CONTROL BY INTERNET

yoinkscreechedInternet and Web Development

Nov 13, 2013 (3 years and 8 months ago)

52 views

Internet
based smart home
robot


Page
145



CONTROL BY I NTERNET



9.1

Introduction


In the last years, the Internet use grew up very much, taking part of
our daily lives as for shopping, for reading news

or even for
entertainment. For this reason, some researchers have started to use
the internet for controlling tele
-
operation systems.

In this paper we are concerned with tele
-
operation systems for
controlling mobile robots. The control of a robot is in ge
neral a hard
task, since the robot should not harm people or cause damage to
objects existing in its environment. One of the limitations found in
robot controlling is that generally only specialists are able to control
the robot. Hence, there are some work
s in the literature that try to
enhance the interaction among users and robots, making it friendlier.

First we will discuss the
requirements we need for using internet to
control our robot
.


9.2

Internet connection require
ments

1
-


Connection from motherboard to robot through wifi.

2
-


Connection between the motherboard with other remote user laptop
or pc

over the internet.


The following
figure explains

what
the remote user laptop should

have to succeed in such a connection:

11

Ch11 control by internet



internet based smart home robot

Page
146


f
igure

9.
1

block diagram remote user connection

In order to have those requirements we can use one of the following
methods.

9.2.1

Developing web application

The system functioning consist of following steps. The user presents
a requisition to the system by the

interface. The interface sends this
requisition, through the Internet, to a server that runs an autonomous
navigation system. This system receives the requisition

from the
interface and decides
which is the best action to be taken by the
robot.








F
igure

9.
2

navigation system







F
igure
9.
3
autonomous

navigation system


Ch11 control by internet



internet based smart home robot

Page
147



The Web interface shows an environment map, a picture of this
environment and a position of robot in this map. By the interface, the
user can send tasks to be realized by the robot. The user needs

only
to press the mouse in some place of the map for sending the robot to
a new requisition in the map. For the robot goes ahead the user
needs to press in the button "send robot".

The components of the system include a front
-
end HTML form for
entering co
mmands to control the robot, and a Java servlet that
accepts these commands and uses a free open
-
source Java software
kit from FerretTronics to send them through a serial port to your
robot. On the other end of the serial port receiving these commands
will

be a FerretTronics chip, the FT639 Servo

Controller. The FT639
converts the serial data into electric pulses that a servo can
understand. The FT639 sends the signal to the appropriate servo,
which responds by moving to the position specified. We'll assume

that your robot is attached to your serial port and that the computer
you're using is running a Web server that supports Java servlets.



Using the pervious way need a lot of coding and attaching a lot of
languages together so we decided to use a second
way.

9.2.2

Virtual Desktop

9.3

Raspberry Pi




Raspberry Pi is a small, single
-
board computer



size of a credit card



32
-
bit

ARM processor




Fedora

distribution of

Linux

for its default operating system



Programmed with

Python

or any other language that will compile for
ARM v6.



SSH telnet access

Ch11 control by internet



internet based smart home robot

Page
148


9.3.1

Objective


1) Connect
Raspberry Pi with Internet.

2)

Accessing the Raspberry Pi Remotely.

3)
Data transfer from Kinect to Raspberry.


9.3.2

Raspberry Internet Connection Methods



1) USB modem

2) Ethernet Cable

Figure 9.4

Raspberry Internet Connection

kit




9.3.3

Accessing the Raspberry Pi Remotely


What I need before setup?



1.

A Raspberry Pi running the latest

Raspbian “wheezy” image .

2.

The Raspberry Pi should be connected to your home network
and have a internet connection.

3.

A second machine running windows
that you want to use
connect from which is connected to the same home network.



First
Raspberry Pi Setup

Type the following command "sudo apt
-
get install xrdp"

If promoted enter your password (the default is "raspberry")

Type "Y" and press enter.

Ch11 control by internet



internet based smart home robot

Page
149


This is no
w installing xrdp onto your Pi which is the software we are
going to use for the remote desktop connection. Wait for it to
complete.

Restart your Pi. We are going to check that xrdp is going to start up
automatically.

When your Pi has booted to the comma
nd prompt look for [ ok ]
Starting Remote Desktop Protocol server : xrdp sesman. This shows
you that xrdp is installed and automatically starting up on start up of
your Pi

The last step is to make a note of the IP address of your Pi which
should also be d
isplayed on the start up screen. In my case below it
is 192.168.1.9. This is the address of your Pi on your network and
what we will use to connect to your Pi from the second machine.




Second Machine Setup

1.

Launch Remote Desktop Connection
which can
be found at Start
-
>All
Programs
-
>Accessories
-
>Remote
Desktop Connection

2. Type in the IP Address for your Pi
which you noted above.

3. Click Connect (you may get a security
warning at this stage just click OK if you
do.

After all it is your Pi on your n
etwork
so nothing to worry about security
wise).

