„make the best decision from

the available knowledge and

support appropriate actions to

reach the defined goals“

General project overview:

Project acronym: AutHoNe

Full name: Autonomic Home Networking

Funding: BMBF (Federal Ministery of Education and

Research)

Project partners and their developments:

Fraunhofer FOKUS:

• Multi Client Systems

• Sensor Description Language

• Multitechnology/Multiprotocol Gateways

• FOKUS Sensor Node

• Energy Efficency

Siemens AG:

• Self-managed heterogeneous Sensor and Actuator

Networks

• Rule-based Auto-configuration and Fault-handling

• Role-specific over-the-air Software Update

• Data-centric Distributed Software Architecture

Hirschmann Automation and Control GmbH:

• Collaborative Observation in Wireless Sensor

Networks

• Network Monitoring

• Functional Safety for Industrial Application

• Low Power Design

Technische Universität München:

• Future Internet, Internet of Things, Pervasive

Computing

• Knowledge Plane with Knowledge based Autonomic

Management

• Security and Trusted Computing

• Remote Access

• Services and Applications

Celtic project consortium:

The AutHoNe project is embedded in a Celtic/Eureka

project consortium with participants from France and

Sweden

Schweden:

• University of Lund

• Sony Ericsson

France:

• Ginkgo Networks

• France Telecom R&D

• LIP6 - Pierre&Marie Curie University Paris

http://www.celtic-initiative.org/Projects/AUTHONE/

Three main technical objectives are addressed:

• The development of an agent technology (intelligent, active, policy-

oriented, multiagent…) for realising autonomic behavior

• The study of mechanisms, protocols and an architecture for distributed,

self-organizing communication

• The investigation of new autonomic technologies, functionalities and

control schemes for home and industrial network environments.

The world is moving towards autonomic equipment. The AutHoNe project is developing an intelligent autonomic paradigm in networks for home and

building environments or industrial automation. The final goal is to create a

technological competitive edge for European players in the domain of

customer specific autonomic networks.

The main objective of AutHoNe is to design an innovative home

network communication archi-

tecture allowing self-manage-

ment, configuration and

maintenance required for future

application scenarios. Key

issues are concepts for trust

and security and the integration

of wireless sensor networking

technologies.

This new architecture is composed of 4 functional and logical planes (data, control, management and

knowledge) allowing the system to self-configure,

self-secure and self-monitor in real time so that the

home network is always optimised with respect to

context information and user requirements.

http://www.authone.de

info@authone.de

Visitor

Mobile Devices

Appliances

Monitoring

Probe

Internet

Home Gateway

with Autonomic Intelligence

and Control Interface

DSL

WiMAX

Autonomic

Firewall

Dis tributed

S ensor/Actuator

Network

Dis tributed

S ensor/Actuator

Network

Monitoring

Probe

WLAN,

Bluetooth

„Remote“ Access viaUMTS, GPRS

PC

Landlord

Full Control

Trust determines

Access Rights

AutHoNe - Home Network

• Self management

• Visualization of Network State

• Autonomic Control

• “Plug and Play”

Knowledge Plane

Control Plane

Data PlaneManagement Plane

Remote Access

Inter-Home connectivity

NAT breaks the end-to-end connectivity model of the Internet

NAT/FW-Traversal

State of the Art

Not available for legacy applications

Applicability issues

Overhead through connectivity tests (ICE)

Reuse of already gained knowledge

NAT-Test decoupled from NAT-Traversal

Results in a much faster connection establishment

Decisions based on

Supported NAT-Traversal

techniques

User-Input

Registered Applications

Prof. Dr.-Ing. Georg Carle

[carle |kinkelin |pahl |mueller |braun|schmitt]@net.in.tum.de · http://www.net.in.tum.de

Security and Trust

Metering

Video Streaming

Knowledge Platform

Further AutHoNe Applications

Knowledge

Knowledge Agent

KAKA

KAKA

KA

23°CLight is on Call from +49 89 2..

