Easy management and user interconnection across Grid sites

Dissertação de mestrado em Engenharia de InformáticaDistributed computing systems are undoubtedly a powerful resource,providing functions that no other system can do. However, their inherent complexity can lead many users and institutions not to consider these systems when faced by challenges posed by the deployment and administration tasks. The first solution for this problem is the European Grid Initiative (EGI) roll, a tool that simplifies and streamlines those tasks, by extending the tools that are currently available for cluster administration to the grid. It allows the infrastructure to be easily scaled and adopted by the institutions that are involved in grid projects such as EGI. The second part of this work consists of a platform that enables the interconnection of computing assets from multiple sources to create a unified pool of resources. It addresses the challenge of building a global computing infrastructure by providing a communication overlay able to deal with the existence of computing facilities located behind NAT devices. The integration of these two tools results in a solution that not only scales the infrastructure by simplifying the deployment and administration, but also enables the interconnection of those resources

The design of efficient and secure P2PSIP systems

Doktorgradsavhandling i informasjons- og kommunikasjonsteknologi, Universitetet i Agder, Grimstad, 201

Enabling technologies for decentralized interpersonal communication

In the recent years the Internet users have witnessed the emergence of Peer-to-Peer (P2P) technologies and applications. One class of P2P applications is comprised of applications that are targeted for interpersonal communication. The communication applications that utilize P2P technologies are referred to as decentralized interpersonal communication applications. Such applications are decentralized in a sense that they do not require assistance from centralized servers for setting up multimedia sessions between users. The invention of Distributed Hash Table (DHT) algorithms has been an important, but not an inclusive enabler for decentralized interpersonal communication. Even though the DHTs provide a basic foundation for decentralization, there are still a number of challenges without viable technological solutions. The main contribution of this thesis is to propose technological solutions to a subset of the existing challenges. In addition, this thesis also presents the preliminary work for the technological solutions. There are two parts in the preliminary work. In the first part, a set of DHT algorithms are evaluated from the viewpoint of decentralized interpersonal communication, and the second part gives a coherent presentation of the challenges that a decentralized interpersonal communication application is going to encounter in mobile networks. The technological solution proposals contain two architectures and two algorithms. The first architecture enables an interconnection between a decentralized and a centralized communication network, and the second architecture enables the decentralization of a set of legacy applications. The first algorithm is a load balancing algorithm that enables good scalability, and the second algorithm is a search algorithm that enables arbitrary searches. The algorithms can be used, for example, in DHT-based networks. Even though this thesis has focused on the decentralized interpersonal communication, some of the proposed technological solutions also have general applicability outside the scope of decentralized interpersonal communication

Enabling technologies for decentralized interpersonal communication

In the recent years the Internet users have witnessed the emergence of Peer-to-Peer (P2P) technologies and applications. One class of P2P applications is comprised of applications that are targeted for interpersonal communication. The communication applications that utilize P2P technologies are referred to as decentralized interpersonal communication applications. Such applications are decentralized in a sense that they do not require assistance from centralized servers for setting up multimedia sessions between users. The invention of Distributed Hash Table (DHT) algorithms has been an important, but not an inclusive enabler for decentralized interpersonal communication. Even though the DHTs provide a basic foundation for decentralization, there are still a number of challenges without viable technological solutions. The main contribution of this thesis is to propose technological solutions to a subset of the existing challenges. In addition, this thesis also presents the preliminary work for the technological solutions. There are two parts in the preliminary work. In the first part, a set of DHT algorithms are evaluated from the viewpoint of decentralized interpersonal communication, and the second part gives a coherent presentation of the challenges that a decentralized interpersonal communication application is going to encounter in mobile networks. The technological solution proposals contain two architectures and two algorithms. The first architecture enables an interconnection between a decentralized and a centralized communication network, and the second architecture enables the decentralization of a set of legacy applications. The first algorithm is a load balancing algorithm that enables good scalability, and the second algorithm is a search algorithm that enables arbitrary searches. The algorithms can be used, for example, in DHT-based networks. Even though this thesis has focused on the decentralized interpersonal communication, some of the proposed technological solutions also have general applicability outside the scope of decentralized interpersonal communication