4. Leave the Module on the default of
sesman
-
Xvnc and enter your username
and password for your Pi.

(The default
is pi and raspberry if you
haven't

changed

them).

5. Click OK and after a few
moments
you
should be greeted

your Raspberry
Pi's desktop
!

Figure 9.5

a)
screen shoot of
remote desk
top connection

b) screen shoot of login to xrdp

6.

When you are finished simply

log
-
out

from the Pi's

desktop.


Ch11 control by internet



internet based smart home robot

Page
150



Figure 9.6


Pi's desktop

9.3.3

Data transfer from Kinect to Raspberry


1
-

kinect higher technology than the kit

2
-

E
ach property in the kinect needs separate connection to
the kit to work

3
-

because of the kit processor any connection with kinect
extremely slow

4
-

even
when the connections applied the system crash all
the time


9.3.4

Conclusion




Using PC instead of Raspberry Pi

9.4

V
NC VS VPN

VPN (Virtual Private Networking) is a software implementation that
allows users to connect computers that are on a large public network
l
ike the internet to behave as if they are connected to the same
switch. In comparison, VNC (Virtual Network Computing) is another
software implementation but for a totally different purpose. VNC is
used to control the desktop of a computer from another com
puter via
the network connection.

Ch11 control by internet



internet based smart home robot

Page
151


VPN is a more advanced version that provides the same
functionalities as tunneling protocols. It allows other applications that
can connect on a local network but does not have the ability to
connect via the internet to ha
ve this capability.


VNC is extremely useful if you need to access your desktop from
somewhere else or if you need to access your files securely from
another computer. One of the more famous applications of VNC is
remote access for support where IT personn
el take control of the
computer to change some settings or to fix a certain problem. Some
large companies provide this to their employees as it is a lot faster
compared to talking them through the whole procedure or having the
IT personnel go to workstatio
n. VNC can also be used by people who
work at home on occasion. With VNC, you can access your work
computer and work as if you are right on your desk.


VNC utilizes a lot of bandwidth because it constantly sends updates
of how the screen appears. If you wa
nt to utilize VNC over the
internet, you would need to have high speed internet connections at
both locations. You would also need to configure things properly,
including the router and firewalls, in order to let the connection
through.


Having a
functional VPN in place makes the whole process a lot
easier as it removes the additional steps that needs to be taken in
order to ensure that the connection is accepted as it should be.

As conclusion:

1.

VPN is a method of creating a private network on top o
f a larger
public network while VNC is software that allows one user on a
computer to control another computer over Ethernet.

2.


VNC is often used on top of VPN to access another running
computer or files on it.

Ch11 control by internet



internet based smart home robot

Page
152


We decided using VPN in a shape of software ba
sed on it instead of
using VNC for many reasons explained as follows:



VPN (Virtual Private Network) can be used on large scale
distances.



VPN technology provides a way of protecting information being
transmitted over the Internet, by allowing users to esta
blish a virtual
private “tunnel” to securely enter an internal network, accessing
resources, data and communications via an insecure network such as
the Internet.

9.5

Using VPN

9.5.1

Overview


There is an increasing demand nowadays to connect to internal
networks
from distant locations. Employees often need to connect to
internal private networks over the Internet (which is by nature
insecure) from home, hotels, airports or from other external networks.
Security becomes a major consideration when staff or business
partners have constant access to internal networks from insecure
external locations
.

VPN (Virtual Private Network) technology provides a way of
protecting information being transmitted over the Internet, by allowing
users to establish a virtual private
“tunnel” to securely enter an
internal network, accessing resources, data and communications via
an insecure network such as the Internet.

We will provide
a general overview of VPN and core VPN
technologies. We will discuss the potential security risks as
well as
the security considerations that need to be taken into account when
implementing a virtual private network.


9.5.2

What is the VPN?

Ch11 control by internet



internet based smart home robot

Page
153



VPN (Virtual Private Network) is a generic term used to describe a
communication network that uses any combination of tec
hnologies to
secure a connection tunneled through an otherwise unsecured or un
trusted network.

Instead of using a dedicated connection, such as leased line, a
"virtual" connection is made between geographically dispersed users
and networks over a shared o
r public network, like the Internet. Data
is transmitted as if it were passing through private connections.

VPN transmits data by means of tunneling. Before a packet is
transmitted, it is encapsulated (wrapped) in a new packet, with a new
header. This hea
der provides routing information so that it can
traverse a shared or public network, before it reaches its tunnel
endpoint. This logical path that the encapsulated packets travel
through is called a tunnel. When each packet reaches the tunnel
endpoint, it
is “decapsulated” and forwarded to its final destination.
Both tunnel endpoints need to support the same tunneling protocol.
Tunneling protocols are operated at either the OSI (Open System
Interconnection) layer two (data
-
link layer), or layer three (netwo
rk
layer). The most commonly used tunneling protocols are IPSec,
L2TP, PPTP and SSL.


