separated from transcoding concerns.
42
Problems
- Volatile systems require
adaption between any pair of dynamically associated devices.
- Adaption is not restricted
to clients of particular services.
- There are potentially many
more providers whose content needs to be adapted.
- The providers may also
be too resource-poor to perform certain types of adaption themselves.
43
Adapting to changing
system resources
- OS support for adaptation
to volatile resources: Satyanarayanan:
- Application request and
obtain resource reservation.
- Notify the user of changed
levels of resource availability they can act according to application.
- OS notify the application
of changing resource conditions and the application adapt according
to its particular needs.
44
Solutions
- OS support for adaptation
to volatile resources: Odyssey architecture:
- Applications manage data
types (video, images)
- When resource conditions
change, they adjust the fidelity – the type-specific quality
- Viceroy divides the
device’s
total resources between each of several applications running on it.
45
Solutions (cont.)
- Odyssey architecture
- Each application runs with
a window of tolerance to changes in resource conditions.
- When the viceroy has to
change resource levels to a value outside the window of tolerance, it
makes an upcall into the application, which then reacting accordingly.
46
Solutions (cont.)
- Taking advantage of smart
space resources: Cyber foraging:
- A processing-limited device
discovers a compute server in a smart space and overloads some of its
processing load to it.
- Energy-aware adaptation:
save the portable device’s batteries by allocating work to the mains-powerd
compute server.
47
Solutions (cont.)
- Challenging requirements:
- The application needs to
be decomposed.
- The compute server should
run a part of the application that involves relatively little communication
with portable device.
- The overall energy consumption
for the portable device must be satisfactory.
- Communication is energy-intensive
energy cost of communication is high.
48
Solutions (cont.)
- Goyal and Carter: decompose
the application in to separate communicating programs. Example the speech
recognition
- The application runs entirely
on the mobile device.
- The mobile device runs
only the user interface, which ships the digital audio to a program
running on the compute server
49
Summary
- Volatile systems:
- The set of users, hardware
and software components are unpredictable changed.
- Connection bandwidth can
vary widely.
- Components are heterogeneous.
- Energy is limited.
- Association.
- Interoperation.
50
Summary
- Sensing and context awareness.
- Security and privacy.
- Adaptation.
51
Question