summaryrefslogtreecommitdiffstats
path: root/notFinishedCode/Report
diff options
context:
space:
mode:
Diffstat (limited to 'notFinishedCode/Report')
-rw-r--r--notFinishedCode/Report/bb.jpgbin0 -> 100471 bytes
-rw-r--r--notFinishedCode/Report/test.aux16
-rw-r--r--notFinishedCode/Report/test.log60
-rw-r--r--notFinishedCode/Report/test.pdfbin423866 -> 545721 bytes
-rw-r--r--notFinishedCode/Report/test.tex72
-rw-r--r--notFinishedCode/Report/test.tex.backup58
-rw-r--r--notFinishedCode/Report/test.tex~71
-rw-r--r--notFinishedCode/Report/test.toc7
8 files changed, 203 insertions, 81 deletions
diff --git a/notFinishedCode/Report/bb.jpg b/notFinishedCode/Report/bb.jpg
new file mode 100644
index 0000000..1118f4c
--- /dev/null
+++ b/notFinishedCode/Report/bb.jpg
Binary files differ
diff --git a/notFinishedCode/Report/test.aux b/notFinishedCode/Report/test.aux
index 5a86c8f..af65120 100644
--- a/notFinishedCode/Report/test.aux
+++ b/notFinishedCode/Report/test.aux
@@ -8,13 +8,17 @@
\@writefile{toc}{\contentsline {section}{\numberline {3}Introduction}{5}}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.1}Usage}{5}}
\@writefile{toc}{\contentsline {section}{\numberline {4}Design}{6}}
+\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces }}{6}}
\@writefile{toc}{\contentsline {section}{\numberline {5}Protocol}{7}}
-\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces }}{7}}
\@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces }}{7}}
\@writefile{lof}{\contentsline {figure}{\numberline {3}{\ignorespaces }}{7}}
-\@writefile{toc}{\contentsline {section}{\numberline {6}Encryption of data}{8}}
-\@writefile{toc}{\contentsline {section}{\numberline {7}Web page}{9}}
-\@writefile{lof}{\contentsline {figure}{\numberline {4}{\ignorespaces }}{9}}
-\@writefile{toc}{\contentsline {section}{\numberline {8}Conclusion}{10}}
+\@writefile{lof}{\contentsline {figure}{\numberline {4}{\ignorespaces }}{7}}
+\citation{sshTunnel}
+\@writefile{toc}{\contentsline {section}{\numberline {6}Security and safety of the test system}{8}}
+\@writefile{toc}{\contentsline {subsection}{\numberline {6.1}Encryption of the communication channels}{8}}
+\@writefile{toc}{\contentsline {section}{\numberline {7}Web page}{10}}
+\@writefile{lof}{\contentsline {figure}{\numberline {5}{\ignorespaces }}{10}}
+\@writefile{toc}{\contentsline {section}{\numberline {8}Conclusion}{11}}
\bibcite{site1}{1}
-\newlabel{LastPage}{{}{11}}
+\bibcite{sshTunnel}{2}
+\newlabel{LastPage}{{}{12}}
diff --git a/notFinishedCode/Report/test.log b/notFinishedCode/Report/test.log
index ac5c964..9239725 100644
--- a/notFinishedCode/Report/test.log
+++ b/notFinishedCode/Report/test.log
@@ -1,4 +1,4 @@
-This is pdfTeX, Version 3.1415926-1.40.10 (TeX Live 2009/Debian) (format=pdflatex 2011.9.27) 5 OCT 2011 12:30
+This is pdfTeX, Version 3.1415926-1.40.10 (TeX Live 2009/Debian) (format=pdflatex 2011.9.27) 5 OCT 2011 16:24
entering extended mode
%&-line parsing enabled.
**test.tex
@@ -219,10 +219,7 @@ Style option: `fancyvrb' v2.7a, with DG/SPQR fixes, and firstline=lastline fix
\c@FancyVerbLine=\count99
\FV@StepNumber=\count100
\FV@OutFile=\write3
-) (/usr/share/texmf-texlive/tex/latex/listings/lstlang1.sty
-File: lstlang1.sty 2004/09/05 1.3 listings language file
-)
-(./test.aux)
+) (./test.aux)
\openout1 = `test.aux'.
LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 73.
@@ -237,7 +234,8 @@ LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 73.
LaTeX Font Info: ... okay on input line 73.
LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 73.
LaTeX Font Info: ... okay on input line 73.
- (/usr/share/texmf/tex/context/base/supp-pdf.mkii
+
+(/usr/share/texmf/tex/context/base/supp-pdf.mkii
[Loading MPS to PDF converter (version 2006.09.02).]
\scratchcounter=\count101
\scratchdimen=\dimen110
@@ -289,58 +287,60 @@ Class scrartcl Info: You've told me to use the font selection of the element
(scrartcl) on input line 8.
Class scrartcl Info: You've told me to use the font selection of the element
(scrartcl) `sectioning' that is an alias of element `disposition'
-(scrartcl) on input line 9.
+(scrartcl) on input line 10.
Class scrartcl Info: You've told me to use the font selection of the element
(scrartcl) `sectioning' that is an alias of element `disposition'
-(scrartcl) on input line 10.
+(scrartcl) on input line 11.
)
\tf@toc=\write4
\openout4 = `test.toc'.
[2] [3]
-[4] [5] [6]
-<protocolCommunicationHandler.png, id=29, 2486.93823pt x 792.13588pt>
+[4] [5] <bb.jpg, id=26, 521.95pt x 516.93124pt>
+File: bb.jpg Graphic file (type jpg)
+ <use bb.jpg> [6 <./bb.jpg>]
+<protocolCommunicationHandler.png, id=30, 2486.93823pt x 792.13588pt>
File: protocolCommunicationHandler.png Graphic file (type png)
<use protocolCommunicationHandler.png>
-<protocolCommunicationcControllerReceiver.png, id=30, 1808.16705pt x 766.62883p
+<protocolCommunicationcControllerReceiver.png, id=31, 1808.16705pt x 766.62883p
t>
File: protocolCommunicationcControllerReceiver.png Graphic file (type png)
<use protocolCommunicationcControllerReceiver.png>
-<protocolCommunicationcControllerCaller.png, id=31, 1808.16705pt x 766.62883pt>
+<protocolCommunicationcControllerCaller.png, id=32, 1808.16705pt x 766.62883pt>
File: protocolCommunicationcControllerCaller.png Graphic file (type png)
<use protocolCommunicationcControllerCaller.png> [7 <./protocolCommunicationHan
dler.png (PNG copy)> <./protocolCommunicationcControllerReceiver.png (PNG copy)
-> <./protocolCommunicationcControllerCaller.png (PNG copy)>]
+> <./protocolCommunicationcControllerCaller.png (PNG copy)>] [8]
LaTeX Font Info: External font `cmex10' loaded for size
-(Font) <9> on input line 148.
+(Font) <9> on input line 154.
LaTeX Font Info: External font `cmex10' loaded for size
-(Font) <5> on input line 148.
- [8]
-<resultsImage.png, id=41, 702.625pt x 431.6125pt>
+(Font) <5> on input line 154.
+ [9]
+<resultsImage.png, id=45, 702.625pt x 431.6125pt>
File: resultsImage.png Graphic file (type png)
<use resultsImage.png>
-[9 <./resultsImage.png (PNG copy)>] [10]
-LaTeX Font Info: Try loading font information for T1+cmtt on input line 174.
+[10 <./resultsImage.png (PNG copy)>] [11]
+LaTeX Font Info: Try loading font information for T1+cmtt on input line 209.
(/usr/share/texmf-texlive/tex/latex/base/t1cmtt.fd
File: t1cmtt.fd 1999/05/25 v2.5h Standard LaTeX font definitions
)
LaTeX Font Info: External font `cmex10' loaded for size
-(Font) <14.4> on input line 174.
+(Font) <14.4> on input line 209.
LaTeX Font Info: External font `cmex10' loaded for size
-(Font) <7> on input line 174.
+(Font) <7> on input line 209.
