Dinamička distribucija sigurnosnih ključeva i koalicijski protokol IP adresa za mobilne ad hoc mreže

In mobile adhoc networks (MANETs) a tree-based dynamic address auto-configuration protocol (T-DAAP) is one of the best protocols designed for address assignment as far as the network throughput and packet delays are concerned. Moreover, MANET security is an important factor for many applications given that any node can listen to the channel and overhear the packets being transmitted. In this paper, we merge the address assignment with the security key delivery into one protocol, such that a node in the MANET is configured with IP address and security key simultaneously. To the best of our knowledge, no single protocol provides concurrent assignment of IP addresses and security keys for MANET nodes. The proposed method, which is based on T-DAAP, shows significant enhancements in the required control packets needed for assigning network nodes IP addresses and security keys, MAC layer packets, total end-to-end delay, and channel throughput over those obtained when using separate protocols. Additionally, it provides not only efficient security keys to the nodes from the first moment they join the network, but also secure delivery of the address and security key to all participating nodes. It is noteworthy to mention that providing a complete security model for MANET to detect and countermeasure network security threats and attacks is beyond the scope of our proposed protocol.Kod mobilnih ad hoc mreža (MANET) dinamički protokol za autokonfiguraciju adresa baziran na stablu (T-DAAP) je jedan od najboljih protokola dizajniranih za dodjelu adresa iz perspektive propusnosti mreže i i kašnjenja paketa. štoviše, sigurnost MANET-a je važan faktor za mnoge aplikacije s obzirom da bilo koji čvor može osluškivati kanal i slučajno čuti pakete koji se šalju. U ovom radu, dodjela adresa i dostava sigurnosnih ključeva spojeni su u jedan protokol tako da je čvor u MANET-u konfiguriran simultano s IP adresom i sigurnosnim ključem. Prema saznanjima autora, niti jedan postojeći protokol ne pruža istovremeno dodjeljivanje IP adrese i sigurnosnog ključa za MANET čvorove. Predložena metoda, koja se bazira na T-DAAP-u, pokazuje značajna poboljšanja u odnosu na metode koje koriste odvojene porotokole, kod traženih kontrolnih paketa koji su potrebni za dodjeljivanje IP adresa i sigurnosnih ključeva čvorovima mreže, MAC paketa, ukupnog end-to-end kašnjenja i propusnosti kanala. Dodatno pruža ne samo efikasne sigurnosne ključeve čvorovima od trenutka kad se priključe mreži, nego i sigurno dostavljanje adrese i sigurnosnog ključa svim čvorovima koji sudjeluju u mreži. Važno je spomenuti da je pružanje cjelokupnog sigurnosnog modela za MANET koji detektira dodatno i protumjere prijetnjama i napadima na sigurnost mreže izvan dosega predloženog protokola

Integrated Architecture for Configuration and Service Management in MANET Environments

Esta tesis nos ha permitido trasladar algunos conceptos teóricos de la computación ubicua a escenarios reales, identificando las necesidades específicas de diferentes tipos de aplicaciones. Con el fin de alcanzar este objetivo, proponemos dos prototipos que proporcionan servicios sensibles al contexto en diferentes entornos, tales como conferencias o salas de recuperación en hospitales. Estos prototipos experimentales explotan la tecnología Bluetooth para ofrecer información basada en las preferencias del usuario. En ambos casos, hemos llevado a cabo algunos experimentos con el fin de evaluar el comportamiento de los sistemas y su rendimento. También abordamos en esta tesis el problema de la autoconfiguración de redes MANET basadas en el estándar 802.11 a través de dos soluciones novedosas. La primera es una solución centralizada que se basa en la tecnología Bluetooth, mientras la segunda es una solución distribuida que no necesita recurrir a ninguna tecnología adicional, ya que se basa en el uso del parámetro SSID. Ambos métodos se han diseñado para permitir que usuarios no expertos puedan unirse a una red MANET de forma transparente, proporcionando una configuración automática, rápida, y fiable de los terminales. Los resultados experimentales en implementaciones reales nos han permitido evaluar el rendimiento de las soluciones propuestas y demostrar que las estaciones cercanas se pueden configurar en pocos segundos. Además, hemos comparado ambas soluciones entre sí para poner de manifiesto las diferentes ventajas y desventajas en cuanto a rendimento. La principal contribución de esta tesis es EasyMANET, una plataforma ampliable y configurable cuyo objetivo es automatizar lo máximo posible las tareas que afectan a la configuración y puesta en marcha de redes MANET, de modo que su uso sea más simple y accesible.Cano Reyes, J. (2012). Integrated Architecture for Configuration and Service Management in MANET Environments [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/14675Palanci

Enhancing The Quality Of Service In Mobile Networks Based On Nemo Basic Support Protocol

To fulfil the need for an uninterrupted Internet access along with the move in mobile networks as an alternative to the end-host mobility, the IETF NEMO working group was created to extend basic end-host mobility support in Mobile IPv6 (MIPv6). This group standardizes NEMO Basic Support Protocol (NEMO BS) to support network mobility. However, the handover latency in NEMO BS is high and the nested tunnels’ problem in the nested NEMO networks is not considered in the main specification of this protocol. Issues affecting the provision of QoS guarantees during the handoff process in NEMO BS are the handover latency, the disruption time, and the handoff failure and the packet loss

Topics on modelling and simulation of wireless networking protocols

The use of computer simulation to study complex systems has grown significantly over the past several decades. This is especially true with regard to computer networks, where simulation has become a widespread tool used in academic, commercial and military applications. Computer model representations of communication protocol stacks are used to replicate and predict the behavior of real world counterparts to solve a variety of problems.The performance of simulators, measured in both accuracy of results and run time, is a constant concern to simulation users. The running time for high delity simulation of large-scale mobile ad hoc networks can be prohibitively high. The execution time of propagation e ects calculations for a single transmission alone can grow unmanageable to account for all potential receivers. Discrete event simulators can also su er from excessive generation and processing of events, both due to network size and model complexity. In this thesis, three levels of abstracting the Institute of Electrical and Electronics Engineers (IEEE) 802.11 Request to Send/Clear to Send (RTS/CTS) channel access mechanism are presented. In the process of assessing the abstractions' ability to mitigate runtimecost while retaining comparable results to that of a commercially available simulator, OPNET, the abstractions were found to be better suited to collecting one metric over another.Performance issues aside, simulation is an ideal choice for use in prototyping and developing protocols. The costs of simulation are orders of magnitude smaller than that of network testbeds, especially after factoring in the logistics, maintenance, and space required to test live networks. For instance, Internet Protocol version 6 (IPv6) stateless address autocon guration protocols have yet to be convincingly shown to cope with the dynamic, infrastructure-free environment of Mobile Ad hoc Networks (MANETs). This thesis provides a literature survey of autocon guration schemes designed for MANETs, with particular focus on a stateless autocon guration scheme by Jelger andNoel (SECON 2005). The selected scheme provides globally routable IPv6 pre xes to a MANET attached to the Internet via gateways. Using OPNET simulation, the Jelger-Noel scheme is examined with new cluster mobility models, added gateway mobility, and varied network sizes. Performance of the Jelger-Noel scheme, derived from overhead, autocon gura ion time and pre x stability metrics, was found to be highly dependent on network density, and suggested further re nement before deployment.Finally, in cases where a network testbed is used to test protocols, it is still advantageous to run simulations in parallel. While testbeds can help expose design aws due to code or hardware di erences, discrete event simulation environments can o er extensive debugging capabilities andevent control. The two tools provide independent methods of validating the performance of protocols, as well as providing useful feedback on correct protocol implementation and con guration. This thesis presents the Open Shortest Path First (OSPF) routing protocol and its MANET extensions as candidate protocols to test in simulated and emulated MANETs. The measured OSPF overhead from both environments was used as a benchmark to construct equivalent MANET representations and protocol con guration, made particularly challenging due to the wired nature of the emulation testbed. While attempting to duplicate and validate results of a previous OSPF study, limitations of the simulated implementation of OSPF were revealed.M.S., Electrical Engineering -- Drexel University, 200

NETWORK AND DOMAIN AUTOCONFIGURATION: A UNIFIED FRAMEWORK FOR LARGE MOBILE AD HOC NETWORKS

Configuration management is critical to correct and efficient operation of large networks. In those cases where the users and networks are dynamic and ad hoc, manual configuration quickly becomes too complex. The combination of the sheer number of nodes with the heterogeneity and dynamics makes it almost impossible for the system administrator to ensure good configuration or even ensure correct operation. To achieve the vision of pervasive computing, nodes must automatically discover their environment and self-configure, then must automatically reconfigure to adapt to changes. Protocols such as DHCP, DDNS and mDNS provide some degree of host autoconfiguration, but network administrators must still configure information such as address pools, routing protocols, or OSPF routing areas. Only limited progress has been made to automate the configuration of routers, servers and network topology. This dissertation proposes the autoconfiguration of most host, router and server information, including the automatic generation and maintenance of hierarchy, under the same architectural, algorithmic and protocol framework. The proposed unified framework consists of modules (DRCP, DCDP, YAP, ACA) responsible for the entity autoconfiguration and from a modified and well adjusted general optimization (Simulated Annealing) based algorithm for the domain autoconfiguration. Due to the generality of the optimization algorithm, the generated hierarchy can improve dynamically selected network performance aspects represented by appropriately designed objective functions and constraints. An indicative set related to the physical characteristics of the domains and node mobility is provided. Even though SA has been adjusted for faster convergence, it may still be unable to capture the dynamics of rapidly changing networks. Thus, a faster but suboptimal distributed hierarchy generation mechanism that follows the design philosophy of SA-based mechanism has also been introduced. Inevitably, due to network dynamics, the quality of the hierarchy will degrade. In such scenarios, the frequent reapplication of the expensive optimization based hierarchy generation is prohibitive. Hence, for extending the domain formation framework, distributed maintenance mechanisms have been proposed for reconstructing the feasibility and quality of the hierarchy by enforcing localized decisions. The proposed framework has been applied to provide solutions on some realistic network problems related to hierarchical routing and topology control

