3,648 research outputs found
Enabling Disaster Resilient 4G Mobile Communication Networks
The 4G Long Term Evolution (LTE) is the cellular technology expected to
outperform the previous generations and to some extent revolutionize the
experience of the users by taking advantage of the most advanced radio access
techniques (i.e. OFDMA, SC-FDMA, MIMO). However, the strong dependencies
between user equipments (UEs), base stations (eNBs) and the Evolved Packet Core
(EPC) limit the flexibility, manageability and resiliency in such networks. In
case the communication links between UEs-eNB or eNB-EPC are disrupted, UEs are
in fact unable to communicate. In this article, we reshape the 4G mobile
network to move towards more virtual and distributed architectures for
improving disaster resilience, drastically reducing the dependency between UEs,
eNBs and EPC. The contribution of this work is twofold. We firstly present the
Flexible Management Entity (FME), a distributed entity which leverages on
virtualized EPC functionalities in 4G cellular systems. Second, we introduce a
simple and novel device-todevice (D2D) communication scheme allowing the UEs in
physical proximity to communicate directly without resorting to the
coordination with an eNB.Comment: Submitted to IEEE Communications Magazin
Actor-network procedures: Modeling multi-factor authentication, device pairing, social interactions
As computation spreads from computers to networks of computers, and migrates
into cyberspace, it ceases to be globally programmable, but it remains
programmable indirectly: network computations cannot be controlled, but they
can be steered by local constraints on network nodes. The tasks of
"programming" global behaviors through local constraints belong to the area of
security. The "program particles" that assure that a system of local
interactions leads towards some desired global goals are called security
protocols. As computation spreads beyond cyberspace, into physical and social
spaces, new security tasks and problems arise. As networks are extended by
physical sensors and controllers, including the humans, and interlaced with
social networks, the engineering concepts and techniques of computer security
blend with the social processes of security. These new connectors for
computational and social software require a new "discipline of programming" of
global behaviors through local constraints. Since the new discipline seems to
be emerging from a combination of established models of security protocols with
older methods of procedural programming, we use the name procedures for these
new connectors, that generalize protocols. In the present paper we propose
actor-networks as a formal model of computation in heterogenous networks of
computers, humans and their devices; and we introduce Procedure Derivation
Logic (PDL) as a framework for reasoning about security in actor-networks. On
the way, we survey the guiding ideas of Protocol Derivation Logic (also PDL)
that evolved through our work in security in last 10 years. Both formalisms are
geared towards graphic reasoning and tool support. We illustrate their workings
by analysing a popular form of two-factor authentication, and a multi-channel
device pairing procedure, devised for this occasion.Comment: 32 pages, 12 figures, 3 tables; journal submission; extended
references, added discussio
Roaming Real-Time Applications - Mobility Services in IPv6 Networks
Emerging mobility standards within the next generation Internet Protocol,
IPv6, promise to continuously operate devices roaming between IP networks.
Associated with the paradigm of ubiquitous computing and communication, network
technology is on the spot to deliver voice and videoconferencing as a standard
internet solution. However, current roaming procedures are too slow, to remain
seamless for real-time applications. Multicast mobility still waits for a
convincing design. This paper investigates the temporal behaviour of mobile
IPv6 with dedicated focus on topological impacts. Extending the hierarchical
mobile IPv6 approach we suggest protocol improvements for a continuous
handover, which may serve bidirectional multicast communication, as well. Along
this line a multicast mobility concept is introduced as a service for clients
and sources, as they are of dedicated importance in multipoint conferencing
applications. The mechanisms introduced do not rely on assumptions of any
specific multicast routing protocol in use.Comment: 15 pages, 5 figure
Performance analysis of next generation web access via satellite
Acknowledgements This work was partially funded by the European Union's Horizon 2020 research and innovation programme under grant agreement No. 644334 (NEAT). The views expressed are solely those of the author(s).Peer reviewedPostprin
Secure migration of WebAssembly-based mobile agents between secure enclaves
Cryptography and security protocols are today commonly used to protect data at-rest and in-transit. In contrast, protecting data in-use has seen only limited adoption. Secure data transfer methods employed today rarely provide guarantees regarding the trustworthiness of the software and hardware at the communication endpoints.
The field of study that addresses these issues is called Trusted or Confidential Computing and relies on the use of hardware-based techniques. These techniques aim to isolate critical data and its processing from the rest of the system. More specifically, it investigates the use of hardware isolated Secure Execution Environments (SEEs) where applications cannot be tampered with during operation. Over the past few decades, several implementations of SEEs have been introduced, each based on a different hardware architecture. However, lately, the trend is to move towards architecture-independent SEEs.
As part of this, Huawei research project is developing a secure enclave framework that enables secure execution and migration of applications (mobile agents), regardless of the underlying architecture. This thesis contributes to the development of the framework by participating in the design and implementation of a secure migration scheme for the mobile agents. The goal is a scheme wherein it is possible to transfer the mobile agent without compromising the security guarantees provided by SEEs. Further, the thesis also provides performance measurements of the migration scheme implemented in a proof of concept of the framework
- …