Extended personal media networks (XPMN) [Elektronische Ressource] / by Dirk Meyer

ThesisDoctoral

by

Dirk

yerMe

Extended

ersonalP

orksNetwMedia

(XPMN)

–.-Ing.rD–

Ingenieurwissenschaften”der“Doktor

of

dgreee

a

for

requirementsthefulfillto

Submitted

200916,embervNo

Universit¨atBremen

Fachbereich3(MathematikundInformatik)

at

Colloquium

wers:vieRe

Defense):(Thesis

Copyright2009,DirkMeyer.Licensed

to

Prof.

Prof.

.-Ing.Dr

Carsten

Bormann

ersitv(Uni

at¨

Bremen)

Bremen)

Bremen)

Dr.RainerMalaka(Universit¨atBremen)

20104,March

thepublicunderCreativeCommonsAttribution-Noncommercial-No

DerivativeWorks3.0GermanyLicense.

Abstract

TTheoday,recentconsumersyearshavstoreebroughttheirmediamanydigitallychangestoandtheaccesswaythemconsumersusinginteractmultiplewithdevices;mediatheassets.role
noofthegenericmobilearchitecturephoneasforaunithevversalariousdecontrolvicesandathomeplaybackanddeonvicetheisstillInternetgrotowing.interactYet,withthereeachis
.otherIncorethisofanthesis,weExtendedenhancePrivatetheMediaExtensibleNetworkMessaging(XPMN).andPrEssentiallyesence,Prweotocolcreate(XMPP)antoend-to-endbethe
securitybetweenlayerclients,forkXMPPeepingprousabilityvidingconstrainsconfidentialityfor,bothdatatheintegrityend-user,andandpeerthedentityeveloperinauthenticationmind.
inInaaddition,challengingthisthesistopologycov,ersanddeavicegenericdmanagement,evicenon-relayedarchitecture—turningTCPconnectionsXMPPintoabetweenpowerfulpeers
peer-to-peernetworkforinter-devicecommunication.
Towithinprovethethescopeofapplicabilitythisthesis.oftheMoreovespecifications,r,thecoreanexemplaryspecificationswereimplementationdevelopedhasinbeenanbopenuilt
standardizationprocessandareeitherpublishedasXMPPextensionorInternetDraft.

Zusammenfassung

DieletztenJahrebrachtenvieleVer¨anderungen,wieKonsumentenmitihrenMedieninhalten
interagieren.SiespeichernihreMedienheutzutagedigitalundgreifenmitunterschiedlichen
Ger¨atendaraufzu,unddabeiwirddieRolledesMobiltelefonsalsuniverselleFernbedienung
undAbspielger¨atimmerwichtiger.AllerdingsgibteskeinegenerischeArchitektur,dieeser-
laubt,dassdieunterschiedlichenGer¨atezuHauseundimInternetinteragierenk¨onnen.
IndieserArbeitwirddasExtensibleMessagingandPresenceProtocol(XMPP)erweitert,
damitesalsKernf¨ureinerweitertesprivatesMedien-Netz(ExtendedPrivateMediaNetwork,
XPMN)eingesetztwerdenkann.Diesbeinhaltethaupts¨achlichdieEntwicklungeinerEnde-zu-
Ende-Sicherheitsschichtf¨urXMPP,umGeheimhaltung,Datenintegrit¨atundAuthentisierung
zugew¨ahrleisten.DabeigiltderBenutzbarkeitf¨urdenEndbenutzer,aberauchderEntwick-
lerbesondererAufmerksamkeit.Zus¨atzlichbehandeltdieseArbeitGer¨ateverwaltung,TCP-
VerbindungenzwischenClientsinkomplexenNetztopologienundeinegenerischeDevice-
Architektur–alsoeineWeiterentwicklungvonXMPPineinleistungsstarkesPeer-to-Peer-Netz
f¨urGer¨ateinteraktion.
UmdieAnwendbarkeitderSpezifikationennachzuweisen,entstandimRahmendieserArbeit
eineprototypischeImplementierung.Dar¨uberhinauswurdendieKernspezifikationenineinem
offenenStandardisierungsprozessentwickeltundalsXMPP-ErweiterungoderInternetDraft
fentlicht.of¨rve

