Transcript Document
Network/authentication model for Flex Radio’s SDR over WAN
Team
Daniel Scarlett
Miles O’Keefe
Cody Clark
Samuel Pesek
Project Goals
● Develop a network/authentication model for accessing Flex Radio’s SDR
over WAN via a linux based computer
● Identify various possible solutions for networking and security
● Analyze the resources, time, costs, and risks needed to obtain a working
model of the solutions
● Prototype a working model of one of the solutions
System block diagram
Our Project
Existing
Network Solution Options
Resources
VPN / DDNS
Service Provider of DDNS
(3rd party or,
VPN Client software &
VPN compatible router)
Time
Cost
Minimal client-side setup
Low/no cost to consumer
Quick development &
deployment
Maintenance cost for
operation via Flex Radio
Risk
Low/medium depending
on authentication method
used
(0$ < DDNS < $500/yr)
Authentication based on
username/password
Comment
Most recommended
method depending on
authentication used as
well
Port
Forwarding/
Static IP
Dedicated router setup for
use for client
Minimal client-side setup
One time large fee for
client to own IP address
Low/medium depending
on authentication scheme
Not recommended
because of non mobile
use & fee for customer
Web GUI
Dedicated server for
FlexRadio
Medium to large setup to
deploy
Medium/high running the
server
Low/Medium - depending
on server running &
maintenance
Not recommended
because of the server and
development cost
Dedicated VPN
Server
Linux Platform Radio
Side/Third Party Server
(Cloud)
Low/medium development
Medium/high running the
server
Medium - using a 3rd
party server
Not recommended
because of the 3rd party
server
Security Solution Options
Resources
Time
Cost
Risk
Comments
Google Authenticator or
Authy like software
Low/medium developer
hours
Low implementation
cost
Low if no one gets a
hold of the seed
Recommended because
everything needed is
simple to implement
OTP Electronic Hardware
Low client-side setup
Public Key
Infrastructure
(PKI)
Use an existing PKI
encryption scheme
independent of a Certificate
Authority (CA)
Low developer hours
Low implementation
cost
Low if no one gets a
hold of the private key
Most recommended
because of the use of
advanced cryptography
methods
Web GUI
SSL/TPL Protocols
X.509 Certificates
Low/medium developer
hours
Low client-side setup
Medium/high
maintenance cost of
running server
Medium if trusted 3rd
party web server
Not recommended
because of difficult
authentication approval
Codec
Codecs like .aac,
.H.264/.mpeg
Large - developing a
complex compression decompression
algorithm
Dependent on extensive
development time
High - may have
unknown flaws
Not recommended
because time and risk
high
User/PW +
One-Time-Pw
Low client-side setup
Timeline
Fall 2014 Semester
17/Sep/14
Project
Structuring
&
Conceptual
Design
08/Oct/14
Design
Phase 1
Resource
problem &
potential
methods to
solve
12/Nov/14
Design
Phase 2
Develop
several
solutions
for problem
Spring 2015 Semester
05/Dec/14
Present
Potential
Solutions
15/Jan/15
Prototype
a Solution
11/Feb/14
Implement
a Solution
11/Mar/14
Test
a Solution
15/Apr/14
Deliver
Finished
Product
Thank You!