A Secure Peer-to-Peer Application Framework

The nature of the Internet has changed dramatically. From a modest research network, it has evolved into one of the most important fabrics of our modern society, affecting the lives of billions each day. We rely on it for everything from performing our daily chores to accessing rich media and keeping in touch with our friends. Despite this change, service provisioning has largely remained intact. Services are provided in a centralized manner, resulting in bottlenecks and vulnerable collections of, often unwittingly, submitted sensitive information. Peer-to-peer (P2P) technologies have the potential to provide a better alternative for future networking. P2P services distribute the load from a single node to a network of peers, relying on the resources of the end-users themselves. Not only does it remove the bottlenecks, it has the potential to provide a more personal and safe networking environment. In this dissertation, we inspect the feasibility and implications of a generic, cross-application, P2P framework. We present the design and implementation of a framework that uses existing infrastructure and advanced networking protocols to create a secure environment. Using this framework, applications are able to benefit from P2P networking without having to deploy new infrastructure or implement complex connection- and identity management. Users benefit from using a single, strong, cross-application identity management and having better control over their data. This improves the trust within the system and enables new ways of dealing with security threats. We demonstrate the feasibility of the framework by evaluating the performance and usability of the prototype implementation. This provides a model for future networking applications and insight into the security and usability issues these will face

Eş düğümler arası ağlarda çoklu ortam verilerinin gerçek zamanlı iletimi için yeni bir yöntem

06.03.2018 tarihli ve 30352 sayılı Resmi Gazetede yayımlanan “Yükseköğretim Kanunu İle Bazı Kanun Ve Kanun Hükmünde Kararnamelerde Değişiklik Yapılması Hakkında Kanun” ile 18.06.2018 tarihli “Lisansüstü Tezlerin Elektronik Ortamda Toplanması, Düzenlenmesi ve Erişime Açılmasına İlişkin Yönerge” gereğince tam metin erişime açılmıştır.İnternet kullanıcılarının gerçek zamanlı ortam verilerini paylaşma ihtiyacı her geçen gün artmaktadır. Artan bu ihtiyacın karşılanmasında, klasik istemci-sunucu mimarisi pek çok parametreden dolayı istenilen verimi sağlayamamaktadır. Bu nedenle kullanıcılar bulundukları ağ yapılarından bağımsız olarak birbirleri ile doğrudan iletişim kurabilmelidirler. Bu nedenle eş düğümler arası iletişim için sorun oluşturan durumların belirlenmesi ve araştırmacılar tarafından uygun yöntemlerin ortaya konulması gerekmektedir. Eş düğümler arası iletişimde karşımıza çıkan temel sorunların başında ağ adres dönüştürücü ve güvenlik duvarı gibi özel ağ oluşturan cihazların arkasındaki istemcilere kamusal ağdan erişilememesi gelmektedir. Bu sorunun çözümüne yönelik literatürde öne sürülen çözüm önerilerinin değişik avantaj ve dezavantajları bulunmaktadır. Bu çözüm önerilerinden İnteraktif Bağlantı Kurulumu ve Gerçek Zamanlı Medya Akış Protokolü, gerek internet altyapısından bağımsız oluşları, gerekse de dinamik yapılar için uygunlukları ile öne çıkmaktadırlar. Yapılan çalışma ile ağ adres dönüştürücü geçişi için tüm adımların tanımlandığı bir yöntem geliştirilerek eş düğümler arası ağlarda çoklu ortam verilerinin iletiminde uçtan uca tam bir model ortaya konulmuş ve "Durum Tabanlı Ağ Adres Dönüştürücü Geçişi" olarak isimlendirilmiştir. Geliştirilen model ile İnteraktif Bağlantı Kurulumu protokolünün bağlantı kurulum süresi, band genişliği ve paket kullanımı parametreleri iyileştirilmiştir.The usage of peer-to-peer (P2P) networks that provide sharing of real-time environmental data by internet users is becoming more and more popular. As a result, it is necessary to identify the problems during P2P communication and to develop proper solutions. One of the major problems of P2P communication is that it is not possible to reach the clients behind devices that create private networks like network address translation (NAT) and firewalls from the public network. Among the solutions proposed for this problem, Interactivity Connectivity Establishment (ICE) and Real Time Media Flow Protocol (RTMFP) are the methods most preferred in the literature. These methods seem more attractive than other NAT traversal mechanisms since they are independent from internet infrastructure and are also appropriate for dynamic structures. However, they do have some disadvantages. With this thesis work, a new state-based end-to-end communication technique (SBN) for NAT traversal has been designed and realized. The performance of the designed method was evaluated against three criteria connectivity check delay, connection packet count and bandwidth and compared to the ICE method

