Thursday, 19 December 2013

Cloud Services for an Android Based Home Security System

Cloud Services for an Android Based Home Security System

ABSTRACT:
This report talks in detail about an android based application designed for a home security system. The home security system is a tablet device developed using the android framework.The home security system makes use of sensors and a central device to secure an area. Currently the devices are standalone and require the users to be physically present to operate the devices with no interaction possible between two different devices. The system is also limited by its computational resources and storage capacity. For this project, I have developed a cloud based client server architecture to address these limitations and also to provide security and sharing functionalities along with remote diagnostics. This project has a device level framework to communicate with and exchange information with a cloud server. The project also addresses the primary limitations of cloud computing namely security, privacy and user control.
1. Introduction:
1.1 Home Security System:
Figure 1: Security system
security system.jpg
This project has been designed for an android based home security and automation system. The security system in question has been designed and built by Qolsys a startup based in Cupertino. This system has been built completely on Android framework running on android 2.2.2. It is a 7 inch tablet device with built in radios and antenna to communicate between multiple types of devices using multiple communication protocols like zwave, wifi etc.

The device makes use of sensors to secure an area. These sensors communicate with the security system and depending on the mode and scenario various operations are performed. The end user can perform several operations like arming and disarming the system, selecting different arm modes etc by making use of the touch screen and a virtual key pad. The device also acts as smart-phone device and lets users play music, movies, create video messages, run other android applications etc.
Currently all the information is restricted to the device itself. All the database information related to sensors, user information etc is stored locally on the device. Also the user pictures and messages are stored in the device with no way of sharing them with others. Another limitation is that, the applications on the device are restricted by the available storage and if the device runs out of space, then files will have to be removed.
For this project, I have designed and implemented an android based application which uses cloud
based architecture to address these limitations.
1.2 Project Scope and Features:
For this project, I have designed and implemented a client and server based android application to communicate with and exchange information with a remote cloud server. The application has been designed on android 2.2 and supports multiple features like user authentication , data encryption and security, secure access, image capture and secure, image upload and share and data repudiation.
I have implemented features to overcome the limitations of both the security system and the cloud servers. The application has been designed in a modular manner, with each module building on top of the previous one, and offering new functionality. The application supports a centralized user information repository which is hosted on Amazon Relational Database System.
The server side scripting has been done in PHP and this interacts with the remote database and also performs secure operations like encrypting the user credentials and salting the information to authenticate users using a hash based authentication.
Image capture and secure is a module which lets the users capture images and gives them an option to display the images on the device or to encrypt and hide the images by deleting them form the SD card or to decrypt and retrieve the images.
Image Upload and display builds on top of the image capture functionality, and supports the following functionality. It lets the users share the images online using a presigned link which can be used to view the picture on a browser. It also supports uploading the encrypted files securely to the server where they can be stored.
The application also supports a push based notification system designed by using Amazon Simple Notification Service, which lets users subscribe to a topic using their email address, and any messages posted by the administrator, are then send to the subscribing users.
I have also implemented a fail over recovery for the database using Amazon EC2 servers. This
feature allows the server to set up a secondary server to act as a backup in case the primary
server goes down. I have set up database synchronization between these two servers.
The potential uses for these features on the security system are as follows
 a. The system takes pictures based on multiple factors like alarm conditions, user images etc. This feature will let the users upload pictures to a remote server and view them using their mobile phone without compromising on the security.
b. Having the sensor database and user info centralized on a remote db, will let the panel support remote backup and retrieval.
c. The push notifications can be used by dealers, to send specific messages to users based on specific issues.
2. Background Information:
2.1. Introduction to Cloud Computing:
Figure 2 Cloud Computing Overview
cloud computing.jpg
National Institute of Standards and Technology defines Cloud Computing as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.[1]
Cloud computing in essence translates to a virtual pool of resources and computational facilities which can be used based on the usage requirements. It abstracts the details of these resources, and the end users can just use them without worrying about the underlying architecture.
2.2 Advantages of Cloud Computing:
1. Inexpensive:
Cloud providers usually charge the users based on the usage, this reduces the upkeep costs for the organizations. Since the cloud providers take care of the licensing costs and are responsible for setting up the servers and maintaining them, this allows the organizations to just focus on the product development and not worry about the overhead associated with storage and computational facilities.
2. Scalability:
One of the primary reasons why organizations and developers are inclined to using cloud computing is scalability. Scalability allows the organizations to dynamically increase or decrease the servers being used without planning in advance. For instance, if a website has 500 hits each month, but suddenly sees a spike of users to say 1000, then the developer can easily increase the server limit, without worrying about the logistics of the upgrade. Similarly when there is a decrease in usage, the developer can easily scale back without having to pay the additional costs.
4. Ease of Configuration:
Cloud computing provides a set it and forget it approach, where a developer can setup one instance of his/her software on the server, and all the other clients associated with the server will automatically get the same version of the software. In the event that the developer updates the software version on the cloud server, all the clients are automatically updated. This allows the data on the all the clients to be in sync without worrying about version control.
2.3 Challenges of Cloud Computing:
1. Security:
Security and user privacy remains one of the biggest hurdles for cloud computing. Since all the user data is stored on the cloud server which belongs to a third party, many organizations are hesitant to store all their data with these providers.
2. Cannot be used for Real Time Applications:
Since the basic premise behind cloud computing is a client server model, this involves requests being send to the server, and the server processing those requests and sending a response out, this model cannot be used for applications which require a response in real time.
3. Downtime:
If of the major bottleneck for cloud computing is that the websites or software running on the cloud will depend on the cloud server. If the server goes down for some reason, then all the services making use of that service will also go down. Also since a large amount of data is usually stored on the servers, if the server goes down, then the data is also lost in these cases.
In my project, I have addressed some of these concerns especially the privacy and security and the dependency on one single server. For my project, I store all the user data in an encrypted format and use hash computations to verify the user credentials. This way I avoid the transmission of sensitive data on a communication channel. To address the limitation of dependency, I have set up data replication using Amazon Relation Database System and MySQL. This synchronizes the data between the two, so I always have a backup of the database contents.
prosandcons.jpg

