Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: Question for UPAMD control



Sent from my iPad

On Jul 26, 2011, at 5:29 AM, Piotr Karocki <pkar@xxxxxxxx> wrote:

- A controlling device (e.g., laptop) can thus acquire the list of connected devices.
And worm active on this laptop send such list to his creator...

At some point we would have to balance privacy (or security) against convenience. I am not sure there is a way around this.

- The controlling device asks a subset of the connected devices (via the adapter)
to be members of its "notification group" (e.g., to "friend" it)
There could be many adapters in one UPAMD grid.
I have one printer connected to two computers. Both computers want to be paired with printer. How to select which pairing (if any) should be done?

As the device is the one accepting the pairing, it could actually accept both, and then shutdown only when both computers are shut down.

If user interface for pairing would be in laptop, then any malware could make pairs at will. And shutdown everything, also devices from IEEE p11073 series of norm (health monitors and similar).

A health monitor could choose to refuse all pairings. Or a simple security mechanism (similar to the user interface of BlueTooth) could be implemented:
- Message: "Device xxxx wants control over power state, do you want to accept or deny?"
- A blinking light with a message on the computer: "press button xxx on device yyy in such sequence, to grant pairing request."

A remaining security concern would be the possibility of "spoofing" a message from a legitimate paired device.

- The adapter keeps a list of all the members of the group
(..)
Clearly this requires more intelligence on each device,
At some time we want to use principle 'keep it simple'...
One, selected adapter in grid, or all adapters present in grid?

I am not sure that we are following a path of simplicity here, just by considering this possibility!

If we see this as a notification tree, each adapter in the grid only needs to know if it should forward the notification around or not. That is, each adapter only needs a list of the group membership of its own connected devices.

Another concern would be persistence. If a group is defined when the computer is plugged in, but then the computer plug is moved from one adapter in the tree to another, does the group persist? How is the group information moved and kept around? How is the group information deleted?

The case of dumb devices would have to be addressed separately,
 e.g., by giving full control to the adapter or by allowing the controlling device
to directly write the dumb device control parameters.
No, dumb devices shouldn't be 'steered'.

I am not sure on this one, I can see arguments both ways.

Edgar