Decentralised Internet infrastructure: Securing inter-domain routing (DEMO)

The Border Gateway Protocol (BGP) is the inter-domain routing protocol that glues the Internet. BGP does not incorporate security and instead, it relies on careful configuration and manual filtering to offer some protection. As a consequence, the current inter-domain routing infrastructure is partially vulnerable to prefix and path hijacks as well as in misconfigurations that results in route leaks. There are many instances of these vulnerabilities being exploited by malicious actors on the Internet, resulting in disruption of services. To address this issue the IETF has designed RPKI, a centralised trust architecture that relies on Public Key Infrastructure. RPKI has slow adoption and its centralised nature is problematic: network administrators are required to trust CAs and do not have the ultimate control of their own critical Internet resources (e.g,. IP blocks, AS Numbers). In this context, we have built the Decentralised Internet Infrastructure (DII), a distributed ledger to securely store inter-domain routing information. The main advantages of DII are (i) it offers flexible trust models where the Internet community can define the rules of a consensus algorithm that properly reflects the power balance of its members and, (ii) offers protection against vulnerabilities (path hijack and route leaks) that goes well beyond what RPKI offers. We have deployed the prototype on the wild in a worldwide testbed including 7 ASes, we will use the testbed to demonstrate in a realistic scenario how allocation and delegation of Internet resources in DII work, and how this protects ASes against artificially produced path and prefix hijack as well as a route leak.This work was partially supported by the Spanish MINECO under contract TEC2017-90034-C2-1-R (ALLIANCE) and the Catalan Institution for Research and Advanced Studies (ICREA).Peer ReviewedPostprint (author's final draft

An SLA-driven framework for dynamic multimedia content delivery federations

Recently, the Internet has become a popular platform for the delivery of multimedia content. However, its best effort delivery approach is ill-suited to guarantee the stringent Quality of Service (QoS) requirements of many existing multimedia services, which results in a significant reduction of the Quality of Experience. This paper presents a solution to these problems, in the form of a framework for dynamically setting up federations between the stakeholders involved in the content delivery chain. More specifically, the framework provides an automated mechanism to set up end-to-end delivery paths from the content provider to the access Internet Service Providers (ISPs), which act as its direct customers and represent a group of end-users. Driven by Service Level Agreements (SLAs), QoS contracts are automatically negotiated between the content provider, the access ISPs, and the intermediary network domains along the delivery paths. These contracts capture the delivered QoS and resource reservation costs, which are subsequently used in the price negotiations between content provider and access ISPs. Additionally, it supports the inclusion of cloud providers within the federations, supporting on-the-fly allocation of computational and storage resources. This allows the automatic deployment and configuration of proxy caches along the delivery paths, which potentially reduce delivery costs and increase delivered quality

State-of-the-art in Power Line Communications: from the Applications to the Medium

In recent decades, power line communication has attracted considerable attention from the research community and industry, as well as from regulatory and standardization bodies. In this article we provide an overview of both narrowband and broadband systems, covering potential applications, regulatory and standardization efforts and recent research advancements in channel characterization, physical layer performance, medium access and higher layer specifications and evaluations. We also identify areas of current and further study that will enable the continued success of power line communication technology.Comment: 19 pages, 12 figures. Accepted for publication, IEEE Journal on Selected Areas in Communications. Special Issue on Power Line Communications and its Integration with the Networking Ecosystem. 201

FedRR: a federated resource reservation algorithm for multimedia services

The Internet is rapidly evolving towards a multimedia service delivery platform. However, existing Internet-based content delivery approaches have several disadvantages, such as the lack of Quality of Service (QoS) guarantees. Future Internet research has presented several promising ideas to solve the issues related to the current Internet, such as federations across network domains and end-to-end QoS reservations. This paper presents an architecture for the delivery of multimedia content across the Internet, based on these novel principles. It facilitates the collaboration between the stakeholders involved in the content delivery process, allowing them to set up loosely-coupled federations. More specifically, the Federated Resource Reservation (FedRR) algorithm is proposed. It identifies suitable federation partners, selects end-to-end paths between content providers and their customers, and optimally configures intermediary network and infrastructure resources in order to satisfy the requested QoS requirements and minimize delivery costs

Resilient availability and bandwidth-aware multipath provisioning for media transfer over the internet (Best Paper Award)