iv

wledgmentsAckno

TheresearchdescribedinthisthesishasbeenperformedattheUniversit¨atBremenintheAr-
beitsgruppeRechnernetzeheadedbyProf.Dr.-Ing.UteBormann.Lookingbackthelastone
andahalfyears,manymembersofthisresearchgrouphavebeeninvolvedindiscussionsorthe
architecturaldesignoftheextendedpersonalmedianetwork.InparticularIwouldliketothank
Prof.Dr.-Ing.CarstenBormannforsupervisingmyworkandpointingmeintherightdirection
whenneeded.Furthermore,KevinLoosformentioningXMPPasapossiblecoreprotocoland
theteamworkonvariousTZIprojects.In2007and2008,weworkedtogetherontheScalenet
andtheM4projectsdealingwithmobilemediaandcoveringasmallsubsetofthepossibleuse
casesthearchitecturedevelopedwithinthescopeofthisthesiscancover.Thesetwoprojects
startedmyresearchactivitiesinthisarea.
Yet,discussionswithVolkerWittpahlandNicolasPauluhnattheCeBIT2006initiallysparked
myinterestontheconceptofextendedpersonalmedianetworks.Eventhoughittooktwo
moreyearsuntilthisthesiswasstarted,thesediscussionsprovidedmewithnew(sometimes
overdrawn)ideasonthewaywecoulddealwithourmediaassets.
DuringmytimeattheArbeitsgruppeRechnernetzeandatthegraduateschool“Advancesin
DigitalMedia”Ihadtheopportunitytoworktogetherwithmanypeoplewithvariousinterests
andknowledge.Theyprovidedmewithinsighttothefieldsofnetworking,securityandusabil-
ity.Iwouldliketothankallofthesepeoplefortheirsupport,notablySebastianFeigefora
differentviewonthetopicandsomeveryinformativeusabilityconversations.
IsincerelyappreciatethesupportIhavereceivedfrommembersoftheXSFaswellastheIETF;
firstandforemostIwouldliketothankPeterSaint-Andre,theco-authoroftheInternetDrafts
andsomeXMPPextensionspublishedwithinthescopeofthisthesis.Furthermore,DaveCrid-
land,JustinKarneges,AlexeyMelnikov,andEricRescorlaforthefruitfuldiscussionsonthe
mailinglistsandduringmeetingsinBrusselsandStockholmonXMPPend-to-endsecurityand
TLS.Inaddition,IwouldliketothankKlausHartkeforimplementingsomeofthespecifica-
tionsdevelopedwithinthescopeofthisthesisinhisXMPPlibraryandgivingmesomehelpful
feedback.ThisthesiswouldnothavebeenpossiblewithoutsupportfromtheKlausTschiraFoundation
andthegraduateschool“AdvancesinDigitalMedia”—andProf.Dr.RainerMalakaforgiving
metheopportunitytobepartofthegraduateschool.Theone-yearscholarshipgavemethe
chancetofocusonmyresearch.
Finally,Iwouldliketothankmyfriendsandfamilywhosupportedmeoverthelastyears;
theymaynotevenbeawareoftheirimpactonthisthesis.MostnotablyNielsPollem,Olaf
Bergmann,StefanPrelle,BenjaminWalther-Franks,AndreasB¨usching,andAlinaSt¨urckfor
readingpartsofthisthesisandgivingmesomefinaladvice,andlastbutnotleastBirgitRuopp
foralwayslisteningtomy(sometimesunjustified)complaintsandformoralsupport.

vi

Contents

oductionIntr12UseCasesandRequirements
.....................................CasesUse2.12.1.1ResourceManagementintheHomeNetwork..............
............................RestrictionsAccess2.1.2.............................ServicesExternal2.1.3..............................ControlRemote2.1.4..........................InterconnectionXPMN2.1.5...................................Requirements2.2.............................viderProService2.2.1..............................Interoperability2.2.2...............................Extensibility2.2.32.2.4AccessibilityfromOutsidetheHomeNetwork.............
2.2.5NetworkErrorTolerant..........................
2.2.6ResourceDiscovery...........................
...........................ManagementviceDe2.2.72.2.82.2.9EaseInteractionofUsewithFriends.........................................................
.....................................Summary2.33CurrentHomeNetworks
..............................UPnPState-of-the-Art:3.1.................................wervieOv3.1.1..................................Security3.1.2.............................UPnPExtending3.1.33.1.4ComparingUPnPtotheXPMNRequirements.............
.................................Summary3.1.53.2OtherLocalCoordinationTechnologies.....................
...........................orkingNetwZeroconf3.2.1...................................D-Bus3.2.2...............................BusMessage3.2.3.................................LearnedLessons3.34BeyondtheHomeNetwork
4.1Web-basedApplicationsandServices......................
vii

1777901112131314151517181819102122332328213233343438324444774

viii

....................................Orb4.1.14.1.2Web-basedUPnPControlPoints.....................
4.1.3Web-basedExternalServices.......................
4.1.4MediaCenterWeb-Pages.........................
.............................LearnedLessons4.1.54.2Peer-to-PeerNetworks..............................
4.2.1ArchitectureofPeer-to-PeerNetworks..................
4.2.2PopularP2PNetworks..........................
.............................LearnedLessons4.2.34.34.3.1SIP-basedOvervieApproachw................................................................
4.3.2NATTraversal..............................
4.3.3ApplyingSIPtotheProblem.......................
.............................LearnedLessons4.3.44.44.4.1XMPP-basedXMPPCoreApproach..............................................................
................................Extensions4.4.2..........................Social”going“Jabber4.4.34.4.4ApplyingXMPPtotheProblem.....................
4.54.4.5SummaryLessonsLearned..................................................................
ementsRequirtheRefining55.15.2NetwInitialorkingRequirementsLayer.................................................................
.............................ransportTMedia5.2.1...........................oleranceTDisruption5.2.2.................................Summary5.2.3.................................AnalysisSecurity5.35.3.1SecurityObjectives............................
5.3.2AttacksonDevices............................
........................LayerSecurityEnd-to-End5.3.35.3.55.3.4AccessSummaryControl...............................................................
.............................ConsiderationsUsability5.4...............................Bootstrapping5.4.1.........................ManagementCertificate5.4.25.4.35.4.4DeXPMNviceManagementInterconnection.....................................................
...........................ServicesforUs