My IP is 127.0.0.1Window open

KA

AutHoNe IDs

Cryptographic Identifiers for homes, devices and users

Used for routing inside and between homes

Home Certification Authority

Certifies devices and users (entities)

Entity certificates express membership to a certain home

Trust Relationships between homes and devices

Exchange Home Certificate with friendly home networks

Enable authentication of entities of other homes

Service Access Control

Based upon policies specified in XACML

Generation of policies

Trusted Computing in Home Networking

Saveguard for keying material prevents identity theft

Novel and secure applications in home networking

Device X

Device ID Key (RSA Key)

Device Certificate (signed by HGw)

Home ID Key (RSA Key)

Home Certificate (self signed)

Device ID = hash( Public Part

of Device ID Key )

Home Gateway

Home Network A

Home Network B

Device Y

Home Gateway

Trust Relationship

Home ID = hash( Public Part

of Home ID Key )

Media Streaming ServiceClient

(powerful)

A/V Stream

Media Transcoder

A/V Stream

A/V Stream

Control

Control

Client

(limited ressources)

Control

Service

Technique Success Rate

UDP Hole Punching 88.08%

TCP-Hole Punching 52.65%

TCP-Traversal 83.78%

TCP-Traversal

incl. tunneling 94.99%

UPnP 13.01%

Field-Test Results

http://nattest.net.in.tum.de

999 tested NATs

(Cross Domain) Media Streaming based on DPWS

Discovery of Services through Multicast

Knowledge based approach for Transcoding

Knowledge Platform gives us the address for the appropriate transcoder,

e.g. small devices need certain bandwith and do not accept HD

Transcoding is done transparently and can be seen as a web service

Authentication of Users based on cryptographic Ids

Policy-based authorization

Content browsing through DPWS

Stream Protection

SSL tunnel

DRM

Requester R

Private Network A

APP. A APP. B

Public Internet Service S

Private Network B

APP. C APP. D

STUN

Server

Data

Relay

(2) (2)

ANTS

(1)(1)

Signaling

Infrastructure (3)

ANTS

(4)

Assisted Device Registration System

Service for easy to use certificate distribution for home devices

VoIP Security Service for Home Networks

Enables privacy and confidentiality for VoIP in home networking

Security is based upon our security infrastructure and trust model

Bluetooth Proximity Detection

Location based services in the home network

Ambient information service

Sensors in Home Networking

Gateway from Sensor Networks to AutHoNe Knowledge Platform

Enabler for home control applications

Malware detection

Advanced security features based on network monitoring / behaviour analysis

Malware detection (worms, trojan horses)

The purpose of our Knowledge Platform is to provide an information overlay to standard

networks. The overlay will provide a common control channel between the different nodes

of a network.

Knowledge Agent

Gives access to the knowledge overlay

Manages information brokering to and from the node

Accessed by local software and other Knowledge Agents

Knowledge Trees

Node Tree

- Stores the structure of the information availiable locally at the node

- Available at every node

Shared Tree

- Stores the structure of the information available in the whole subnet (home)

- Available at dedicated nodes

Accessed by the Knowledge Agent

Knowledge Store

Stores the information on the node

Accessed by the Knowledge Agent

We are establishing a versatile metering infrastructure for our AutHoNe-networks.

Obtain knowledge of the network state additional to that from “regular” nodes

Detect bottlenecks

Detect malfunction

Detect errors

Detect security risks

Be highly customizable concerning the metered values as well as the topology

Adopt the metering process to the situation inside the network

Integrate nodes with different capabilities into the metering process

Aggregate Knowledge dynamically

Overcome the borders of single

metering tasks through the newly

available connection over the

AutHoNe-control-overlay

pcap

rx-rate

tx-rate

mtu

…

E xamination (e.g. S NO R T ) KA

Node

Meter

E xaminer

K nowledge Agent

pcap

rx-rate

tx-rate

mtu

…

pcap

rx-rate

tx-rate

mtu

…

E xamination (e.g. S NO R T ) KA

Node

Meter

E xaminer

K nowledge Agent

Node

Meter

E xaminer

K nowledge Agent