Transcript Document
Network/authentication model for Flex Radio’s SDR over WAN Team Daniel Scarlett Miles O’Keefe Cody Clark Samuel Pesek Project Goals ● Develop a network/authentication model for accessing Flex Radio’s SDR over WAN via a linux based computer ● Identify various possible solutions for networking and security ● Analyze the resources, time, costs, and risks needed to obtain a working model of the solutions ● Prototype a working model of one of the solutions System block diagram Our Project Existing Network Solution Options Resources VPN / DDNS Service Provider of DDNS (3rd party or, VPN Client software & VPN compatible router) Time Cost Minimal client-side setup Low/no cost to consumer Quick development & deployment Maintenance cost for operation via Flex Radio Risk Low/medium depending on authentication method used (0$ < DDNS < $500/yr) Authentication based on username/password Comment Most recommended method depending on authentication used as well Port Forwarding/ Static IP Dedicated router setup for use for client Minimal client-side setup One time large fee for client to own IP address Low/medium depending on authentication scheme Not recommended because of non mobile use & fee for customer Web GUI Dedicated server for FlexRadio Medium to large setup to deploy Medium/high running the server Low/Medium - depending on server running & maintenance Not recommended because of the server and development cost Dedicated VPN Server Linux Platform Radio Side/Third Party Server (Cloud) Low/medium development Medium/high running the server Medium - using a 3rd party server Not recommended because of the 3rd party server Security Solution Options Resources Time Cost Risk Comments Google Authenticator or Authy like software Low/medium developer hours Low implementation cost Low if no one gets a hold of the seed Recommended because everything needed is simple to implement OTP Electronic Hardware Low client-side setup Public Key Infrastructure (PKI) Use an existing PKI encryption scheme independent of a Certificate Authority (CA) Low developer hours Low implementation cost Low if no one gets a hold of the private key Most recommended because of the use of advanced cryptography methods Web GUI SSL/TPL Protocols X.509 Certificates Low/medium developer hours Low client-side setup Medium/high maintenance cost of running server Medium if trusted 3rd party web server Not recommended because of difficult authentication approval Codec Codecs like .aac, .H.264/.mpeg Large - developing a complex compression decompression algorithm Dependent on extensive development time High - may have unknown flaws Not recommended because time and risk high User/PW + One-Time-Pw Low client-side setup Timeline Fall 2014 Semester 17/Sep/14 Project Structuring & Conceptual Design 08/Oct/14 Design Phase 1 Resource problem & potential methods to solve 12/Nov/14 Design Phase 2 Develop several solutions for problem Spring 2015 Semester 05/Dec/14 Present Potential Solutions 15/Jan/15 Prototype a Solution 11/Feb/14 Implement a Solution 11/Mar/14 Test a Solution 15/Apr/14 Deliver Finished Product Thank You!