WebPad Management Protocol D87526013 林瑞文 B87506017 黃振修

WebPad Management ProtocolWebPad Management Protocol

D87526013 林瑞文B87506017 黃振修

MotivationMotivation

Homework :-PManagement issues for mobile or

wide-spread devices

Working EnvironmentWorking Environment

Server side:– Central controlling Server on Win32– Monitor all the client directly

Client Side:– A client app running on mobile WebPad– Browser on WebPad must co-operate with the

client app– Browser ask the client app for access/deny list

Design CriteriaDesign Criteria

Feasible for mobile/low-power devices Not depending on other mechanisms Really help for MIS team Easy to implement & maintain Combining existing/popular applications

helping for management

Why Not SNMP?Why Not SNMP?

Not really simple ASN.1 Database (MIB) required Security issues

For MIS’ Point of ViewFor MIS’ Point of View

Collecting information from thin-client machines

Maintaining consistency and availability among clients

Offering online/real-time communication with users

DemandsDemands

Status reportShell commandsAccess list for Web BrowserMessage alertOnline update ICA/VNC serverResetSecurity

Protocol DesignProtocol Design

Manager v.s. Agent TCP/UDP: port 6147– Current implementation based on UDP.

Session continuation Packet formats– Readable Text/ Easy debugging

Commands & ResponsesCommands & Responses

Commands format– AGENT <agentid> [command] [paramater...]– MANAGER <managerid> [command]

[paramater...]– keyword FOLLOWING indicates line continuation

Responses format– <reply code> [reply string]– reply code is a 3 digit number, while reply string

contains information for advanced parsing

NegotiationNegotiation

Registration User login Communication security

– Server force client to UNREG or LOGOUT– Server migration due to failure– Directly give command to client by MIS for special

case ... Timeout policy

– 3 rounds of push & 1 round of polling– re-register while command failed with return code 510

Access list

AuthenticationAuthentication

Scheme NegotiationCurrently defined scheme– Listed clients– Password– Public Key– SSLv3

Requests 1/2Requests 1/2

Manager Side–ManagerMigration– RefreshAccessList– StatusReportPolling– StatusReportPush– DisplayMessageAlert– AgentReset– HardwareReset

Requests (2/2)Requests (2/2)

Manager Side– UpdateFirmware– LaunchApplication– ForceLogout

Agent Side– GetAccessList– OnlineHelp

Status ReportStatus Report

MIME format Polling or Push mode Report Items– ActivePage– StorageUtil– MemoryUtil– NetworkUtil– TotalUtil– UserStatics

Sample ConversationSample Conversation A: AGENT 0 REG pc1 ntucsie M: 200 Accepted. ManagerId=C7200AE7 AgentId=S4432768

M: MANAGER C7200AE7 AUTH SSLv3 A: 500 not supported currently.

M: MANAGER C7200AE7 RQST StatusReportPush 300000 A: 200 Sending status report every 5 minutes.

M: MANAGER C7200AE7 RQST RefreshAccessList FOLLOWING deny all . A: 200 Access list accepted.

.... 17 minutes later A: AGENT S4432768 LOGIN kevin M: 200 User kevin added to online list.

Sample ConversationSample Conversation M: MANAGER C7200AE7 RQST RefreshAccessList FOLLOWING allow all deny www.geocities.com . A: 200 Access list updated.

..... five minutes later A: AGENT S4432768 REPO FOLLOWING ActivePage: http://www.hinet.net/index.html MemoryUtil: 75 UserOnline: kevin . M: 200 Report received. Good boy. :)

.... 3 hours later A: UNREG C7200AE7 M: 200 Agent pc1/ntucsie quit.

Implementation Issues for AgentsImplementation Issues for Agents

iCava Webpads– Linux kernel & proprietary window system– Full TCP/IP implementation– Complete SDK & Windows Emulator

Threads– 2 threads for listening & sending reports– commands & responses parsing

Implementation Issues for AgentsImplementation Issues for Agents

Access List– Client side receive the access list from

server– Browser on WebPad deny or allow

some pages viewed by userSSLv3

Implementation Issues for Implementation Issues for Managers (1/2)Managers (1/2)

Manager is written by BCB.Why Java ?– Java can run on everywhere.– Java’s java.net.* package is simple and

ease to use.– BUT, I’m not familiar with Java AWT. So

GUI design is difficult.

Implementation Issues for Implementation Issues for Managers (2/2)Managers (2/2)

Why BCB ?– BCB’s RAD environment is convenient– BCB’s VCL component is also easy to

program.– Deed not to care about the thread detail (the

event driven do this for you)

Possible improvement– Port the Manager to Java, so it can run on

anywhere, even server side is also a mobile device or embedded system

Conclusion & Future WorksConclusion & Future Works

Meets our requirementIncomplete Implementation– Authentication– Security issue

Load balancingGrouping– Group management policy