Survey and Evaluation of Advanced Mobility Management Schemes in the Host Identity Layer

L

Mobility in IPv6

Masteroppgave i informasjons- og kommunikasjonsteknologi 2001 - Høgskolen i Agder, GrimstadIn the future it is expectable that the number of terminals with wireless access to network resources will be more and more widespread, and it is therefore necessary to integrate mobility support into future generation networks so that users can be online, even while in motion. The increasing use of Internet suggests that the Internet technology can be the best candidate for effective realization of future generation mobile systems. Mobile IP can offer the possibility for use of the mobile Internet in other ways than it is used in the standard wired environment, and may be the solution to increasing mobility demands. Due to this, mobility in IPv6 (MIPv6) is designed to be scalable, stable, efficient and secure, which are the factors considered important for this thesis. Scalable – The number of users are expected to be so many that MIPv6 is, according to its specification, designed to scale almost as well as Internet without mobility support integrated. This implies the elimination of triangle routing, currently a challenge in MIPv4, and also a reasonable amount of data that must be managed by the nodes involved in mobility. MIPv6 is also designed so that future extensions and modifications are possible by allowing further growth. Stable – For the adoption rate of this technology to high, the users must be able to depend on the services provided. At present the implementations shows that there are still a few more steps to take until necessary stability is offered, but product quality releases of MIPv6 is expected to be released sometime next year. The implementation tested in this thesis reflects transparent mobility as to simple higher-level applications such as telnet and http, but not real-time applications. The implementation described in this thesis had some initial problems with the procedures for Duplicate Address Detection (DAD), which shall guarantee that all addresses on any given IPv6 network is unique. Some improvements for DAD have therefore been proposed in order to get better solutions as to fault-handling procedures when DAD fails. Efficient – Base MIPv6 as used in our implementation does not provide the handover efficiency needed for all kinds of applications. Seen from a traditional Internet point of view, the services offered are of best effort quality. A future version of the Internet protocol must, however, be designed to support applications with greater demands to handover latencies, than what a best effort service level can provide. Thus, the handover latency must in these cases be so small that it goes within the boundaries for e.g. demanding real-time applications. Several solutions are proposed for this purpose, but the area of research is still very new and no proposal will be defined for still some time. It seems like the initial mobility deployment phase will be without support for these services, but the technology is very promising and will most likely be integrated as the use of MIPv6 advances. Secure – In a large mobile environment mobile nodes will not only require Internet access within their own domain. They will also probably visit foreign networks, and as known from GSM infrastructure today, this will not be free of charge. Service providers in foreign domains commonly require authorization to ensure a good business relationship with the client. This leads directly to authentication, and of course accounting (AAA). This AAA infrastructure should be in place before mobile Internet can be deployed worldwide

Integration of unidirectional technologies into wireless back-haul architecture

This thesis was submitted for the degree of Docter of Philosophy and awarded by Brunel University.Back-haul infrastructures of today's wireless operators must support the triple-play services demanded by the market or regulatory bodies. To cope with increasing capacity demand, the EU FP7 project CARMEN has developed a cost-effective heterogeneous multi-radio wireless back-haul architecture, which may also leverage the native multicast capabilities of broadcast technologies such as DVB-T to off-load high-bandwidth broadcast content delivery. However, the integration of such unidirectional technologies into a packet-switched architecture requires careful considerations. The contribution of this thesis is the investigation, design and evaluation of protocols and mechanisms facilitating the integration of such unidirectional technologies into the wireless back-haul architecture so that they can be configured and utilized by the spectrum and capacity optimization modules. This integration mainly concerns the control plane and, in particular, the aspects related to resource and capability descriptions, neighborhood, link and Multi Protocol Label Switching (MPLS) Label-Switched Path (LSP) monitoring, unicast and multicast LSP signalling as well as topology forming and maintenance. During the course of this study we have analyzed the problem space, proposed solutions to the resulting research questions and evaluated our approach. Our results show that the now Unidirectional Technology (UDT)-aware architecture can readily consider Unidirectional Technologies (UDTs) to distribute, for example, broadcast content