Structured Peer-to-Peer Overlays for NATed Churn Intensive Networks

The wide-spread coverage and ubiquitous presence of mobile networks has propelled the usage and adoption of mobile phones to an unprecedented level around the globe. The computing capabilities of these mobile phones have improved considerably, supporting a vast range of third party applications. Simultaneously, Peer-to-Peer (P2P) overlay networks have experienced a tremendous growth in terms of usage as well as popularity in recent years particularly in fixed wired networks. In particular, Distributed Hash Table (DHT) based Structured P2P overlay networks offer major advantages to users of mobile devices and networks such as scalable, fault tolerant and self-managing infrastructure which does not exhibit single points of failure. Integrating P2P overlays on the mobile network seems a logical progression; considering the popularities of both technologies. However, it imposes several challenges that need to be handled, such as the limited hardware capabilities of mobile phones and churn (i.e. the frequent join and leave of nodes within a network) intensive mobile networks offering limited yet expensive bandwidth availability. This thesis investigates the feasibility of extending P2P to mobile networks so that users can take advantage of both these technologies: P2P and mobile networks. This thesis utilises OverSim, a P2P simulator, to experiment with the performance of various P2P overlays, considering high churn and bandwidth consumption which are the two most crucial constraints of mobile networks. The experiment results show that Kademlia and EpiChord are the two most appropriate P2P overlays that could be implemented in mobile networks. Furthermore, Network Address Translation (NAT) is a major barrier to the adoption of P2P overlays in mobile networks. Integrating NAT traversal approaches with P2P overlays is a crucial step for P2P overlays to operate successfully on mobile networks. This thesis presents a general approach of NAT traversal for ring based overlays without the use of a single dedicated server which is then implemented in OverSim. Several experiments have been performed under NATs to determine the suitability of the chosen P2P overlays under NATed environments. The results show that the performance of these overlays is comparable in terms of successful lookups in both NATed and non-NATed environments; with Kademlia and EpiChord exhibiting the best performance. The presence of NATs and also the level of churn in a network influence the routing techniques used in P2P overlays. Recursive routing is more resilient to IP connectivity restrictions posed by NATs but not very robust in high churn environments, whereas iterative routing is more suitable to high churn networks, but difficult to use in NATed environments. Kademlia supports both these routing schemes whereas EpiChord only supports the iterating routing. This undermines the usefulness of EpiChord in NATed environments. In order to harness the advantages of both routing schemes, this thesis presents an adaptive routing scheme, called Churn Aware Routing Protocol (ChARP), combining recursive and iterative lookups where nodes can switch between recursive and iterative routing depending on their lifetimes. The proposed approach has been implemented in OverSim and several experiments have been carried out. The experiment results indicate an improved performance which in turn validates the applicability and suitability of ChARP in NATed environments

Distributed resource discovery: architectures and applications in mobile networks

As the amount of digital information and services increases, it becomes increasingly important to be able to locate the desired content. The purpose of a resource discovery system is to allow available resources (information or services) to be located using a user-defined search criterion. This work studies distributed resource discovery systems that guarantee all existing resources to be found and allow a wide range of complex queries. Our goal is to allocate the load uniformly between the participating nodes, or alternatively to concentrate the load in the nodes with the highest available capacity. The first part of the work examines the performance of various existing unstructured architectures and proposes new architectures that provide features especially valuable in mobile networks. To reduce the network traffic, we use indexing, which is particularly useful in scenarios, where searches are frequent compared to resource modifications. The ratio between the search and update frequencies determines the optimal level of indexing. Based on this observation, we develop an architecture that adjusts itself to changing network conditions and search behavior while maintaining optimal indexing. We also propose an architecture based on large-scale indexing that we later apply to resource sharing within a user group. Furthermore, we propose an architecture that relieves the topology constraints of the Parallel Index Clustering architecture. The performance of the architectures is evaluated using simulation. In the second part of the work we apply the architectures to two types of mobile networks: cellular networks and ad hoc networks. In the cellular network, we first consider scenarios where multiple commercial operators provide a resource sharing service, and then a scenario where the users share resources without operator support. We evaluate the feasibility of the mobile peer-to-peer concept using user opinion surveys and technical performance studies. Based on user input we develop access control and group management algorithms for peer-to-peer networks. The technical evaluation is performed using prototype implementations. In particular, we examine whether the Session Initiation Protocol can be used for signaling in peer-to-peer networks. Finally, we study resource discovery in an ad hoc network. We observe that in an ad hoc network consisting of consumer devices, the capacity and mobility among nodes vary widely. We utilize this property in order to allocate the load to the high-capacity nodes, which serve lower-capacity nodes. We propose two methods for constructing a virtual backbone connecting the nodes