A packet with a private non
-
routable IP address can be sent inside a
packet with globally unique IP address, thereby extending a private
network over the Internet.


9.5.3

VPN s
ecurity


VPN uses encryption to provide data confidentiality. Once connected,
the VPN makes use of the tunneling mechanism described above to
encapsulate encrypted data into a secure tunnel, with openly read
headers that can cross a public network. Packets

passed over a
public network in this way are unreadable without proper decryption
Ch11 control by internet



internet based smart home robot

Page
154


keys, thus ensuring that data is not disclosed or changed in any way
during transmission.

VPN can also provide a data integrity check. This is typically
performed using a me
ssage digest to ensure that the data has not
been tampered with during transmission.

By default, VPN does not provide or enforce strong user
authentication. Users can enter a simple username and password to
gain access to an internal private network from h
ome or via other
insecure networks.


9.5.4

Business considerations


VPN is mainly employed by organizations and enterprises in the
following ways:


1.

Remote access VPN: This is a user
-
to
-
network connection for
the home, or from a mobile user wishing to connect to

a corporate
private network from a remote location. This kind of VPN permits
secure, encrypted connections between a corporate private network
and remote users.

2.

Intranet VPN: Here, a VPN is used to make connections among
fixed locations such as branch off
ices. This kind of LAN
-
to
-
LAN VPN
connection joins multiple remote locations into a single private
network.

3.

Extranet VPN: This is where a VPN is used to connect business
partners, such as suppliers and customers, together so as to allow
various parties to
work with secure data in a shared environment.

4.

WAN replacement: Where VPN offers an alternative to WANs
(Wide Area Networks). Maintaining a WAN can become expensive,
especially when networks are geographically dispersed.

Ch11 control by internet



internet based smart home robot

Page
155


VPNs can be broadly categorized as

follows:

1
-


A firewall
-
based VPN is one that is equipped with both firewall
and VPN capabilities. This type of VPN makes use of the security
mechanisms in firewalls to restrict access to an internal network. The
features it provides include address translat
ion, user authentication,
real time alarms and extensive logging.

2
-

A hardware
-
based VPN offers high network throughput, better
performance and more reliability, since there is no processor
overhead. However, it is also more expensive.

3
-

A software
-
based VPN
provides the most flexibility in how traffic
is managed. This type is suitable when VPN endpoints are not
controlled by the same party, and where different firewalls and
routers are used. It can be used with hardware encryption
accelerators to enhance perf
ormance.

4
-

An SSL VPN allows users to connect to VPN devices using a
web browser. The SSL (Secure Sockets Layer) protocol or TLS
(Transport Layer Security) protocol is used to encrypt traffic between
the web browser and the SSL VPN device. One advantage of u
sing
SSL VPNs is ease of use, because all standard web browsers
support the SSL protocol, therefore users do not need to do any
software installation or configuration.



9.5.5

Common VPN tunneling technologies


The following tunneling technologies are commonly
used in VPN:


IPSEC (INTERNET PROTOCOL SECURITY)


Ch11 control by internet



internet based smart home robot

Page
156


IPSec was developed by IETF (the Internet Engineering Task Force)
for secure transfer of information at the OSI layer three across a
public unprotected IP network, such as the Internet. IPSec enables a
syst
em to select and negotiate the required security protocols,
algorithm(s) and secret keys to be used for the services requested.
IPSec provides basic authentication, data integrity and encryption
services to protect unauthorized viewing and modification of
data. It
makes use of two security protocols, AH (Authentication header) and
ESP (Encapsulated Security Payload), for required services.
However, IPSec is limited to only sending IP packets.


PPTP (POINT
-
TO
-
POINT TUNNELING PROTOCOL)


PPTP (Point
-
to
-
Point T
unneling Protocol) is an OSI layer two
protocols built on top of the PPP (Point
-
to
-
point protocol).


PPP is a multi
-
protocol, dial
-
up protocol used to connect to the
Internet. Remote users can access a private network via PPTP by
first dialing into their
local ISP. PPTP connects to the target network
by creating a virtual network for each remote client. PPTP allows a
PPP session, with non
-
TCP/IP protocols (e.g. IP, IPX or NetBEUI), to
be tunneled through an IP network. PPTP is documented in RFC
2637 as an
informational draft.


L2TP (LAYER 2 TUNNELING PROTOCOL)


L2TP (Layer 2Tunnelling Protocol) is a combination of Microsoft
PPTP (Point
-
to
-
Point Tunneling Protocol) and Cisco L2F (Layer 2
Forwarding). L2TP can be used as a tunneling protocol to
Ch11 control by internet



internet based smart home robot

Page
157


encapsulate
PPP (Point
-
to
-
Point Protocol) frames to be sent over IP,
X.25, Frame Relay or ATM networks.


