70 research outputs found
Security and Privacy of IP-ICN Coexistence: A Comprehensive Survey
Internet usage has changed from its first design. Hence, the current Internet
must cope with some limitations, including performance degradation,
availability of IP addresses, and multiple security and privacy issues.
Nevertheless, to unsettle the current Internet's network layer i.e., Internet
Protocol with ICN is a challenging, expensive task. It also requires worldwide
coordination among Internet Service Providers , backbone, and Autonomous
Services. Additionally, history showed that technology changes e.g., from 3G to
4G, from IPv4 to IPv6 are not immediate, and usually, the replacement includes
a long coexistence period between the old and new technology. Similarly, we
believe that the process of replacement of the current Internet will surely
transition through the coexistence of IP and ICN. Although the tremendous
amount of security and privacy issues of the current Internet taught us the
importance of securely designing the architectures, only a few of the proposed
architectures place the security-by-design. Therefore, this article aims to
provide the first comprehensive Security and Privacy analysis of the
state-of-the-art coexistence architectures. Additionally, it yields a
horizontal comparison of security and privacy among three deployment approaches
of IP and ICN protocol i.e., overlay, underlay, and hybrid and a vertical
comparison among ten considered security and privacy features. As a result of
our analysis, emerges that most of the architectures utterly fail to provide
several SP features including data and traffic flow confidentiality,
availability and communication anonymity. We believe this article draws a
picture of the secure combination of current and future protocol stacks during
the coexistence phase that the Internet will definitely walk across
The Road to BOFUSS: The Basic OpenFlow User-space Software Switch
Software switches are pivotal in the Software-Defined Networking (SDN)
paradigm, particularly in the early phases of development, deployment and
testing. Currently, the most popular one is Open vSwitch (OVS), leveraged in
many production-based environments. However, due to its kernel-based nature,
OVS is typically complex to modify when additional features or adaptation is
required. To this regard, a simpler user-space is key to perform these
modifications.
In this article, we present a rich overview of BOFUSS, the basic OpenFlow
user-space software switch. BOFUSS has been widely used in the research
community for diverse reasons, but it lacked a proper reference document. For
this purpose, we describe the switch, its history, architecture, uses cases and
evaluation, together with a survey of works that leverage this switch. The main
goal is to provide a comprehensive overview of the switch and its
characteristics. Although the original BOFUSS is not expected to surpass the
high performance of OVS, it is a useful complementary artifact that provides
some OpenFlow features missing in OVS and it can be easily modified for
extended functionality. Moreover, enhancements provided by the BEBA project
brought the performance from BOFUSS close to OVS. In any case, this paper sheds
light to researchers looking for the trade-offs between performance and
customization of BOFUSS.Comment: 24 pages, 7 figures; submitted to Telecommunications Systems journa
Interoperabilidade e mobilidade na internet do futuro
Research on Future Internet has been gaining traction in recent years,
with both evolutionary (e.g., