Q-ESP: a QoS-compliant Security Protocol to enrich IPSec Framework

IPSec is a protocol that allows to make secure connections between branch offices and allows secure VPN accesses. However, the efforts to improve IPSec are still under way; one aspect of this improvement is to take Quality of Service (QoS) requirements into account. QoS is the ability of the network to provide a service at an assured service level while optimizing the global usage of network resources. The QoS level that a flow receives depends on a six-bit identifier in the IP header; the so-called Differentiated Services code point (DSCP). Basically, Multi-Field classifiers classify a packet by inspecting IP/TCP headers, to decide how the packet should be processed. The current IPSec standard does hardly offer any guidance to do this, because the existing IPSec ESP security protocol hides much of this information in its encrypted payloads, preventing network control devices such as routers and switches from utilizing this information in performing classification appropriately. To solve this problem, we propose a QoS-friendly Encapsulated Security Payload (Q-ESP) as a new IPSec security protocol that provides both security and QoS supports. We also present our NetBSD kernel-based implementation as well as our evaluation results of Q-ESP

The MobyDick Project: A Mobile Heterogeneous All-IP Architecture

Proceedings of Advanced Technologies, Applications and Market Strategies for 3G (ATAMS 2001). Cracow, Poland: 17-20 June, 2001.This paper presents the current stage of an IP-based architecture for heterogeneous environments, covering UMTS-like W-CDMA wireless access technology, wireless and wired LANs, that is being developed under the aegis of the IST Moby Dick project. This architecture treats all transmission capabilities as basic physical and data-link layers, and attempts to replace all higher-level tasks by IP-based strategies. The proposed architecture incorporates aspects of mobile-IPv6, fast handover, AAA-control, and Quality of Service. The architecture allows for an optimised control on the radio link layer resources. The Moby dick architecture is currently under refinement for implementation on field trials. The services planned for trials are data transfer and voice-over-IP.Publicad

QoS based Admission Control using Multipath Scheduler for IP over Satellite Networks

This paper presents a novel scheduling algorithm to support quality of service (QoS) for multiservice applications over integrated satellite and terrestrial networks using admission control system with multipath selection capabilities. The algorithm exploits the multipath routing paradigm over LEO and GEO satellites constellation in order to achieve optimum end-to-end QoS of the client-server Internet architecture for HTTP web service, file transfer, video streaming and VoIP applications. The proposed multipath scheduler over the satellite networks advocates load balancing technique based on optimum time-bandwidth in order to accommodate the burst of application traffics. The method tries to balance the bandwidth load and queue length on each link over satellite in order to fulfil the optimum QoS level for each traffic type. Each connection of a traffic type will be routed over a link with the least bandwidth load and queue length at current time in order to avoid congestion state. The multipath routing scheduling decision is based on per connection granularity so that packet reordering at the receiver side could be avoided. The performance evaluation of IP over satellites has been carried out using multiple connections, different file sizes and bit-error-rate (BER) variations to measure the packet delay, loss ratio and throughput

A TCP Driven CAC scheme: efficient resource utilization in a leaky HAP-satellite integrated scenario

An integrated high altitude platform (HAP)-satellite communication system appears to be very suitable for a large set of scenarios including emergency situations, exceptional events, etc. In fact, the satellite capability to provide a broadband and ubiquitous access can be enhanced by the deployment of HAP that allows the use of low-power consuming, cost-efficient, and portable terminals. To obtain an optimum utilization of radio resource, without renouncing to QoS satisfaction, a suitable call admission control scheme must be implemented. Nevertheless, transmission control protocol (TCP) behavior, mainly affected by the high latency and shadowing events, can impact call admission control (CAC) performance. Therefore, it would be desirable that the CAC scheme takes into account also the TCP congestion window real evolution. We present an innovative CAC scheme that uses TCP statistics as one of its inputs and is able to manage different classes of users. Results show that CAC performance is significantly improved by introducing TCP statistics about network congestion as an input parameter