Upload
tamsin-jones
View
237
Download
0
Embed Size (px)
Citation preview
WebPad Management ProtocolWebPad Management Protocol
D87526013 林瑞文B87506017 黃振修
MotivationMotivation
Homework :-PManagement issues for mobile or
wide-spread devices
Working EnvironmentWorking Environment
Server side:– Central controlling Server on Win32– Monitor all the client directly
Client Side:– A client app running on mobile WebPad– Browser on WebPad must co-operate with the
client app– Browser ask the client app for access/deny list
Design CriteriaDesign Criteria
Feasible for mobile/low-power devices Not depending on other mechanisms Really help for MIS team Easy to implement & maintain Combining existing/popular applications
helping for management
Why Not SNMP?Why Not SNMP?
Not really simple ASN.1 Database (MIB) required Security issues
For MIS’ Point of ViewFor MIS’ Point of View
Collecting information from thin-client machines
Maintaining consistency and availability among clients
Offering online/real-time communication with users
DemandsDemands
Status reportShell commandsAccess list for Web BrowserMessage alertOnline update ICA/VNC serverResetSecurity
Protocol DesignProtocol Design
Manager v.s. Agent TCP/UDP: port 6147– Current implementation based on UDP.
Session continuation Packet formats– Readable Text/ Easy debugging
Commands & ResponsesCommands & Responses
Commands format– AGENT <agentid> [command] [paramater...]– MANAGER <managerid> [command]
[paramater...]– keyword FOLLOWING indicates line continuation
Responses format– <reply code> [reply string]– reply code is a 3 digit number, while reply string
contains information for advanced parsing
NegotiationNegotiation
Registration User login Communication security
– Server force client to UNREG or LOGOUT– Server migration due to failure– Directly give command to client by MIS for special
case ... Timeout policy
– 3 rounds of push & 1 round of polling– re-register while command failed with return code 510
Access list
AuthenticationAuthentication
Scheme NegotiationCurrently defined scheme– Listed clients– Password– Public Key– SSLv3
Requests 1/2Requests 1/2
Manager Side–ManagerMigration– RefreshAccessList– StatusReportPolling– StatusReportPush– DisplayMessageAlert– AgentReset– HardwareReset
Requests (2/2)Requests (2/2)
Manager Side– UpdateFirmware– LaunchApplication– ForceLogout
Agent Side– GetAccessList– OnlineHelp
Status ReportStatus Report
MIME format Polling or Push mode Report Items– ActivePage– StorageUtil– MemoryUtil– NetworkUtil– TotalUtil– UserStatics
Sample ConversationSample Conversation A: AGENT 0 REG pc1 ntucsie M: 200 Accepted. ManagerId=C7200AE7 AgentId=S4432768
M: MANAGER C7200AE7 AUTH SSLv3 A: 500 not supported currently.
M: MANAGER C7200AE7 RQST StatusReportPush 300000 A: 200 Sending status report every 5 minutes.
M: MANAGER C7200AE7 RQST RefreshAccessList FOLLOWING deny all . A: 200 Access list accepted.
.... 17 minutes later A: AGENT S4432768 LOGIN kevin M: 200 User kevin added to online list.
Sample ConversationSample Conversation M: MANAGER C7200AE7 RQST RefreshAccessList FOLLOWING allow all deny www.geocities.com . A: 200 Access list updated.
..... five minutes later A: AGENT S4432768 REPO FOLLOWING ActivePage: http://www.hinet.net/index.html MemoryUtil: 75 UserOnline: kevin . M: 200 Report received. Good boy. :)
.... 3 hours later A: UNREG C7200AE7 M: 200 Agent pc1/ntucsie quit.
Implementation Issues for AgentsImplementation Issues for Agents
iCava Webpads– Linux kernel & proprietary window system– Full TCP/IP implementation– Complete SDK & Windows Emulator
Threads– 2 threads for listening & sending reports– commands & responses parsing
Implementation Issues for AgentsImplementation Issues for Agents
Access List– Client side receive the access list from
server– Browser on WebPad deny or allow
some pages viewed by userSSLv3
Implementation Issues for Implementation Issues for Managers (1/2)Managers (1/2)
Manager is written by BCB.Why Java ?– Java can run on everywhere.– Java’s java.net.* package is simple and
ease to use.– BUT, I’m not familiar with Java AWT. So
GUI design is difficult.
Implementation Issues for Implementation Issues for Managers (2/2)Managers (2/2)
Why BCB ?– BCB’s RAD environment is convenient– BCB’s VCL component is also easy to
program.– Deed not to care about the thread detail (the
event driven do this for you)
Possible improvement– Port the Manager to Java, so it can run on
anywhere, even server side is also a mobile device or embedded system
Conclusion & Future WorksConclusion & Future Works
Meets our requirementIncomplete Implementation– Authentication– Security issue
Load balancingGrouping– Group management policy