Kevin Eustice

An active self-optimizing multiplayer gaming architecture

Multiplayer games are representative of a large class of distributed applications that suffer from redundant communication, bottlenecks, single points of failure and poor reactivity to changing network conditions. Many of these problems can be alleviated through simple network adaptations at the infrastructure level. In this paper, we describe a model in which game packets are directed along the edges of a rooted tree connecting the players, aggregated during the upstream flight and multicast from the root to the leaves. This tree is constructed based on a heuristic, and can dynamically adjust itself in response to changes in network conditions. This gaming infrastructure is built and maintained using active networks, which is currently the only open architecture suitable for these types of applications. We have designed and implemented a prototype using ANTS that performs these adaptations for unmodified DOOM clients. We present analytical and simulation results that illustrate the reduction in communication overhead, and show that the multicast tree can quickly adjust to changing network conditions. The overhead of the active network-based middleware is acceptable, especially in wide-area networks.

Mobile Contagion: Simulation of Infection and Defense

For worms with known signatures, properly configured firewalls can prevent infection of a network from the outside. However, as several recent worms have shown, portable computers provide worms with an entry point into such networks, since these computers are connected behind the firewall. Once inside, the firewall provides no protection against the worms further spread. Wireless networks are particularly dangerous in this regard, as the act of connection is often invisible, and improperly configured wireless networks allows anyone within radio range to connect. In this paper, we use real data on a large-scale wireless deployment to analyze the speed with which a worm could spread if it used only this propagation vector. We discuss several possible solutions and provide analysis on how much protection those solutions would provide.

Negotiating Agreements Using Policies in Ubiquitous Computing Scenarios

The emerging ubiquitous computing vision is characterized by decentralized and ad hoc interoperation among devices and networks for access to services. Interacting devices or groups have highly heterogeneous resources and security and privacy concerns, and invariably belong to different security or administrative domains. Flexible and automated mechanisms are needed to achieve effective cross-domain interoperation that leads to a service or resource sharing agreement. We describe how policies representing system state, requirements and intent can be used to negotiate agreements between mutually unknown and untrusted systems that differ widely in their characteristics. Our negotiation protocol uses a small number of message types, which we have found to be sufficient for supporting a wide variety of application scenarios that occur on the Web, and that will likely be important in the ubiquitous computing environments of the future.

Information protection via environmental data tethers

Faced with an increasing number of incidents involving leaks of confidential data, it is clear that new data protection strategies are needed. We propose Data Tethers, a new paradigm which uses policies based on environmental factors to determine when sensitive data may be stored on a machine and when it must be encrypted or removed from the machine entirely. We discuss a number of example scenarios where existing data protection systems provide insufficient protection and Data Tethers would prevent data exposure. We also discuss a proposed implementation of Data Tethers, including a number of different environmental inputs.

Panda: middleware to provide the benefits of active networks to legacy applications

Panda is middleware designed to bring the benefits of active networks to applications not written with active networks in mind. This paper describes the architecture and implementation of Panda, and provides data on the overheads incurred and performance benefits achieved. The paper also discusses some of the key issues of automatically and transparently intercepting data streams and converting them into active streams, including interception mechanisms, automated planning facilities, and allowing user and application control of the middleware.

Johnny Appleseed: wardriving to reduce interference in chaotic wireless deployments

Many areas have dense deployments of 802.11 wireless access points, often with little or no planning of the best choices of channel assignments. As a result, there is often very high interference due to poor channel assignments. One contributing factor is that many access points are deployed with the absolute minimum of configuration effort, which means they are assigned to the channel the manufacturer has chosen, as a default. In many cases, such minimal effort deployments also mean that the access point uses the manufacturer-default password. Inspired by Johnny Appleseed, a 19th century American altruist who wandered the wilderness planting apple trees for the use of others, we investigate a method by which an altruistic wardriver moving through a dense wireless deployment could take advantage of such minimally configured access points. Where possible, he could use the default passwords to log into the system and change the channel assignment to better suite the surrounding environment, reducing interference for all. We examine this solution in simulation using real data gathered by wardrivers in several locations. We demonstrate that even with some conservative assumptions on the number of access points our Johnny Appleseed could alter, simple single-pass algorithms can result in a 10% reduction of total interference in a dense wireless deployment. We discuss the legal and ethical implications of the approach.

