Secure communication using dynamic VPN provisioning in an Inter-Cloud environment

Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualised computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud enviroment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the srevice owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offer a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and flexibility of peer- to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results carried out on two commercial clouds

Taxonomy of P2P Applications

Peer-to-peer (p2p) networks have gained immense popularity in recent years and the number of services they provide continuously rises. Where p2p-networks were formerly known as file-sharing networks, p2p is now also used for services like VoIP and IPTV. With so many different p2p applications and services the need for a taxonomy framework rises. This paper describes the available p2p applications grouped by the services they provide. A taxonomy framework is proposed to classify old and recent p2p applications based on their characteristics

A new security architecture for SIP based P2P computer networks

Many applications are transferred from C/S (Client/Server) mode to P2P (Peer-to-Peer) mode such as VoIP (Voice over IP). This paper presents a new security architecture, i.e. a trustworthy authentication algorithm of peers, for Session Initialize Protocol (SIP) based P2P computer networks. A mechanism for node authentication using a cryptographic primitive called one-way accumulator is proposed to secure the P2P SIP computer networks. It leverages the distributed nature of P2P to allow for distributed resource discovery and rendezvous in a SIP network, thus eliminating (or at least reducing) the need for centralized servers. The distributed node authentication algorithm is established for the P2P SIP computer networks. The corresponding protocol has been implemented in our P2P SIP experiment platform successfully. The performance study has verified the proposed distributed node authentication algorithm for SIP based P2P computer networks

GPU peer-to-peer techniques applied to a cluster interconnect

Modern GPUs support special protocols to exchange data directly across the PCI Express bus. While these protocols could be used to reduce GPU data transmission times, basically by avoiding staging to host memory, they require specific hardware features which are not available on current generation network adapters. In this paper we describe the architectural modifications required to implement peer-to-peer access to NVIDIA Fermi- and Kepler-class GPUs on an FPGA-based cluster interconnect. Besides, the current software implementation, which integrates this feature by minimally extending the RDMA programming model, is discussed, as well as some issues raised while employing it in a higher level API like MPI. Finally, the current limits of the technique are studied by analyzing the performance improvements on low-level benchmarks and on two GPU-accelerated applications, showing when and how they seem to benefit from the GPU peer-to-peer method.Comment: paper accepted to CASS 201

H-P2PSIP: Interconnection of P2PSIP domains for Global Multimedia Services based on a Hierarchical DHT Overlay Network

The IETF P2PSIP WG is currently standardising a protocol for distributed mul- timedia services combining the media session functionality of SIP and the decentralised distribution and localisation of resources in peer-to-peer networks. The current P2PSIP scenarios only consider the infrastructure for the connectivity inside a single domain. This paper proposes an extension of the current work to a hierarchical multi-domain scenario: a two level hierarchical peer-to-peer overlay architecture for the interconnection of different P2PSIP domains. The purpose is the creation of a global decentralised multimedia services in enterprises, ISPs or community networks. We present a study of the Routing Performance and Routing State in the particular case of a two-level Distributed Hash Table Hierarchy that uses Kademlia. The study is supported by an analytical model and its validation by a peer-to-peer simulator.En prens

Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems