Mon onitori oring g Con oncep cept for Di for Dist stri ribu - - PowerPoint PPT Presentation

Institute of Operating Systems and Computer Networks

Platzhalter für Bild, Bild auf Titelfolie hinter das Logo einsetzen Felix Büsching, Maximiliano Bottazzi, Lars Wolf

The G GAL

Mon

• nitori
• ring

g Con

• ncep

cept for Di for Dist stri ribu buted ed AAL Pla Platforms forms

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 2 / 16

Bra Brauns unschweig ig Be Beij ijing ing 754 7540 km km

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 3 / 16

2050 2005

What hat are are we we deali aling wi with th in G German rmany? y?

1910

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 5 / 16

What hat the the he hell ll is is GAL? AL?

German Project “GAL” G estaltung A ltergerechter L ebenswelten “Design of Environments for Aging”

• Research project
• Funded by the state of Lower Saxony
• Interdisciplinary approach

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 6 / 16

Exem xemplar ary y Assi ssist sting Syst ystem ems 1. Personal activity and household assistant

• 2. Monitoring of sports activities

in prevention and rehabilitation 3. Sensor-based activity determination

• 4. Sensor-based fall prevention

and fall recognition All running on the same platform @ho @home e of

• f an

an el elder erly y perso son

Use Ca se Cases ses / S / Scen cenarios

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 7 / 16

Multi lti-Servi rvices Home Home Platform latform – Middle leware ware an and Gate ateway way

Cameras Microphones Ultrasonic Sensors White Goods Power Sensor Body Area Network Home Automation User Interfaces Notification / Alarm I²C USB FireWire PowerLine Ethernet IEEE802.15.4 KNX, EIB, LON PSTN, GSM, ISDN GAL-Middleware Platform Multi Services Home Platform Internet

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 8 / 16

Moti

• tivati

vation

• n: Go

Going ing out utsi side! de!

2 1 4 5 9 8 7 6 3

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 9 / 16

Remote mote Bac ackup & & Mon

• nitori

toring: Ci Circum cumst stances ces

Internet 1 3 2 4

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 10 / 16

Fiel eld S d Study udy – Cond ndit itio ions ns & & As Assump mpti tion

• ns

Scattered MSHP-Systems

• Connection to the internet
• Various physical layers (Modem, ISDN, xDSL, GSM, 3G, 4G…)
• Various (asymmetric) connection speeds (56 kbit/s  >100 Mbit/s)
• Firewalls, NAT
• No access to intermediate systems (routers, provider networks, ...)

Internet 1 3 2 4

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 11 / 16

Conne nnectio ion Spe n Speed

SSH (load) 50 40 30 20 10 Bandwidth (Kbyte/s) VNC (load)

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 12 / 16

Fiel eld S d Study udy – Cond ndit itio ions ns & & As Assump mpti tion

• ns

Scattered MSHP-Systems

• Connection to the internet
• Various physical layers (Modem, ISDN, xDSL, GSM, 3G, 4G…)
• Various (asymmetric) connection speeds (56 kbit/s  >100 Mbit/s)
• Firewalls, NAT
• No access to intermediate systems (routers, provider networks, ...)

Internet 1 3 2 4

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 13 / 16

GAL P AL Pri rivac vacy y an and S Securi rity ty Parad aradigm

• “Ever

very bi y bit of recorded and processed data st stays ays at at a persons ho home on their own MSHP(-System)”

• All processing is done “at home” – no online-service/cloud/server involved
• Only high level alarms leave the platform
• No transmission of low-level data
• User may initiate transfer
• No way in (from the outside)

… in contradiction to

• Remote Monitoring
• Remote Configuration
• Remote Backup & Restore

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 14 / 16

VPN: M VPN: Mea eans s of Choi hoice

• VPN Concentrator at central place
• MSHPs establish connection to VPN concentrator
• Initiated from each MSHP
• TUN-Interface is the only usable Interface
• MSHPs not reachable from “the Internet”

Internet 1 n

MSHPs Monitoring Instance VPN- Concentrator

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 15 / 16

Ap Appli licati ation

• n Laye

Layer r VPN: Open enVPN VPN

• Open Source
• Transport Layer Security (TLS)
• Little Overhead

1: Physical 5: Application 2: Data Link 3: Network 4: Transport 1: Physical 2: Data Link IP Ethernet OpenVPN IP TCP/UDP MSHP Virtual Interface Ethernet OpenVPN IP TCP/UDP Ethernet IP TCP Application Intermediate Systems (IP Router) Concentrator

Layer 5 – no problem for

• Intermediate Systems
• NAT
• Firewalls

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 16 / 16

Imp mple leme mentati tation

• n

Pre-install MHSPs

• Settings
• concentrator address
• Certificates
• Pairs of keys for every system

Just…

• … carry the preconfigured system to end user!
• … plug it in (existing Internet connection)
• -> System is capable of being monitored

A-C B-C C-A C-B

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 17 / 16

Curre rrent t statu tatus & & Futu ture re W Work

• rk
• Automated setup of MSHP systems
• VPN concentrator up and running
• Basic monitoring by heartbeat ping
• Remote configuration by SSH access
• Web interface for detailed monitoring and remote configuration
• Encrypted remote backup and restore

Just about to deploy the systems!

Institute of Operating Systems and Computer Networks

• F. Büsching, M. Bottazzi, L. Wolf | Monitoring Concept for Distributed AAL Platforms 18 / 16

Summary an mmary and C Con

• nclu

lusion

• n

Privacy and Security have to be addressed in AAL Platforms

• Storing & processing the data in p

place may be an option!

Remote Monitoring of AAL Platforms is needed

• At least if deployed in rural areas

Application Layer VPN (e.g. OpenVPN)…

• Secures Monitoring Traffic
• Even unsecure SNMP v1/2 is utilizable
• Deals with Firewalls, NAT, IS
• Solves some privacy & security issues
• If connection is initiated by remote AAL system

Thanks for the attention!

• buesching@ibr.cs.tu-bs.de