Blame view

design.tex 10.2 KB
Jinghao Shi authored
1
2
\section{System Design}
\label{sec:design}
Jinghao Shi authored
3
4
5
6

\begin{figure*}[t]
  \centering
  \includegraphics[width=\textwidth]{./figures/design.pdf}
Jinghao Shi authored
7
8
9
10
11
  \caption{\textbf{\wisefi{} System Work Flow.} (1) Reciprocal sharing
    opportunities are detected by \wisefi{} smartphone apps; (2) \wifi{} sharing
    is enabled through coordination of \wisefi{} server; (3) \wifi{} usage and
    performance are monitored by \wisefi{} app to ensure the sharing remains
  reciprocal.}
Jinghao Shi authored
12
13
14
15
16
17
18
19
20
21
22
23
24
  \label{fig:design}
\end{figure*}

Inspired by the results of the investigation in Section~\ref{sec:investigation},
we design a system called \wisefi{} to detect reciprocal sharing
opportunities (\S\ref{subsec:detection}), enable \wifi{} sharing
(\S\ref{subsec:sharing}) and monitor the \wifi{} performance to ensure the
sharing remains reciprocal (\S\ref{subsec:monitoring}). Figure~\ref{fig:design}
shows the overall work flow of the \wisefi{} system.

\subsection{Detection}
\label{subsec:detection}
Jinghao Shi authored
25
26
27
To detect reciprocal sharing opportunities, two pieces of information are
required: the home AP of the device, and neighbor APs' signal strength during
\wifi{} sessions with the home AP. A smartphone application can be deployed
Jinghao Shi authored
28
through app market to collect this information. In particular, the home AP
Jinghao Shi authored
29
30
31
information can be learned over a period of time using the heuristics developed
in Section~\ref{subsec:homeap}, or be inputted directly by user. Once the home
AP information is identified, \wifi{} scan results during sessions with home APs
Jinghao Shi authored
32
can then be logged to identify the neighbor APs that can potentially provide
Jinghao Shi authored
33
better network performance. Finally, this information is uploaded and fused in
Jinghao Shi authored
34
35
\wisefi{} server to identify reciprocal sharing opportunities using the methods
described in Section~\ref{subsec:reciprocal}.
Jinghao Shi authored
36
37
38
39
40

\subsection{Sharing}
\label{subsec:sharing}

Once the reciprocal sharing opportunities are discovered, the \wisefi{} server
Jinghao Shi authored
41
42
distributes such information to the \wisefi{} application on the smartphone, which
prompts the user to establish \wifi{} sharing. The sharing mechanism must meet two
Jinghao Shi authored
43
44
45
46
47
48
goals: \textit{control} and \textit{protection}. First, the system should be
able to control the sharing, including granting the access of home AP to other
\wisefi{} users, and more importantly, revoking the access when needed. Second,
the system should protect the home network from other \wisefi{} users by sharing
access only to the Internet, and protecting private resources such as home
network printers or storage.
Jinghao Shi authored
49
Jinghao Shi authored
50
51
52
53
54
55
Some mid-to-high end wireless routers support the \textit{virtual network}
feature, where multiple virtual \wifi{} networks are emulated by a single router
hardware, and different network parameters, such as SSID, bandwidth cap, access
permission, can be enforced separately for each virtual network. This feature is
typically used to set up a guest \wifi{} network to provide network access to
temporal visitors yet isolate them from home clients. For home APs with such
Jinghao Shi authored
56
feature, \wifi{} sharing can be achieved by only distributing the credentials of
Jinghao Shi authored
57
58
guest network to other \wisefi{} users. Access and bandwidth policies can then
be enforced on the guest network to achieve control and protection.
Jinghao Shi authored
59
Additionally, such isolation and enforcements are most likely already enabled
Jinghao Shi authored
60
61
62
63
64
by default for guest networks, so that even inexperienced user can configure the
\wifi{} sharing through guest network.