-AED: lastpage setting LastPage [11] (./test.aux) )
+AED: lastpage setting LastPage [12] (./test.aux) )
Here is how much of TeX's memory you used:
- 4956 strings out of 495061
- 68425 string characters out of 1182621
- 236477 words of memory out of 3000000
- 8075 multiletter control sequences out of 15000+50000
+ 4858 strings out of 495061
+ 67162 string characters out of 1182621
+ 254247 words of memory out of 3000000
+ 7980 multiletter control sequences out of 15000+50000
18637 words of font info for 45 fonts, out of 3000000 for 9000
28 hyphenation exceptions out of 8191
- 36i,10n,45p,753b,1180s stack positions out of 5000i,500n,10000p,200000b,50000s
+ 36i,10n,45p,753b,1088s stack positions out of 5000i,500n,10000p,200000b,50000s
</home/refik/.texmf-var/font
s/pk/ljfour/jknappen/ec/ectt1440.600pk> </home/refik/.texmf-var/fonts/pk/ljfour
/jknappen/ec/ecti1440.600pk> </home/refik/.texmf-var/fonts/pk/ljfour/jknappen/e
@@ -352,9 +352,9 @@ nts/pk/ljfour/jknappen/ec/ecsx1440.600pk> </home/refik/.texmf-var/fonts/pk/ljfo
ur/jknappen/ec/ecsl1095.600pk> </home/refik/.texmf-var/fonts/pk/ljfour/jknappen
/ec/ecrm1200.600pk> </home/refik/.texmf-var/fonts/pk/ljfour/jknappen/ec/ecrm172
8.600pk></usr/share/texmf-texlive/fonts/type1/public/amsfonts/cm/cmsy9.pfb>
-Output written on test.pdf (11 pages, 423866 bytes).
+Output written on test.pdf (12 pages, 545721 bytes).
PDF statistics:
- 462 PDF objects out of 1000 (max. 8388607)
+ 513 PDF objects out of 1000 (max. 8388607)
0 named destinations out of 1000 (max. 500000)
- 26 words of extra memory for PDF output out of 10000 (max. 10000000)
+ 31 words of extra memory for PDF output out of 10000 (max. 10000000)
diff --git a/notFinishedCode/Report/test.pdf b/notFinishedCode/Report/test.pdf
index 5c490fa..3b1c675 100644
--- a/notFinishedCode/Report/test.pdf
+++ b/notFinishedCode/Report/test.pdf
Binary files differ
diff --git a/notFinishedCode/Report/test.tex b/notFinishedCode/Report/test.tex
index 7bfd079..c4cbed6 100644
--- a/notFinishedCode/Report/test.tex
+++ b/notFinishedCode/Report/test.tex
@@ -40,13 +40,13 @@
%DEFINE THE STUFF FOR CODE
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\lstset{ %
-language=Python, % choose the language of the code
+%language=Python, % choose the language of the code
columns=fullflexible,
keywordstyle=\color[rgb]{0.608,0.561,0.008},
commentstyle=\color[rgb]{0.25,0.5,0.35},
stringstyle=\color[rgb]{0.25,0.35,0.85},
basicstyle=\footnotesize,%\scriptsize % the size of the fonts that are used for the code
-numbers=left, % where to put the line-numbers
+%numbers=left, % where to put the line-numbers
numberstyle=\footnotesize, % the size of the fonts that are used for the line-numbers
stepnumber=1, % the step between two line-numbers. If it is 1 each line will be numbered
numbersep=8pt, % how far the line-numbers are from the code
@@ -108,6 +108,11 @@ Gradually we implemented a bit-by-bit of the final software. Every single step w
\subsection{Usage} % subsection 2.1.1
\newpage
\section{Design}
+\begin{figure}[hb!]
+ \centering
+ \includegraphics[width=130mm]{bb.jpg}
+ \caption[]{BeagleBoard, a linux-on-chip board where our controller software runs the GSM device }
+\end{figure}
\newpage
\section{Protocol}
@@ -130,29 +135,59 @@ Gradually we implemented a bit-by-bit of the final software. Every single step w
\end{figure}
%\newpage
-\section{Encryption of data}
+\section{Security and safety of the test system}
+\Large Safety and security of the software plays a major role in our project.
+It is of vital importance that only as few as possible people have access to our test system since the resulting data could be exploited to plan an attack
+(e.g. assume the University alarm system uses the SIP gateway to connect to the outside world and to alarm the police, if one knows that the SIP gateway is not working properly, a burglar could plan to rob the University building just at that moment.) Therefore the choice to go Open Source is justified due to the fact that one should know how every single detail of the system works.
+All the time, while we were working on the project, we were made aware of this issue by Denis and Konrad.
+We decided to use asymmetric key cryptography, where each side has two keys (private and public.) In the next sections we will explain in more details how we applied the methods.