nan0sphere: location-driven fiction for groups of users

We developed a locative fiction application called nan0sphere and deployed it on the UCLA campus. This application presents an interactive narrative to users working in a group as they move around the campus. Based on each users current location, previously visited locations, actions taken, and on the similar attributes of other users in the same group, the story will develop in different ways. Group members are encouraged by the story to move independently, with their individual actions and progress affecting the narrative and the overall group experience. Eight different locations on campus are involved in this story. Groups consist of four participants, and the complete story unfolds through the actions of all four group members. The supporting system could be used to create other similar types of locative literature, possibly augmented with multimedia, for other purposes and in other locations. We will discuss benefits and challenges of group interactions in locative fiction, infrastructure required to support such applications, issues of determining user locations, and our experiences using the application.

Adapting encrypted data streams in open architectures

Open architectures meet the demands of increasingly complex and diverse networks by adding programmability to some or all components of the network infrastructure. The effectiveness of this programmability, however, is severely reduced in the domain of encrypted data streams. Because encrypted streams are opaque, existing solutions to adapting encrypted data are limited to either performing link-level encryption across each node, or restricting adaptations to those that do not require knowledge of the content. These restrictions either reduce the functionality of the system or compromise the security of the data stream. This research examines an alternative method of adapting encrypted streams through intelligent tagging and layering of the data content. Sending separately encrypted layers of the data allows for adaptation of the data stream without actually decrypting the data along any point of the connection.

Approaches for Ensuring Security and Privacy in Unplanned Ubiquitous Computing Interactions

Modern technology and omnipresent computing and communication facilities are leading us closer to the ubiquitous computing vision. However, the very nature of ubicomp infrastructure, the openness of the environments and the characteristics of the interactions pose unique security and privacy challenges. We anticipate that the vast number of interactions will be unplanned and will occur among mutually unknown and untrusted systems. Mobile components will often find themselves in unfamiliar surroundings, forced to work with infrastructure whose trustworthiness cannot be determined. We must identify and address the security issues inherent in these types of interactions before a large-scale deployment of vulnerable infrastructure begins to pose a serious threat. Current security solutions for mobile computing and wireless communication are not sufficiently scalable or flexible to protect the heterogeneous and highly dynamic systems of the future; they do not even satisfactorily solve current mobile computing security issues. In this paper we address the problems inherent in the infrastructure and in the interacting devices themselves. We also identify device theft as a problem exacerbated by mobile and ubiquitous computing. We emphasize device-based approaches towards handling security and privacy, broadly classifying them into three categories which, when taken collectively, form a three-layer defense for devices. These categories are: 1) resource and content protection mechanisms, 2) secure protocols for service discovery and assignment of resource access, and 3) trust frameworks. These categories are neither mutually exclusive nor exhaustive, yet they collectively address challenges inherent in a wide range of ubicomp scenarios. We emphasize protocol-based solutions and, to a lesser extent, trust frameworks. These aproaches are being investigated in the context of the QED and policy-guided negotiation work currently underway as part of our Panoply ubiquitous computing project.

Improving User Satisfaction in a Ubiquitous Computing Application

The Smart Party is a ubiquitous computing application based on the Panoply middleware. The Smart Party allows attendees at a party to transparently participate in the selection of music played at the party. The methods used to select music, based on the preferences of the party goers, has a substantial impact on how satisfied these party goers will be. This paper examines different algorithms for selecting music in a Smart Party, and discusses lessons from the research that are applicable to other socially-based ubicomp applications.