LPWAN Technologies: Emerging Application Characteristics, Requirements, and Design Considerations

Low power wide area network (LPWAN) is a promising solution for long range and low power Internet of Things (IoT) and machine to machine (M2M) communication applications. This paper focuses on defining a systematic and powerful approach of identifying the key characteristics of such applications, translating them into explicit requirements, and then deriving the associated design considerations. LPWANs are resource-constrained networks and are primarily characterized by long battery life operation, extended coverage, high capacity, and low device and deployment costs. These characteristics translate into a key set of requirements including M2M traffic management, massive capacity, energy efficiency, low power operations, extended coverage, security, and interworking. The set of corresponding design considerations is identified in terms of two categories, desired or expected ones and enhanced ones, which reflect the wide range of characteristics associated with LPWAN-based applications. Prominent design constructs include admission and user traffic management, interference management, energy saving modes of operation, lightweight media access control (MAC) protocols, accurate location identification, security coverage techniques, and flexible software re-configurability. Topological and architectural options for interconnecting LPWAN entities are discussed. The major proprietary and standards-based LPWAN technology solutions available in the marketplace are presented. These include Sigfox, LoRaWAN, Narrowband IoT (NB-IoT), and long term evolution (LTE)-M, among others. The relevance of upcoming cellular 5G technology and its complementary relationship with LPWAN technology are also discussed

End-to-end security for mobile devices

Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2004Includes bibliographical references (leaves: 120)Text in English; Abstract: Turkish and Englishix, 133 leavesEnd-to-end security has been an emerging need for mobile devices with the widespread use of personal digital assistants and mobile phones. Transport Layer Security Protocol (TLS) is an end-to-end security protocol that is commonly used in Internet, together with its predecessor, SSL protocol. By using TLS protocol in mobile world, the advantage of the proven security model of this protocol can be taken.J2ME (Java 2 Micro Edition) has been the de facto application platform used in mobile devices. This thesis aims to provide an end-to-end security protocol implementation based on TLS 1.0 specification and that can run on J2ME MIDP (Mobile Information Device Profile) environment. Because of the resource intensive public-key operations used in TLS, this protocol needs high resources and has low performance. Another motivation for the thesis is to adapt the protocol for mobile environment and to show that it is possible to use the protocol implementation in both client and server modes. An alternative serialization mechanism is used instead of the standard Java object serialization that is lacking in MIDP. In this architecture, XML is used to transmit object data.The mobile end-to-end security protocol has the main design issues of maintainability and extensibility. Cryptographic operations are performed with a free library, Bouncy Castle Cryptography Package. The object-oriented architecture of the protocol implementation makes the replacement of this library with another cryptography package easier.Mobile end-to-end security protocol is tested with a mobile hospital reservation system application. Test cases are prepared to measure the performance of the protocol implementation with different cipher suites and platforms. Measured values of all handshake operation and defined time spans are given in tables and compared with graphs

Design and evaluation of a self-configuring wireless mesh network architecture

Wireless network connectivity plays an increasingly important role in supporting our everyday private and professional lives. For over three decades, self-organizing wireless multi-hop ad-hoc networks have been investigated as a decentralized replacement for the traditional forms of wireless networks that rely on a wired infrastructure. However, despite the tremendous efforts of the international wireless research community and widespread availability of devices that are able to support these networks, wireless ad-hoc networks are hardly ever used. In this work, the reasons behind this discrepancy are investigated. It is found that several basic theoretical assumptions on ad-hoc networks prove to be wrong when solutions are deployed in reality, and that several basic functionalities are still missing. It is argued that a hierarchical wireless mesh network architecture, in which specialized, multi-interfaced mesh nodes form a reliable multi-hop wireless backbone for the less capable end-user clients is an essential step in bringing the ad-hoc networking concept one step closer to reality. Therefore, in a second part of this work, algorithms increasing the reliability and supporting the deployment and management of these wireless mesh networks are developed, implemented and evaluated, while keeping the observed limitations and practical considerations in mind. Furthermore, the feasibility of the algorithms is verified by experiment. The performance analysis of these protocols and the ability to deploy the developed algorithms on current generation off-the-shelf hardware indicates the successfulness of the followed research approach, which combines theoretical considerations with practical implementations and observations. However, it was found that there are also many pitfalls to using real-life implementation as a research technique. Therefore, in the last part of this work, a methodology for wireless network research using real-life implementation is developed, allowing researchers to generate more reliable protocols and performance analysis results with less effort