+\subsection{Encryption of the communication channels}
+At first we thoought to encrypt the data before sending them but since none of us was an expert on encryption standards the idea was rejected. Alongside the fact that none of us had been an expert in the field of cryptography, we were not experts in the field of internet programming either. One could find maybe a way to disable our server software with various hacking methods (e.g.
+trying to open the port until the system runs out of memory and in our case the system which we used on the server side was a BeagleBoard with ARM architecture running on a single chip TI OMAP processor, refer to the picture on figure 1.)
+We had to eliminate even the slightest possible threat in return for spending more time for debugging the test software system. Despite we were aware of all these facts, we had to choose one of the plenty implemented encryption standards on Linux.
+Denis and Konrad suggested using the SSH Tunneling method. Using the SSH Tunneling method we could hide the real port we use for our socket connection on the other hand we could force the socket to accept only local connections (i.e. from the machine where the handler software was running.)
+The first problem we faced was that SSH required a username and password, everytime we created an SSH Tunnel. We could avoid this problem by copying the public key from our server (where our test software runs) to the BeagleBoard \cite{sshTunnel}.
+This can be performed by executing the following commands in the terminal shell.
+One has to create first the private and public keys on the local machine(i.e. server machine, where the test software runs):
+
\begin{lstlisting}
-import subprocess
-import string
+jsmith@local-host$ [Note: You are on local-host here]
+
+jsmith@local-host$ ssh-keygen
+Generating public/private rsa key pair.
+Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
+Enter passphrase (empty for no passphrase): [Press enter key]
+Enter same passphrase again: [Pess enter key]
+Your identification has been saved in /home/jsmith/.ssh/id_rsa.
+Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
+The key fingerprint is:
+33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9 jsmith@local-host
+\end{lstlisting}
+
+Then one needs to copy the public key to the remote machine (BeagleBoard) using ssh-copy-id:
-class Ping:
+\begin{lstlisting}
+jsmith@local-host$ ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
+jsmith@remote-host's password:
+Now try logging into the machine, with "ssh 'remote-host'", and check in:
- def __init__(self, pingAddress):
- self.pingAddress = pingAddress
+.ssh/authorized_keys
- def ping(self,numberTries):
- tried = 1
- while numberTries >= tried:
- tried += 1
- #the parameter c 1 means only one ping to be sent, parameter W 3 means how many seconds the time out should be, 3 seconds
- ping_cmd = subprocess.Popen(['ping', self.pingAddress, '-c', '1', '-W', '2'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT).communicate()[0]
-b
- pingAlive = int(string.find(ping_cmd, '1 received'))
- unknownHost = int(string.find(ping_cmd, 'unknown host'))
+to make sure we haven't added extra keys that you weren't expecting.
+\end{lstlisting}
+After we have created the public and private keys, and coppied the public key on the machine to which we want to connect, we can test if we can make an SSH connection to the remote machine:
+\begin{lstlisting}
+jsmith@local-host$ ssh remote-host
+Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
+[Note: SSH did not ask for password.]
+jsmith@remote-host$ [Note: You are on remote-host here]
\end{lstlisting}
+
+
+
\newpage
\section{Web page}
@@ -172,6 +207,9 @@ b
\bibitem{site1} H. Simpson, \emph{Proof of the Riemann
Hypothesis}, preprint (2003), available at
\url{http://www.math.drofnats.edu/riemann.ps}.
+
+\bibitem{sshTunnel} R. Natarajan, \emph{3 Steps to perform SSH login without password using ssh-keygen \& ssh-copy-id}, accessed on 18.08.2011, available at
+\url{http://goo.gl/fX68N}.
%bibliography end
\end{thebibliography}
diff --git a/notFinishedCode/Report/test.tex.backup b/notFinishedCode/Report/test.tex.backup
index 61834ed..6cfdbbe 100644
--- a/notFinishedCode/Report/test.tex.backup
+++ b/notFinishedCode/Report/test.tex.backup
@@ -98,20 +98,56 @@ Prof. Dr. Gerhard Schneider\\ \vspace{1\baselineskip} Supervisors: \\ Konrad Mei
% first chapter
\section{Introduction and Motivation} % chapter 1
-\Large In the following report, the authors will try to give you a brief insight into our team project. The goal of our project was to develop a mechanism for automatic testing of our University Telecommunication network. The Telecommunication network of University of Freiburg consists of our own internal: GSM and telephone network systems; GSM redirecting device (if one initiates a call to one of the four external GSM networks, it redirects the calls to: T-mobile, 02, Vodaphone or E-Plus); a SIP gateway for landline calls inside of Germany (sipgate.de) and international calls. Since we did not have access to internal servers, our strategy was to exploit the existing systems and infer the results out of our findings.
