A Secure SSM Architecture

Colloque avec actes et comité de lecture. internationale.International audienceThe SSM model is appeared in order to overcome the problems of deployment of IP multicast. However, a real commercial deployment of SSM have to offer some security services. Our work proposes an architecture, called S-SSM, for securing the SSM model. S-SSM defines two mechanisms for access control and content protection. The first one is carried out through subscriber authentication and access permission. As for the second, it is realized through the management of a unique key, called the channel key, k_ch, shared among the sender and subscribers. We have implemented a prototype of S-SSM in order to prove the feasability and evaluate the performance of our design

Dynamic accelerator provisioning for SSH tunnels in NFV environments

In this demonstration, we present dynamic allocation of accelerator resources to SSH tunnels in an NFV environment. In order to accelerate a VNF, its compute-intensive operations are offloaded to hardware cores running on an FPGA. The CPU utilization information of VNFs is continuously processed by a service management component to dynamically decide the suitable target to run VNF's crypto-operations. We also demonstrate switching between the non-accelerated and hardware-accelerated SSH-tunnels triggered by a change in the nature of the data traffic flowing through the tunnel and indicate throughput gains obtainable in dynamically switching contexts

APEL SSM USER GUIDE

The SSM (Secure STOMP Messenger) is used to send messages between computers using the STOMP protocol. It acts as both a sender and a receiver; only the sending component is supported in EM

Options for Securing RTP Sessions

The Real-time Transport Protocol (RTP) is used in a large number of different application domains and environments. This heterogeneity implies that different security mechanisms are needed to provide services such as confidentiality, integrity, and source authentication of RTP and RTP Control Protocol (RTCP) packets suitable for the various environments. The range of solutions makes it difficult for RTP-based application developers to pick the most suitable mechanism. This document provides an overview of a number of security solutions for RTP and gives guidance for developers on how to choose the appropriate security mechanism

The Single Supervisory Mechanism - Panacea or Quack Banking Regulation? : preliminary assessment of the evolving regime for the prudential supervision of banks with ECB involvement : [Version: 16 August 2013]

This paper analyzes the evolving architecture for the prudential supervision of banks in the euro area. It is primarily concerned with the likely effectiveness of the SSM as a regime that intends to bolster financial stability in the steady state. By using insights from the political economy of bureaucracy it finds that the SSM is overly focused on sharp tools to discipline captured national supervisors and thus underincentives their top-level personnel to voluntarily contribute to rigid supervision. The success of the SSM in this regard will hinge on establishing a common supervisory culture that provides positive incentives for national supervisors. In this regard, the internal decision making structure of the ECB in supervisory matters provides some integrative elements. Yet, the complex procedures also impede swift decision making and do not solve the problem adequately. Ultimately, a careful design and animation of the ECB-defined supervisory framework and the development of inter-agency career opportunities will be critical. The ECB will become a de facto standard setter that competes with the EBA. A likely standoff in the EBA’s Board of Supervisors will lead to a growing gap in regulatory integration between SSM-participants and other EU Member States. Joining the SSM as a non-euro area Member State is unattractive because the current legal framework grants no voting rights in the ECB’s ultimate decision making body. It also does not supply a credible commitment opportunity for Member States who seek to bond to high quality supervision

The Single Supervisory Mechanism – Panacea or Quack Banking Regulation? : Preliminary assessments of the evolving regime for the prudential supervision of banks with the ECB involvement (August 16, 2013)

This paper analyzes the evolving architecture for the prudential supervision of banks in the euro area. It is primarily concerned with the likely effectiveness of the SSM as a regime that intends to bolster financial stability in the steady state. By using insights from the political economy of bureaucracy it finds that the SSM is overly focused on sharp tools to discipline captured national supervisors and thus under-incentives their top-level personnel to voluntarily contribute to rigid supervision. The success of the SSM in this regard will hinge on establishing a common supervisory culture that provides positive incentives for national supervisors. In this regard, the internal decision making structure of the ECB in supervisory matters provides some integrative elements. Yet, the complex procedures also impede swift decision making and do not solve the problem adequately. Ultimately, a careful design and animation of the ECB-defined supervisory framework and the development of inter-agency career opportunities will be critical. The ECB will become a de facto standard setter that competes with the EBA. A likely standoff in the EBA’s Board of Supervisors will lead to a growing gap in regulatory integration between SSM-participants and other EU Member States. Joining the SSM as a non-euro area Member State is unattractive because the cur-rent legal framework grants no voting rights in the ECB’s ultimate decision making body. It also does not supply a credible commitment opportunity for Member States who seek to bond to high quality supervision

APEL CLIENT FUNCTIONAL DESCRIPTION

APEL (Accounting Processor for Event Logs) gathers CPU accounting information by parsing batch system and blah accounting log files and inserting the data into a local MySQL database. APEL then publishes the data into a centralized repositor

TINA as a virtual market place for telecommunication and information services: the VITAL experiment

The VITAL (Validation of Integrated Telecommunication Architectures for the Long-Term) project has defined, implemented and demonstrated an open distributed telecommunication architecture (ODTA) for deploying, managing and using a set of heterogeneous multimedia, multi-party, and mobility services. The architecture was based on the latest specifications released by TINA-C. The architecture was challenged in a set of trials by means of a heterogeneous set of applications. Some of the applications were developed within the project from scratch, while some others focused on integrating commercially available applications. The applications were selected in such a way as to assure full coverage of the architecture implementation and reflect a realistic use of it. The VITAL experience of refining and implementing TINA specifications and challenging the resulting platform by a heterogeneous set of services has proven the openness, flexibility and reusability of TINA. This paper describes the VITAL approach when choosing the different services and how they challenge and interact with the architecture, focusing especially on the service architecture and the Ret reference point definitions. The VITAL adjustments and enhancements to the TINA architecture are described. This paper contributes to proving that the TINA-based VITAL ODTA allows for easy and cost-effective development and deployment of advanced end-user and operator services, and can indeed act as the basis for a virtual market place for telecommunications service

Reflections on security options for the real-time transport protocol framework

The Real-time Transport Protocol (RTP) supports a range of video conferencing, telephony, and streaming video ap- plications, but offers few native security features. We discuss the problem of securing RTP, considering the range of applications. We outline why this makes RTP a difficult protocol to secure, and describe the approach we have recently proposed in the IETF to provide security for RTP applications. This approach treats RTP as a framework with a set of extensible security building blocks, and prescribes mandatory-to-implement security at the level of different application classes, rather than at the level of the media transport protocol