SSL / TLS


SSL / TLS is a transport
-
layer protocol that uses TCP port 443.

There are a number of cryptographic features provided by SSL / TLS
and these include
confidentiality, integrity, and digital signatures
.


An SSL VPN gateway can authenticate itself to the Web user using a
SSL server certificate signed by a trusted CA (Certification Authority),
in order that the user can verify that he / she is talking to a

trusted
server via their browser.

In practice, some SSL VPNs may use a self
-
signed digital certificate
that is not normally trusted in most web browsers. In this case, the
user might need to add the SSL VPN's server certificate to the user's
own list of
trusted certificates, or accept “yes” to trust the certificate.


9.5.6

Risks and limitations of VPN


HACKING ATTACKS


A client machine may become a target of attack, or a staging point for
an attack, from within the connecting network. An intruder could
exploit bugs or mis
-
configuration in a client machine, or use other
types of hacking tools to launch an attack.


Ch11 control by internet



internet based smart home robot

Page
158


USER A
UTHENTICATION


By default VPN does not provide / enforce strong user authentication.
A VPN connection should only be established by an authenticated
user.


If the authentication is not strong enough to restrict unauthorized
access, an unauthorized party could access the connected network
and its resources. Most VPN implementations provide limited
authentication methods.


CLIENT SIDE RISKS


The VPN client
machines of, say, home users may be connected to
the Internet via a standard broadband connection while at the same
time holding a VPN connection to a private network, using split
tunneling. This may pose a risk to the private network being
connected to.


A client machine may also be shared with other parties who are not
fully aware of the security implications.


VIRUS / MALWARE INFECTIONS


A connecting network can be compromised if the client side is
infected with a virus. If a virus or spyware infects a
client machine,
there is chance that the password for the VPN connection might be
leaked to an attacker.

Ch11 control by internet



internet based smart home robot

Page
159



In the case of an intranet or extranet VPN connection, if one network
is infected by a virus or worm, that virus / worm can be spread quickly
to othe
r networks if anti
-
virus protection systems are ineffective.


9.5.7

Security considerations


The following are security features to look for when choosing a VPN
product:


1.

Su
pport for strong authentication
.

2.

Industry
-
proven strong encryption algorithms, with long key
strength support to protect data confidentiality during transmission.

3.

Support for anti
-
virus software, and intrusion detection /
prevention features.

4.

Strong default security for all
administration / maintenance
ports.

5.

Digital certificate support, such as using certificates for site to
site authentication

6.

Address management support, such as the capability to assign
a client address on the private network and ensuring all addresses
are

kept private.





Ch11 control by internet



internet based smart home robot

Page
160


9.5.8

Conclusion


VPN provides a means of accessing a secure, private, internal
network over insecure public networks such as the Internet.

A number of VPN technologies have been outlined, among which
IPSec and SSL VPN are the most common.

A
lthough a secure communication channel can be opened and
tunneled through an insecure network via VPN, client side security
should not be overlooked.

9.6

The VPN based software used


TeamViewer



Ch11 control by internet



internet based smart home robot

Page
161



Figure 9.7

TeamViewer on different machine types


TeamViewer is a free tool that makes it incredibly easy to set and use
a VPN connection; a Virtual Private Network that lets you take
complete control of another PC from your own computer, whether
they're separated by a soda can or a continent (and as long

as both
machines are running TeamViewer).


It enables two
-
way connections in which users can flip control back
and forth. TeamViewer also lets you hold virtual meetings with
multiple participants (again, they all must have TeamViewer
installed).


After a

while, the bugs get squashed pretty firmly. But TeamViewer is
free to non
-
commercial users. That means you can use it to access
your work and home PCs remotely, of course.

Ch11 control by internet



internet based smart home robot

Page
162


TeamViewer provides a user name and password for each machine.
You simply need to e
nter each machine's numbers in the other to
create a connection.


The host PC's screen displays the remote PC's desktop in a window,
and the host machine's mouse and keyboard control the remote PC's
counterparts.

We could open folders, files, and program
s; run processes; and
change settings: anything we could do with the remote machine's
own controls, we could do from our main PC's controls, too, with
TeamViewer.

TeamViewer offers some useful options; for instance, you can limit it
to file transfers if yo
u don't need total control.










Ch11 control by internet



internet based smart home robot

Page
163


Figure 9.8

The main usage of the software




Figure 9.9


The starting window of the software



Ch11 control by internet



internet based smart home robot

Page
164





Figure 9.
10


Screen shot of the controlled desktop after applying teamViewer




Set
ting

up the software on both the user
laptop

which will be in any
place in the world

and the mother board controlling the robot will
allow the user to access the desktop of the mother board which
contains all the
software programs that control the entire robot.