+\Large In the following report, the authors will try to give you a brief insight into our team project. The goal of our project was to develop a mechanism for automatic testing of our University Telecommunication network. The Telecommunication network of University of Freiburg consists of: our own internal GSM and telephone network systems; GSM redirecting device (if one initiates a call to one of the four external GSM networks, it redirects the calls to: T-mobile, 02, Vodaphone or E-Plus); a SIP gateway for landline calls inside of Germany (sipgate.de) and international calls. Since we did not have access to internal servers, our strategy was to exploit the existing systems and infer the results out of our findings.
Before we had started working on our project, we had to analyze the overall network to come up with test cases that contain the highest information content. The next step in our procedure was to implement our ideas into a working piece of software.
-Gradually we implemented a bit-by-bit of the final software. Every single implementation was accompanied by testing and validation procedures. At the end we implemented all the ``black-boxes'' into one big piece of software.
+Gradually we implemented a bit-by-bit of the final software. Every single step was accompanied by testing and validation procedures. At the end we connected all the ``black-boxes'' into one big piece of software. We have fulfilled our requests and goals and made a fully working and operable test software. Despite developing a working software, all the way along we thought about the simplicity of the usage of the software. In the following chapters we will describe in more detail our approach and how each subsystem works.
\newpage
\section{Software concept} % chapter 2
\newpage
\section{Introduction} % section 2.1
-\newpage
\subsection{Usage} % subsection 2.1.1
+\newpage
\section{Design}
+\begin{figure}[hb!]
+ \centering
+ \includegraphics[width=130mm]{bb.jpg}
+ \caption[]{BeagleBoard, a linux-on-chip board where our controller software runs the GSM device }
+\end{figure}
\newpage
\section{Protocol}
-\newpage
-\section{Encryption of data}
+
+\begin{figure}[hb!]
+ \centering
+ \includegraphics[width=130mm]{protocolCommunicationHandler.png}
+ \caption[]{Flowchart of the protocol, on the handler side}
+\end{figure}
+
+\begin{figure}[hb!]
+ \centering
+ \includegraphics[width=130mm]{protocolCommunicationcControllerReceiver.png}
+ \caption[]{Flowchart of the protocol, on the controller side for the caller}
+\end{figure}
+
+\begin{figure}[hb!]
+ \centering
+ \includegraphics[width=130mm]{protocolCommunicationcControllerCaller.png}
+ \caption[]{Flowchart of the protocol, on the controller side for the receiver}
+\end{figure}
+
+%\newpage
+\section{Security and safety of the test system}
+\Large Safety and security of the software plays a major role in our project.
+It is of vital importance that only as few as possible people have access to our test system since the resulting data could be exploited to plan an attack
+(e.g. assume the University alarm system uses the SIP gateway to connect to the outside world and to alarm the police, if one knows that the SIP gateway is not working properly, a burglar could plan to rob the University building just at that moment.) Therefore the choice to go Open Source is justified due to the fact that one should know how every single detail of the system works.
+All the time, while we were working on the project, we were made aware of this issue by Denis and Konrad.
+We decided to use asymmetric key cryptography, where each side has two keys (private and public.) In the next sections we will explain in more details how we applied the methods.
+\subsection{Encryption of the communication channels}
+At first we thoought to encrypt the data before sending them but since none of us was an expert on encryption standards the idea was rejected. Alongside the fact that none of us had been an expert in the field of cryptography, we were not experts in the field of internet programming either. One could find maybe a way to disable our server software with various hacking methods (e.g.
+trying to open the port until the system runs out of memory and in our case the system which we used on the server side was a BeagleBoard with ARM architecture running on a single chip TI OMAP processor, refer to the picture on figure 1.)
+We had to eliminate even the slightest possible threat in return for spending more time for debugging the test software system. Despite we were aware of all these facts, we had to choose one of the plenty implemented encryption standards on Linux.
+Denis and Konrad suggested using the SSH Tunneling method. Using the SSH Tunneling method we could hide the real port we use for our socket connection on the other hand we could force the socket to accept only local connections (i.e. from the machine where the handler software was running.)