Evaluating IP security on lightweight hardware

TCP/IP communications stack is being increasingly used to interconnect mobile phones, PDAs, sensor motes and other wireless embedded devices. Although the core functionality of communications protocols has been successfully adopted to lightweight hardware from the traditional Internet and desktop computers, suitability of strong security mechanisms on such devices remains questionable. Insufficient processor, memory and battery resources, as well as constraints of wireless communications limit the applicability of many existing security protocols that involve computationally intensive operations. Varying capabilities of devices and application scenarios with different security and operational requirements complicate the situation further and call for agile and flexible security systems. This study does an empirical evaluation of applicability of selected existing IP security mechanisms to lightweight (resource-constrained) devices. In particular, we evaluate various components of the Host Identity Protocol (HIP), standardized by the Internet Engineering Task Force for achieving authentication, shared key negotiation, secure mobility and multihoming and, if used with IPsec, integrity and confidentiality of user data. Involving a set of cryptographic operations, HIP might easily stress a lightweight client, while affecting performance of applications running on it and shortening battery lifetime of the device. We present a background and related work on network-layer security, as well as a set of measurement results of various security components obtained on devices representing lightweight hardware: embedded Linux PDAs, Symbian-based smartphones, OpenWrt Wi-Fi access routers and wireless sensor platforms. To improve computational and energy efficiency of HIP, we evaluate several lightweight mechanisms that can substitute standard protocol components and provide a good trade-off between security and performance in particular application scenarios. We describe cases where existing HIP security mechanisms (i) can be used unmodified and (ii) should be tailored or replaced to suit resource-constrained environments. The combination of presented security components and empirical results on their applicability can serve as a reference framework for building adaptable and flexible security services for future lightweight communication systems

Supporting code mobility and dynamic reconfigurations over Wireless MAC Processor Prototype

Mobile networks for Internet Access are a fundamental segment of Internet access net- works, where resource optimization are really critical because of the limited bandwidth availability. While traditionally resource optimizations have been focused on high effi- cient modulation and coding schemes, to be dynamically tuned according to the wireless channel and interference conditions, it has also been shown how medium access schemes can have a significant impact on the network performance according to the application and networking scenarios. This thesis work proposes an architectural solution for supporting Medium Access Con- trol (MAC) reconfigurations in terms of dynamic programming and code mobility. Since the MAC protocol is usually implemented in firmware/hardware (being constrained to very strict reaction times and to the rules of a specific standard), our solution is based on a different wireless card architecture, called Wireless MAC Processor (WMP), where standard protocols are replaced by standard programming interfaces. The control architecture developed in this thesis exploits this novel behavioral model of wireless cards for extending the network intelligence and enabling each node to be remotely reprogrammed by means a so called “MAC Program”, i.e. a software element that defines the description of a MAC protocol. This programmable protocol can be remotely injected and executed on running network devices allowing on-the-fly MAC reconfigurations. This work aim to obtain a formal description of the a software defined wireless network requirements and define a mechanism for a reliable MAC program code mobility throw the network elements, transparently to the upper-level and supervised by a global con- trol logic that optimizes the radio resource usage; it extends a single protocol paradigm implementation to a programmable protocol abstraction and redefines the overall wire- less network view with support for cognitive adaptation mechanisms. The envisioned solutions have been supported by real experiments running on different WMP proto- types , showing the benefits given by a medium control infrastructure which is dynamic, message-oriented and reconfigurable.Mobile networks for Internet Access are a fundamental segment of Internet access net- works, where resource optimization are really critical because of the limited bandwidth availability. While traditionally resource optimizations have been focused on high effi- cient modulation and coding schemes, to be dynamically tuned according to the wireless channel and interference conditions, it has also been shown how medium access schemes can have a significant impact on the network performance according to the application and networking scenarios. This thesis work proposes an architectural solution for supporting Medium Access Con- trol (MAC) reconfigurations in terms of dynamic programming and code mobility. Since the MAC protocol is usually implemented in firmware/hardware (being constrained to very strict reaction times and to the rules of a specific standard), our solution is based on a different wireless card architecture, called Wireless MAC Processor (WMP), where standard protocols are replaced by standard programming interfaces. The control architecture developed in this thesis exploits this novel behavioral model of wireless cards for extending the network intelligence and enabling each node to be remotely reprogrammed by means a so called “MAC Program”, i.e. a software element that defines the description of a MAC protocol. This programmable protocol can be remotely injected and executed on running network devices allowing on-the-fly MAC reconfigurations. This work aim to obtain a formal description of the a software defined wireless network requirements and define a mechanism for a reliable MAC program code mobility throw the network elements, transparently to the upper-level and supervised by a global con- trol logic that optimizes the radio resource usage; it extends a single protocol paradigm implementation to a programmable protocol abstraction and redefines the overall wire- less network view with support for cognitive adaptation mechanisms. The envisioned solutions have been supported by real experiments running on different WMP proto- types , showing the benefits given by a medium control infrastructure which is dynamic, message-oriented and reconfigurable