2.4 Cloud Computing Services:
Cloud computing services are broadly categorized into three types:
1. Software as a Service (SaaS)
2. Platform as a Service (PaaS)
3. Infrastructure as a Service (IaaS)
Figure 4 Cloud Computing Services
service.jpg


2.4.1 Software as a Service (SaaS):
Software as a service is arguably the most popular distribution model of cloud computing. In this model, the developer designs and develops the software, and hosts it completely on the cloud servers. The developer then makes this product available over a network for end users.The most common applications of this model include web sites like Yahoo, Google, Gamespot etc which rely on these cloud servers to process and store the huge amount of traffic and data it receives.
2.4.2 Infrastructure as a Service (IaaS):
Infrastructure as a Service is a cloud computing model primarily used by enterprises which need access to the cloud servers, but would like to configure and maintain them independently. In this model, the cloud provides provide the infrastructure i.e. machines, servers etc that they own as a service. The client takes the responsibility to configure and set up these machines along with the database and other resources.
The cloud provider is only liable to provide and maintain the hardware required while all the
software is taken care of by the enterprise.
2.4.3 Platform as a Service (PaaS):
Platform as a Service is a cloud computing model where the developer provides the tools as a service and the consumer uses those tools to develop software. The consumer is also responsible for configuring and deploying the software. The cloud provider is responsible for providing the networks, storage and other services. An example for this would be Google Cloud and Open Stack etc. which provide the users with
tools and resources to build applications.
Amazon Web Services is a collective term which encompasses all the modules being offered by Amazon,
under the umbrella of Cloud based services.
Amazon Web Services, at this time, offers twenty five different remote services each of which can be used independently depending on the desired functionality.
These services are primarily used by developers to design and build applications, making use of this service.
For my Master’s project, I made use of the following Web Services
1. Amazon Elastic Compute Cloud (EC2)
2. Amazon Simple Storage Service (S3)
3. Amazon Simple Notification System (SNS)
4. Amazon Relational Database Service (RDS)
5. Amazon Simple Queue Service (SQS)
The project has been developed in a modular manner with each module building on top of the previous one. An overview of the web services and client side systems used in this project are as follows.



0 comments:

Post a Comment