+The first problem we faced was that SSH required a username and password everytime we created an SSH Tunnel. We solved this problem by copying the public key from our server (where our test software runs) to the BeagleBoard \cite{sshTunnel}.
+This can be performed by executing the following commands in the terminal shell.
\begin{lstlisting}
import subprocess
import string
@@ -127,7 +163,7 @@ class Ping:
tried += 1
#the parameter c 1 means only one ping to be sent, parameter W 3 means how many seconds the time out should be, 3 seconds
ping_cmd = subprocess.Popen(['ping', self.pingAddress, '-c', '1', '-W', '2'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT).communicate()[0]
-
+b
pingAlive = int(string.find(ping_cmd, '1 received'))
unknownHost = int(string.find(ping_cmd, 'unknown host'))
@@ -136,6 +172,13 @@ class Ping:
\end{lstlisting}
\newpage
\section{Web page}
+
+\begin{figure}[hb!]
+ \centering
+ \includegraphics[width=100mm]{resultsImage.png}
+ \caption[]{Result image showing working, defected and not tested subsystems}
+\end{figure}
+
\newpage
\section{Conclusion}
\newpage
@@ -147,6 +190,9 @@ class Ping:
Hypothesis}, preprint (2003), available at
\url{http://www.math.drofnats.edu/riemann.ps}.
+\bibitem{sshTunnel} R. Natarajan, \emph{3 Steps to perform SSH login without password using ssh-keygen \& ssh-copy-id}, accessed on 18.08.2011, available at
+\url{http://www.thegeekstuff.com/2008/11/3-steps-to-perform-ssh-login-without-password-using-ssh-keygen-ssh-copy-id/}.
+
%bibliography end
\end{thebibliography}
diff --git a/notFinishedCode/Report/test.tex~ b/notFinishedCode/Report/test.tex~
index 7a0980b..b2924fa 100644
--- a/notFinishedCode/Report/test.tex~
+++ b/notFinishedCode/Report/test.tex~
@@ -40,13 +40,13 @@
%DEFINE THE STUFF FOR CODE
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\lstset{ %
-language=Python, % choose the language of the code
+%language=Python, % choose the language of the code
columns=fullflexible,
keywordstyle=\color[rgb]{0.608,0.561,0.008},
commentstyle=\color[rgb]{0.25,0.5,0.35},
stringstyle=\color[rgb]{0.25,0.35,0.85},
basicstyle=\footnotesize,%\scriptsize % the size of the fonts that are used for the code
-numbers=left, % where to put the line-numbers
+%numbers=left, % where to put the line-numbers
numberstyle=\footnotesize, % the size of the fonts that are used for the line-numbers
stepnumber=1, % the step between two line-numbers. If it is 1 each line will be numbered
numbersep=8pt, % how far the line-numbers are from the code
@@ -108,6 +108,11 @@ Gradually we implemented a bit-by-bit of the final software. Every single step w
\subsection{Usage} % subsection 2.1.1
\newpage
\section{Design}
+\begin{figure}[hb!]
+ \centering
+ \includegraphics[width=130mm]{bb.jpg}
+ \caption[]{BeagleBoard, a linux-on-chip board where our controller software runs the GSM device }
+\end{figure}
\newpage
\section{Protocol}
@@ -129,30 +134,55 @@ Gradually we implemented a bit-by-bit of the final software. Every single step w
\caption[]{Flowchart of the protocol, on the controller side for the receiver}
\end{figure}
-\newpage
-\section{Encryption of data}
+%\newpage
+\section{Security and safety of the test system}
+\Large Safety and security of the software plays a major role in our project.
+It is of vital importance that only as few as possible people have access to our test system since the resulting data could be exploited to plan an attack
+(e.g. assume the University alarm system uses the SIP gateway to connect to the outside world and to alarm the police, if one knows that the SIP gateway is not working properly, a burglar could plan to rob the University building just at that moment.) Therefore the choice to go Open Source is justified due to the fact that one should know how every single detail of the system works.
+All the time, while we were working on the project, we were made aware of this issue by Denis and Konrad.
+We decided to use asymmetric key cryptography, where each side has two keys (private and public.) In the next sections we will explain in more details how we applied the methods.
+\subsection{Encryption of the communication channels}
+At first we thoought to encrypt the data before sending them but since none of us was an expert on encryption standards the idea was rejected. Alongside the fact that none of us had been an expert in the field of cryptography, we were not experts in the field of internet programming either. One could find maybe a way to disable our server software with various hacking methods (e.g.