NFV Platforms: Taxonomy, Design Choices and Future Challenges

Due to the intrinsically inefficient service provisioning in traditional networks, Network Function Virtualization (NFV) keeps gaining attention from both industry and academia. By replacing the purpose-built, expensive, proprietary network equipment with software network functions consolidated on commodity hardware, NFV envisions a shift towards a more agile and open service provisioning paradigm. During the last few years, a large number of NFV platforms have been implemented in production environments that typically face critical challenges, including the development, deployment, and management of Virtual Network Functions (VNFs). Nonetheless, just like any complex system, such platforms commonly consist of abounding software and hardware components and usually incorporate disparate design choices based on distinct motivations or use cases. This broad collection of convoluted alternatives makes it extremely arduous for network operators to make proper choices. Although numerous efforts have been devoted to investigating different aspects of NFV, none of them specifically focused on NFV platforms or attempted to explore their design space. In this paper, we present a comprehensive survey on the NFV platform design. Our study solely targets existing NFV platform implementations. We begin with a top-down architectural view of the standard reference NFV platform and present our taxonomy of existing NFV platforms based on what features they provide in terms of a typical network function life cycle. Then we thoroughly explore the design space and elaborate on the implementation choices each platform opts for. We also envision future challenges for NFV platform design in the incoming 5G era. We believe that our study gives a detailed guideline for network operators or service providers to choose the most appropriate NFV platform based on their respective requirements. Our work also provides guidelines for implementing new NFV platforms

Improving Dependability of Networks with Penalty and Revocation Mechanisms

Both malicious and non-malicious faults can dismantle computer networks. Thus, mitigating faults at various layers is essential in ensuring efficient and fair network resource utilization. In this thesis we take a step in this direction and study several ways to deal with faults by means of penalties and revocation mechanisms in networks that are lacking a centralized coordination point, either because of their scale or design. Compromised nodes can pose a serious threat to infrastructure, end-hosts and services. Such malicious elements can undermine the availability and fairness of networked systems. To deal with such nodes, we design and analyze protocols enabling their removal from the network in a fast and a secure way. We design these protocols for two different environments. In the former setting, we assume that there are multiple, but independent trusted points in the network which coordinate other nodes in the network. In the latter, we assume that all nodes play equal roles in the network and thus need to cooperate to carry out common functionality. We analyze these solutions and discuss possible deployment scenarios. Next we turn our attention to wireless edge networks. In this context, some nodes, without being malicious, can still behave in an unfair manner. To deal with the situation, we propose several self-penalty mechanisms. We implement the proposed protocols employing a commodity hardware and conduct experiments in real-world environments. The analysis of data collected in several measurement rounds revealed improvements in terms of higher fairness and throughput. We corroborate the results with simulations and an analytic model. And finally, we discuss how to measure fairness in dynamic settings, where nodes can have heterogeneous resource demands

Security Framework for the Web of IoT Platforms

Connected devices of IoT platforms are known to produce, process and exchange vast amounts of data, most of it sensitive or personal, that need to be protected. However, achieving minimal data protection requirements such as confidentiality, integrity, availability and non-repudiation in IoT platforms is a non-trivial issue. For one reason, the trillions of interacting devices provide larger attack surfaces. Secondly, high levels of personal and private data sharing in this ubiquitous and heterogeneous environment require more stringent protection. Additionally, whilst interoperability fuels innovation through cross-platform data flow, data ownership is a concern. This calls for categorizing data and providing different levels of access control to users known as global and local scopes. These issues present new and unique security considerations in IoT products and services that need to be addressed to enable wide adoption of the IoT paradigm. This thesis presents a security and privacy framework for the Web of IoT platforms that addresses end-to-end security and privacy needs of the platforms. It categorizes platforms’ resources into different levels of security requirements and provides appropriate access control mechanisms

Ubiquitous interaction on wireless mobile devices

Master'sMASTER OF ENGINEERIN