Network layer access control for context-aware IPv6 applications

As part of the Lancaster GUIDE II project, we have developed a novel wireless access point protocol designed to support the development of next generation mobile context-aware applications in our local environs. Once deployed, this architecture will allow ordinary citizens secure, accountable and convenient access to a set of tailored applications including location, multimedia and context based services, and the public Internet. Our architecture utilises packet marking and network level packet filtering techniques within a modified Mobile IPv6 protocol stack to perform access control over a range of wireless network technologies. In this paper, we describe the rationale for, and components of, our architecture and contrast our approach with other state-of-the- art systems. The paper also contains details of our current implementation work, including preliminary performance measurements

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Spectrum Utilization and Congestion of IEEE 802.11 Networks in the 2.4 GHz ISM Band

Wi-Fi technology, plays a major role in society thanks to its widespread availability, ease of use and low cost. To assure its long term viability in terms of capacity and ability to share the spectrum efficiently, it is of paramount to study the spectrum utilization and congestion mechanisms in live environments. In this paper the service level in the 2.4 GHz ISM band is investigated with focus on todays IEEE 802.11 WLAN systems with support for the 802.11e extension. Here service level means the overall Quality of Service (QoS), i.e. can all devices fulfill their communication needs? A crosslayer approach is used, since the service level can be measured at several levels of the protocol stack. The focus is on monitoring at both the Physical (PHY) and the Medium Access Control (MAC) link layer simultaneously by performing respectively power measurements with a spectrum analyzer to assess spectrum utilization and packet sniffing to measure the congestion. Compared to traditional QoS analysis in 802.11 networks, packet sniffing allows to study the occurring congestion mechanisms more thoroughly. The monitoring is applied for the following two cases. First the influence of interference between WLAN networks sharing the same radio channel is investigated in a controlled environment. It turns out that retry rate, Clear-ToSend (CTS), Request-To-Send (RTS) and (Block) Acknowledgment (ACK) frames can be used to identify congestion, whereas the spectrum analyzer is employed to identify the source of interference. Secondly, live measurements are performed at three locations to identify this type of interference in real-live situations. Results show inefficient use of the wireless medium in certain scenarios, due to a large portion of management and control frames compared to data content frames (i.e. only 21% of the frames is identified as data frames)

DTLS Performance in Duty-Cycled Networks

The Datagram Transport Layer Security (DTLS) protocol is the IETF standard for securing the Internet of Things. The Constrained Application Protocol, ZigBee IP, and Lightweight Machine-to-Machine (LWM2M) mandate its use for securing application traffic. There has been much debate in both the standardization and research communities on the applicability of DTLS to constrained environments. The main concerns are the communication overhead and latency of the DTLS handshake, and the memory footprint of a DTLS implementation. This paper provides a thorough performance evaluation of DTLS in different duty-cycled networks through real-world experimentation, emulation and analysis. In particular, we measure the duration of the DTLS handshake when using three duty cycling link-layer protocols: preamble-sampling, the IEEE 802.15.4 beacon-enabled mode and the IEEE 802.15.4e Time Slotted Channel Hopping mode. The reported results demonstrate surprisingly poor performance of DTLS in radio duty-cycled networks. Because a DTLS client and a server exchange more than 10 signaling packets, the DTLS handshake takes between a handful of seconds and several tens of seconds, with similar results for different duty cycling protocols. Moreover, because of their limited memory, typical constrained nodes can only maintain 3-5 simultaneous DTLS sessions, which highlights the need for using DTLS parsimoniously.Comment: International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC - 2015), IEEE, IEEE, 2015, http://pimrc2015.eee.hku.hk/index.htm

IETF standardization in the field of the Internet of Things (IoT): a survey

Smart embedded objects will become an important part of what is called the Internet of Things. However, the integration of embedded devices into the Internet introduces several challenges, since many of the existing Internet technologies and protocols were not designed for this class of devices. In the past few years, there have been many efforts to enable the extension of Internet technologies to constrained devices. Initially, this resulted in proprietary protocols and architectures. Later, the integration of constrained devices into the Internet was embraced by IETF, moving towards standardized IP-based protocols. In this paper, we will briefly review the history of integrating constrained devices into the Internet, followed by an extensive overview of IETF standardization work in the 6LoWPAN, ROLL and CoRE working groups. This is complemented with a broad overview of related research results that illustrate how this work can be extended or used to tackle other problems and with a discussion on open issues and challenges. As such the aim of this paper is twofold: apart from giving readers solid insights in IETF standardization work on the Internet of Things, it also aims to encourage readers to further explore the world of Internet-connected objects, pointing to future research opportunities

Application Protocols enabling Internet of Remote Things via Random Access Satellite Channels

Nowadays, Machine-to-Machine (M2M) and Internet of Things (IoT) traffic rate is increasing at a fast pace. The use of satellites is expected to play a large role in delivering such a traffic. In this work, we investigate the use of two of the most common M2M/IoT protocols stacks on a satellite Random Access (RA) channel, based on DVB-RCS2 standard. The metric under consideration is the completion time, in order to identify the protocol stack that can provide the best performance level