+trying to open the port until the system runs out of memory and in our case the system which we used on the server side was a BeagleBoard with ARM architecture running on a single chip TI OMAP processor, refer to the picture on figure 1.)
+We had to eliminate even the slightest possible threat in return for spending more time for debugging the test software system. Despite we were aware of all these facts, we had to choose one of the plenty implemented encryption standards on Linux.
+Denis and Konrad suggested using the SSH Tunneling method. Using the SSH Tunneling method we could hide the real port we use for our socket connection on the other hand we could force the socket to accept only local connections (i.e. from the machine where the handler software was running.)
+The first problem we faced was that SSH required a username and password, everytime we created an SSH Tunnel. We could avoid this problem by copying the public key from our server (where our test software runs) to the BeagleBoard \cite{sshTunnel}.
+This can be performed by executing the following commands in the terminal shell.
+One has to create first the private and public keys on the local machine(i.e. server machine, where the test software runs):
+\begin{lstlisting}
+jsmith@local-host$ [Note: You are on local-host here]
+
+jsmith@local-host$ ssh-keygen
+Generating public/private rsa key pair.
+Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
+Enter passphrase (empty for no passphrase): [Press enter key]
+Enter same passphrase again: [Pess enter key]
+Your identification has been saved in /home/jsmith/.ssh/id_rsa.
+Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
+The key fingerprint is:
+33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9 jsmith@local-host
+\end{lstlisting}
+Then one needs to copy the public key to the remote machine (BeagleBoard) using ssh-copy-id:
\begin{lstlisting}
-import subprocess
-import string
+jsmith@local-host$ ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
+jsmith@remote-host's password:
+Now try logging into the machine, with "ssh 'remote-host'", and check in:
-class Ping:
+.ssh/authorized_keys
- def __init__(self, pingAddress):
- self.pingAddress = pingAddress
+to make sure we haven't added extra keys that you weren't expecting.
+\end{lstlisting}
+After we have created the public and private keys, and coppied the public key on the machine to which we want to connect, we can test if we can make an SSH connection to the remote machine:
+\begin{lstlisting}
+jsmith@local-host$ ssh remote-host
+Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
+[Note: SSH did not ask for password.]
- def ping(self,numberTries):
- tried = 1
- while numberTries >= tried:
- tried += 1
- #the parameter c 1 means only one ping to be sent, parameter W 3 means how many seconds the time out should be, 3 seconds
- ping_cmd = subprocess.Popen(['ping', self.pingAddress, '-c', '1', '-W', '2'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT).communicate()[0]
-b
- pingAlive = int(string.find(ping_cmd, '1 received'))
- unknownHost = int(string.find(ping_cmd, 'unknown host'))
+jsmith@remote-host$ [Note: You are on remote-host here]
+\end{lstlisting}
-\end{lstlisting}
\newpage
\section{Web page}
@@ -172,6 +202,9 @@ b
\bibitem{site1} H. Simpson, \emph{Proof of the Riemann
Hypothesis}, preprint (2003), available at
\url{http://www.math.drofnats.edu/riemann.ps}.
+
+\bibitem{sshTunnel} R. Natarajan, \emph{3 Steps to perform SSH login without password using ssh-keygen \& ssh-copy-id}, accessed on 18.08.2011, available at
+\url{http://goo.gl/fX68N}.
%bibliography end
\end{thebibliography}
diff --git a/notFinishedCode/Report/test.toc b/notFinishedCode/Report/test.toc
index 1eef649..057396b 100644
--- a/notFinishedCode/Report/test.toc
+++ b/notFinishedCode/Report/test.toc
@@ -5,6 +5,7 @@
\contentsline {subsection}{\numberline {3.1}Usage}{5}
\contentsline {section}{\numberline {4}Design}{6}
\contentsline {section}{\numberline {5}Protocol}{7}
-\contentsline {section}{\numberline {6}Encryption of data}{8}
-\contentsline {section}{\numberline {7}Web page}{9}
-\contentsline {section}{\numberline {8}Conclusion}{10}
+\contentsline {section}{\numberline {6}Security and safety of the test system}{8}
+\contentsline {subsection}{\numberline {6.1}Encryption of the communication channels}{8}
+\contentsline {section}{\numberline {7}Web page}{10}
+\contentsline {section}{\numberline {8}Conclusion}{11}