For APs without guest network feature, however, cumbersome AP configurations may
be required by user, such as MAC black or white list, routing table
Jinghao Shi authored
65
modification, etc. Such configurations are most likely too complicated for
Jinghao Shi authored
66
average users to perform. However, simply sharing the \wifi{} credentials of user's
Jinghao Shi authored
67
home AP to other \wisefi{} users is not only dangerous, but also making it
Jinghao Shi authored
68
difficult to revoke the access in the future. In the worst case scenario, a user may
Jinghao Shi authored
69
be forced to change the home AP password and reconfigure the \wifi{} credentials
Jinghao Shi authored
70
71
72
73
74
on all his/her devices just to revoke the access of the other \wisefi{} user.
Although most commodity APs support client MAC black or white list feature,
configuring them properly is difficult for average users. Furthermore, the
sharing relationship should be built between users instead of devices: once the
sharing is established, one user should be able to connect any of his/her
Jinghao Shi authored
75
devices, not only the smartphone, to the other user's home AP. Even if the system
Jinghao Shi authored
76
can directly share each other's \wifi{} credentials, manually configuring it on
Jinghao Shi authored
77
78
79
80
all devices is still tedious.

To overcome this challenge, we propose a dynamic \wifi{} AP configuration API
with two simple interfaces: \texttt{getAuthClients} and \texttt{setWhiteList}.
Jinghao Shi authored
81
The semantics of the interfaces are as follows.  \texttt{getAuthClients} 
Jinghao Shi authored
82
returns all the MAC addresses of clients that are currently associated with the
Jinghao Shi authored
83
84
AP through normal authentication. In the home \wifi{} network scenario, this
interface shall return only the MAC addresses of the user's own \wifi{} devices.  On
Jinghao Shi authored
85
86
87
88
89
90
91
92
93
94
other hand, \texttt{setWhiteList} sets a list of white list MAC addresses that
the AP should accept their association requests regardless of possible
authentication errors (e.g., due to incorrect \wifi{} password). Finally, these
requests will only be accepted by the AP when they are sent by devices that are
associated through authentication, not through white list. The API can be
implemented on top of existing SNMP protocols, or be provided in form of RESTful
API through the HTTP server that is already integrated in most commodity APs.

With the help of these configuration APIs, the \wifi{} sharing process can work
as follows. Suppose the \wisefi{} system has discovered the reciprocal sharing
Jinghao Shi authored
95
96
opportunity between Alice and Bob, here are the steps to grant Bob's device
access to
Jinghao Shi authored
97
98
99
100
101
102
103
104
Alice's home AP. First, the \wisefi{} app on Bob's smartphone (which is
associated with Bob's home AP through proper authentication) sends a
\texttt{getAuthClients} request to Bob's home AP, retrieving the MAC addresses
of all Bob's devices. These MAC addresses are uploaded to \wisefi{} server and
then forwarded to the \wisefi{} app on Alice's smartphone, which sends a
\texttt{setWhiteList} request to Alice's home AP to add all Bob's devices to its
white list. At this point, Bob can connect his any of his devices to Alice's
home AP using a dummy password\footnote{Here we assume all Bob's devices are
Jinghao Shi authored
105
associated with Bob's home AP when the \texttt{getAuthClients} request is sent. In
Jinghao Shi authored
106
practice, the grant process could be repeated several times to gradually
Jinghao Shi authored
107
include all Bob's devices.}. Later on, when the reciprocal sharing
Jinghao Shi authored
108
109
110
111
112
opportunity no long exists, the \wisefi{} server instructs Alice's smartphone to
perform another \texttt{setWhiteList} request to revoke Bob's access to Alice's
home AP by removing the MAC addresses of Bob's devices from the white list.