Traditional routing in the Internet is best-effort. Path differentiation including multipath routing is a promising technique to be used for meeting QoS requirements of media intensive applications. Since different paths have different characteristics in terms of latency, availability and bandwidth, they offer flexibility in QoS and congestion control. Additionally protection techniques can be used to enhance the reliability of the network. This paper studies the problem of how to optimally find paths ensuring maximal bandwidth and resiliency of media transfer over the network. In particular, we propose two algorithms to reserve network paths with minimal new resources while increasing the availability of the paths and enabling congestion control. The first algorithm is based on Integer Linear Programming which minimizes the cost of the paths and the used resources. The second one is a heuristic-based algorithm which solves the scalability limitations of the ILP approach. The algorithms ensure resiliency against any single link failure in the network. The experimental results indicate that using the proposed schemes the connections availability improve significantly and a more balanced load is achieved in the network compared to the shortest path-based approaches

Decentralized trust in the inter-domain routing infrastructure

Inter-domain routing security is of critical importance to the Internet since it prevents unwanted traffic redirections. The current system is based on a Public Key Infrastructure (PKI), a centralized repository of digital certificates. However, the inherent centralization of such design creates tensions between its participants and hinders its deployment. In addition, some technical drawbacks of PKIs delay widespread adoption. In this paper we present IPchain, a blockchain to store the allocations and delegations of IP addresses. IPchain leverages blockchains' properties to decentralize trust among its participants, with the final goal of providing flexible trust models that adapt better to the ever-changing geopolitical landscape. Moreover, we argue that Proof of Stake is a suitable consensus algorithm for IPchain due to the unique incentive structure of this use-case, and that blockchains offer relevant technical advantages when compared to existing systems, such as simplified management. In order to show its feasibility and suitability, we have implemented and evaluated IPchain's performance and scalability storing around 350k IP prefixes in a 2.5 GB chain.Peer ReviewedPostprint (published version

Robotic Wireless Sensor Networks

In this chapter, we present a literature survey of an emerging, cutting-edge, and multi-disciplinary field of research at the intersection of Robotics and Wireless Sensor Networks (WSN) which we refer to as Robotic Wireless Sensor Networks (RWSN). We define a RWSN as an autonomous networked multi-robot system that aims to achieve certain sensing goals while meeting and maintaining certain communication performance requirements, through cooperative control, learning and adaptation. While both of the component areas, i.e., Robotics and WSN, are very well-known and well-explored, there exist a whole set of new opportunities and research directions at the intersection of these two fields which are relatively or even completely unexplored. One such example would be the use of a set of robotic routers to set up a temporary communication path between a sender and a receiver that uses the controlled mobility to the advantage of packet routing. We find that there exist only a limited number of articles to be directly categorized as RWSN related works whereas there exist a range of articles in the robotics and the WSN literature that are also relevant to this new field of research. To connect the dots, we first identify the core problems and research trends related to RWSN such as connectivity, localization, routing, and robust flow of information. Next, we classify the existing research on RWSN as well as the relevant state-of-the-arts from robotics and WSN community according to the problems and trends identified in the first step. Lastly, we analyze what is missing in the existing literature, and identify topics that require more research attention in the future

End-to-end resource management for federated delivery of multimedia services

Recently, the Internet has become a popular platform for the delivery of multimedia content. Currently, multimedia services are either offered by Over-the-top (OTT) providers or by access ISPs over a managed IP network. As OTT providers offer their content across the best-effort Internet, they cannot offer any Quality of Service (QoS) guarantees to their users. On the other hand, users of managed multimedia services are limited to the relatively small selection of content offered by their own ISP. This article presents a framework that combines the advantages of both existing approaches, by dynamically setting up federations between the stakeholders involved in the content delivery process. Specifically, the framework provides an automated mechanism to set up end-to-end federations for QoS-aware delivery of multimedia content across the Internet. QoS contracts are automatically negotiated between the content provider, its customers, and the intermediary network domains. Additionally, a federated resource reservation algorithm is presented, which allows the framework to identify the optimal set of stakeholders and resources to include within a federation. Its goal is to minimize delivery costs for the content provider, while satisfying customer QoS requirements. Moreover, the presented framework allows intermediary storage sites to be included in these federations, supporting on-the-fly deployment of content caches along the delivery paths. The algorithm was thoroughly evaluated in order to validate our approach and assess the merits of including intermediary storage sites. The results clearly show the benefits of our method, with delivery cost reductions of up to 80 % in the evaluated scenario