Modular wireless networks for infrastructure-challenged environments

While access to Internet and cellular connectivity is easily achieved in densely-populated areas, provisioning of communication services is much more challenging in remote rural areas. At the same time Internet access is of critical importance to residents of such rural communities. People's curiosity and realization of the opportunities provided by Internet and cellular access is the key ingredient to adoption. However, poor network performance can easily impede the process of adoption by discouraging people to access and use connectivity. With this in mind, we evaluate performance and adoption of various connectivity technologies in rural developing regions and identify avenues that need immediate attention to guarantee smoother technology adoption. In light of this analysis we propose novel system designs that meet these needs. In this thesis we focus on cellular and broadband Internet connectivity. Commercial cellular networks are highly centralized, which requires costly backhaul. This, coupled with high price for equipment, maintenance and licensing renders cellular network access commercially-infeasible in rural areas. At the same time rural cellular communications are highly local: 70% of the rural-residential calls have an originator-destination pair within the same antenna. In line with this observation we design a low-cost cellular network architecture dubbed Kwiizya, to provide local voice and text messaging services in a rural community. Where outbound connectivity is available, Kwiizya can provide global services. While commercial networks are becoming more available in rural areas they are often out of financial reach of rural residents. Furthermore, these networks typically provide only basic voice and SMS services and no mobile data. To address these challenges, our proposed work allows Kwiizya to operate in coexistence with commercial cellular networks in order to extend local coverage and provide more advanced services that are not delivered by the commercial networks. Internet connectivity in rural areas is typically provided through slow satellite links. The challenges in performance and adoption of such networks have been previously studied. We add a unique dataset and consequent analysis to this spectrum of work, which captures the upgrade of the gateway connectivity in the rural community of Macha, Zambia from a 256kbps satellite link to a more capable 2Mbps terrestrial link. We show that the improvement in performance and user experience is not necessarily proportional to the bandwidth increase. While this increase improved the network usability, it also opened opportunities for adoption of more demanding services that were previously out of reach. As a result the network performance was severely degraded over the long term. To address these challenges we employ white space communication both for connectivity to more capable remote gateways, as well as for end user connectivity. We develop VillageLink, a distributed method that optimizes channel allocation to maximize throughput and enables both remote gateway access as well as end user coverage. While VillageLink features lightweight channel probing, we also consider external sources of channel availability. We design a novel approach for estimation of channel occupancy called TxMiner, which is capable of extracting transmitter characteristics from raw spectrum measurements. We study the adoption and implications of network connectivity in rural communities. In line with the results of our analyses we design and build system architectures that are geared to meet critical needs in these communities. While the focus of analysis in this thesis is on rural sub-Saharan Africa, the proposed designs and system implementations are more general and can serve in infrastructure-challenged communities across the world

System-on-chip architecture for secure sub-microsecond synchronization systems

213 p.En esta tesis, se pretende abordar los problemas que conlleva la protección cibernética del Precision Time Protocol (PTP). Éste es uno de los protocolos de comunicación más sensibles de entre los considerados por los organismos de estandarización para su aplicación en las futuras Smart Grids o redes eléctricas inteligentes. PTP tiene como misión distribuir una referencia de tiempo desde un dispositivo maestro al resto de dispositivos esclavos, situados dentro de una misma red, de forma muy precisa. El protocolo es altamente vulnerable, ya que introduciendo tan sólo un error de tiempo de un microsegundo, pueden causarse graves problemas en las funciones de protección del equipamiento eléctrico, o incluso detener su funcionamiento. Para ello, se propone una nueva arquitectura System-on-Chip basada en dispositivos reconfigurables, con el objetivo de integrar el protocolo PTP y el conocido estándar de seguridad MACsec para redes Ethernet. La flexibilidad que los modernos dispositivos reconfigurables proporcionan, ha sido aprovechada para el diseño de una arquitectura en la que coexisten procesamiento hardware y software. Los resultados experimentales avalan la viabilidad de utilizar MACsec para proteger la sincronización en entornos industriales, sin degradar la precisión del protocolo