There are several advantages of this sharing approach. First, note that
Jinghao Shi authored
113
114
throughout the grant and revoke process, the \wifi{} credentials of Alice's home
AP are not shared with Bob or the \wisefi{} server, thus remain confidential.
Jinghao Shi authored
115
116
Second, revoking access of other \wisefi{} users simply requires a
\texttt{setWhiteList} request, without needing to change the user's home AP
Jinghao Shi authored
117
password. Furthermore, the \wisefi{} app can list other \wisefi{}
Jinghao Shi authored
118
users who are in a reciprocal sharing relationship and provide interfaces to let
Jinghao Shi authored
119
the
Jinghao Shi authored
120
121
user manually revoke access of other users if needed. Finally, this mechanism
does not require modifications of \wifi{} clients (except for installation of
Jinghao Shi authored
122
the \wisefi{} app) and only requires software updates at AP side, making it easy to
Jinghao Shi authored
123
124
deploy.  Once the sharing is established, protection and isolation can be
enforced at the AP side by differentiating two type of clients: authenticated
Jinghao Shi authored
125
clients (user's own devices) and white list clients (\wisefi{} devices).
Jinghao Shi authored
126
Therefore, such sharing mechanism meets both the control and protection goals.
Jinghao Shi authored
127
128
129
130
131


\subsection{Monitoring}
\label{subsec:monitoring}
Jinghao Shi authored
132
133
134
135
136
137
After the sharing is established, the system needs to monitor both \wifi{}
\textit{usage} and \textit{performance} of both parties to ensure that the
sharing remains reciprocal.  There are two reasons why this is necessary: one is
obvious and another is obscure.

First, it is obviously important to ensure that the sharing remains reciprocal
Jinghao Shi authored
138
to provide incentives for both parties to participate the sharing.
Jinghao Shi authored
139
For instance, suppose after the system has established reciprocal \wifi{} sharing
Jinghao Shi authored
140
141
142
between Alice and Bob, and Bob decides to deploy an extra AP at his home which
makes him no longer benefit from sharing Alice's home AP. The system should
monitor Bob's \wifi{} usage to detect the termination of the reciprocal
Jinghao Shi authored
143
relationship and revoke Alice's access to Bob's home AP accordingly.
Jinghao Shi authored
144
145
146
147
148

Second, the not so obvious reason is that, as mentioned in
Section~\ref{subsec:better}, \wifi{} signal strength is used as a hint to
identify potentially better APs. And it is well known that signal strength does
not directly translate to \wifi{} performance. Other factors, such as AP load,
Jinghao Shi authored
149
PHY data rate, interference, or \wifi{} generation (e.g., 802.11/g/n/ac), also affect the link quality
Jinghao Shi authored
150
yet can not be easily detected by the smartphone. Furthermore, last hop \wifi{}
Jinghao Shi authored
151
link quality does not necessarily determine the clients' overall end-to-end network
Jinghao Shi authored
152
performance. In fact, there is no way to predict whether the neighbor AP can
Jinghao Shi authored
153
indeed provide better network performance than the user's home AP until the sharing is
Jinghao Shi authored
154
actually established.
Jinghao Shi authored
155
Jinghao Shi authored
156
157
158
To measure the reciprocity in terms of network performance, standard performance
benchmarks, such as download/upload throughput, \texttt{ping} latency, or DNS
lookup, can be performed periodically by the \wisefi{} client. However, it is
Jinghao Shi authored
159
not trivial to monitor the network usage aspect of reciprocity from the vantage
Jinghao Shi authored
160
point of a single client: the smartphone's association time may not be
Jinghao Shi authored
161
representative of user's other wireless devices. For this purpose, we augment
Jinghao Shi authored
162
163
164
165
166
the AP configuration API proposed in Section~\ref{subsec:sharing} with one new
interface, \texttt{getWhiteListClents}, which returns the MAC addresses of
clients that associated with the AP through white list mechanism. These are the
clients of other \wisefi{} users that actively use the home AP. The \wisefi{}
app can then periodically issue \texttt{getWhiteListClents} requests to measure
Jinghao Shi authored
167
the sharing usage of other \wisefi{} users to ensure reciprocity.