cc 14(2): e4

Research Article

TinCan: User-Defined P2P Virtual Network Overlays for Ad-hoc Collaboration

Download1601 downloads
  • @ARTICLE{10.4108/cc.1.2.e4,
        author={Pierre St Juste and Kyuho Jeong and Heungsik Eom and Corey Baker and Renato Figueiredo},
        title={TinCan: User-Defined P2P Virtual Network Overlays for Ad-hoc Collaboration},
        journal={EAI Endorsed Transactions on Collaborative Computing},
        keywords={vpn, peer-to-peer, networking, privacy, virtual organization},
  • Pierre St Juste
    Kyuho Jeong
    Heungsik Eom
    Corey Baker
    Renato Figueiredo
    Year: 2014
    TinCan: User-Defined P2P Virtual Network Overlays for Ad-hoc Collaboration
    DOI: 10.4108/cc.1.2.e4
Pierre St Juste1,*, Kyuho Jeong1, Heungsik Eom1, Corey Baker2, Renato Figueiredo1
  • 1: Advanced Computing and Information Systems Lab
  • 2: Wireless and Mobile Systems Lab Electrical and Computer Engineering, University of Florida, Gainesville, FL, 32611, USA
*Contact email:


Virtual private networking (VPN) has become an increasingly important component of a collaboration environment because it ensures private, authenticated communication among participants, using existing collaboration tools, where users are distributed across multiple institutions and can be mobile. The majority of current VPN solutions are based on a centralized VPN model, where all IP traffic is tunneled through a VPN gateway. Nonetheless, there are several use case scenarios that require a model where end-to-end VPN links are tunneled upon existing Internet infrastructure in a peer-to-peer (P2P) fashion, removing the bottleneck of a centralized VPN gateway. We propose a novel virtual network — TinCan — based on peerto-peer private network tunnels. It reuses existing standards and implementations of services for discovery notification (XMPP), reflection (STUN) and relaying (TURN), facilitating configuration. In this approach, trust relationships maintained by centralized (or federated) services are automatically mapped to TinCan links. In one use scenario, TinCan allows unstructured P2P overlays connecting trusted end-user devices — while only requiring VPN software on user devices and leveraging online social network (OSN) infrastructure already widely deployed. This paper describes the architecture and design of TinCan and presents an experimental evaluation of a prototype supporting Windows, Linux, and Android mobile devices. Results quantify the overhead introduced by the network virtualization layer, and the resource requirements imposed on services needed to bootstrap TinCan links.