マルチメディア, 分 散, 協 調 とモバイル (DICOMO2014)シンポジウム 平 成 26 年 7 月 Raspberry Guardian 1 2 2012 Linux Raspberry Pi 3000 1 200 Raspberry Pi Raspberry Pi Raspberry Gate [1] Raspberry Guardian [2] Security Gateway for Electronics Hobbyists (Part 4. Experimental Implementation for Raspberry Guardian) Hiroyuki Ohno 1 Hironobu Suzuki 2 1. 2012 Raspberry Pi UNIX OS 3000 1 200 [3] Raspberry Pi IoT(The Internet of Things) 1 Kanazawa University, Kanazawa, Ishikawa 920 1192, Japan 2 Senshu University, Kawasaki, Kanagawa, 214-8580, Japan Raspberry Pi Raspberry Pi Raspbian Debian UNIX pi Raspbian sshd pi sudo
Linux Raspberry Pi I/O Raspberry Pi GPIO Raspberry Pi Raspberry Pi Raspberry Gate Raspberry Gate Raspberry Pi WAN [1] Raspberry Pi Raspberry Gate Raspberry Pi Raspberry Gate UNIX Raspberry Guardian [2] Raspberry Pi Raspberry Pi 2. Raspberry Gate Raspberry Guardian Raspberry Pi ( ) Raspberry Field Raspberry Pi Raspberry Garden Raspberry Pi Raspberry House Raspberry Garden Raspberry Farm Raspberry House Raspberry Garden Raspberry Gate Raspberry Farm Raspberry Guardian Raspberry House Raspberry Garden Raspberry Gate 1 1 Raspberry Gate Raspberry Pi PC 10 PC Linux OS Linux PC 100Mbps Raspberry Pi Raspberry Gate Raspberry Guardian 2 Raspberry Farm Raspberry Farm
Raspberry Guardian Raspberry Gate Raspberry Farm USB Raspberry Pi Ethernet OS eth0 1000BASE-T ( 100BASE-T) USB LAN USB OS eth1 DC+5V 700mA micro USB USB LAN USB 2 Raspberry Guardian 3. 3.1 Raspberry Gate Raspberry Gate Raspberry Gate Raspberry Gate Raspberry Gate 3.1.1 Raspberry Gate Raspberry Pi, SD, USB, USB LAN 1 3 1 Raspberry Pi Type B CPU Broadcom BCM2835 700 MHz ARM1176JZFS 512 MB SD (OS ) USB ( ) USB I/F USB 2.0 2 I/F ( ) 10 / 100 Base-T I/F ( ) 100 / 1000BASE-T USB LAN DC 5V, 700mA OS SD SD 4GB SD USB USB SD 3 3.1.2 Raspberry Gate Raspberry Gate USB HDMI Raspberry Pi GPIO Raspberry Gate Raspberry Pi 10,000 6,500, 8,000 10,000 Raspberry Pi - 4,000 * 1 SD - 1,000 USB - 1,500 LED, *1 3000 2014 5 4000
- 1,500-2,000 Raspberry Pi GPIO 26 P1 GPIO P1 I/O 17 7 UART(2 ), I2C(2 ), SPI(3 ) I/O I/O 10 (10bit) 10 (2bit) () (4bit) ( ) (1bit) ( ) (1bit) () (1bit) (LED) (1bit) () 10 7 Raspberry Gate 2 DHCP 4 1 10K 3 1 LED 1 LED LED LED I2C I/O 16 2 QVGA SPI X11 [4] 3.1.3 RTC() Raspberry Pi RTC Raspberry Pi Linux Raspberry Gate Raspbian NTP NTP NTP Raspberry Gate RTC Maxim DS1307 1000 DS1307 I2C Raspberry Pi [5] I2C GPIO DS1307 3.1.4 Raspberry Gate Raspberry Pi Raspberry Pi [6] Raspberry Pi Raspberry Gate Raspberry Gate Raspberry Gate Raspberry Pi Raspberry Pi Raspberry Gate IC 10 -ARK Web *2 4 4 *2 http://e-ark.jp/
3.2 Raspberry Gate Raspberry Gate OS 2 Raspberry Gate OS 2 OS Raspbian Debian Wheezy 2014-01-07 Kernel Ver. 3.10 3.2.1 Raspberry Gate Raspberry Pi Type B Raspbian (Debian Wheezy [7] ) Raspberry Gate (ntpd dhcpd ) Debian APT(Advanced Pakaging Tool) Debian 3.2.2 Github tar $ tar xvf raspgate.tgz $ cd raspgate $ sudo./install.sh Github [8] RaspberryGuardian Github $ git clone git://github.com/raspberryguardian /raspgate.git github update.sh git pull Raspberry Gate Raspberry Gate Debian deb Raspberry Gate Github 3.2.3 raspgate Raspberry Gate 4 1 Raspberry Gate /etc/init.d/raspgate raspgate /lib/raspgate/ /lib/raspgate/bridge-functions : /lib/raspgate/router-functions : /lib/raspgate/iptables-functions : iptables 3.2.4 initvec 8K /etc/raspgate/conf.d/initvec SECKEY( ) initvec () 3.2.5 bridge-utils dhcpd ntpd apt-get Raspberry Gate /etc/raspgate/conf.d/bridge/eth0-01-iptables : eth0 iptables /etc/raspgate/conf.d/router/eth0-01-iptables : eth0 iptables 3.2.6 Raspberry Gate Raspberry Gate 1 1
Raspberry Gate ID ( 3) 3 IDKEY() Raspberry Gate SECKEY() Raspberry Gate EXKEY() Raspberry Gate 8Kbyte IDKEY Raspberry Gate MAC SHA256 MAC MAC 24 Raspberry Pi 24 IDKEY IDKEY SECKEY EXKEY ( 256 128 ) IDKEY := SHA256 (MAC idkey-1 ) SECKEY := SHA256 (MAC initvec) EXKEY := SHA256 (IDKEY hex SECKEY hex "exkey-1") ( SHA256 16 ) 14ca683d5cff35c4 IDKEY, SECKEY (EXKEY ) $ cat /etc/raspgate/raspgate.conf IDKEY 14ca683d5cff35c4 SECKEY 36a4aba0dcec23e9 3.3 Raspberry Gate Raspberry Gate 4 1. : 2. : 3. : 4. : GPIO ON/OFF 1 2 USB LAN USB ( 1 USB USB ) 3 4 3.3.1 eth0[wan ] br0 eth1[lan ] 5 iptables eth0 INPUT/OUTPUT ( /) 5 eth0 eth1 ( br0) INPUT/OUTPUT /etc/raspgate /conf.d/bridge/ ( ) : /etc/raspgate/conf.d/ bridge/eth0-01-iptables 3.3.2 NAT WAN eth0 WAN dhcp IP LAN 192.168.32.0/24 WAN GPIO LAN Raspberry Pi dhcpd ntpd dhcp LAN Raspberry Pi DNS NTP 3.4 Raspberry Guardian Raspberry Gate () Raspberry Gate Raspberry Guardian Raspberry Guardian
github Raspberry Gate Raspberry Guardian 3.4.1 Raspberry Guardian Redmine Raspberry Guardian (Developer) (Deployer) (User) OpenID[9] Google Facebook twitter SNS Redmine OpenID OpenID OAuth OpenID OAuth Raspberry Guardian Raspberry Guardian Raspberry Guardian Raspberry Guardian OpenID OAuth Jorge Barata OpenID Selector[10] Google Yahoo! OpenID Wordpress OpenID ( 6) 6 OpenID Selector Facebook Twitter OAuth(oauth2) OpenID OAuth OpenID OAuth 3.4.2 Ruby on Rails Redmine Ruby on Rails OpenID Selector OpenID OAuth Redmine OpenID OAuth OpenID janrain.com OpenID Enabled oauth2 intridea oauth2 3.4.3 OpenID OAuth OpenID OAuth 4. Raspberry Gate Raspberry Farm Raspberry Pi Raspberry Farm Raspberry Farm Raspberry Farm OpenVPN L2TP/IPSec SSH 5. PC Linux 2000 [11]
PC Raspberry Pi Linux PC GPIO Raspberry Gate Rapsberry Pi Onion Pi Onion Pi Tor (The Onion Router) Raspberry Pi Onion Pi Raspberry Gate Raspberry Pi USB LAN Onion Pi Raspberry Gate Raspberry Guardian Raspberry Guardian 6. Raspberry Gate Raspberry Guardian Raspberry Gate Raspberry Pi Raspberry Gate Raspberry Guardian 2014 2 2014 7 Raspberry Guardian *3 -ARK *4 Raspberry Pi IoT [1],. 6D-4 ( )., Vol. 2014, No. 3, pp. 47 48, mar 2014. [2],. 6D-5 ( )., Vol. 2014, No. 3, pp. 49 50, mar 2014. [3] kanai. Raspberry Pi 200. http://makezine.jp/blog/2013/11/ two-million-raspberry-pis-in-the-wild.html 2014 5 16. [4] Lady Ada. Adafruit PiTFT 2.8 inch Touchscreen Display for Raspberry Pi. https://learn.adafruit.com/ adafruit-pitft-28-inch-resistive-touchscreen\ -display-raspberry-pi/ 2014 5 16. [5] Lady Ada. Adding a Real Time Clock to Raspberry Pi. https://learn.adafruit.com/ adding-a-real-time-clock-to-raspberry-pi 2014 5 16. [6]. Raspberry Pi (UNIX ). USP, Vol. 2013, No. 3, p. 45, 6 2013. ISSN 2187-9443. [7] debian.org. Debian wheezy. http://www. debian.org/releases/wheezy/index.ja.html 2014 5 12. [8] Laura Dabbish, Colleen Stuart, Jason Tsay, and Jim Herbsleb. Social Coding in GitHub: Transparency and Collaboration in an Open Software Repository. In Proceedings of the ACM 2012 Conference on Computer Supported Cooperative Work, CSCW 12, pp. 1277 1286, New York, NY, USA, 2012. ACM. [9] specs@openid.net. OpenID Authentication 2.0 - Final. Technical report, OpenID Foundation, December 2007. http://openid.net/specs/ openid-authentication-2_0.txt. [10] Jorge Barata. OpenID Selectorp. http://www.redmine. org/plugins/openid-selector 2014 5 12. [11]. Linux., 9 2000. ISBN4-8443-1401-1. *3 http://raspbian-guardian.info/ *4 http://e-ark.jp/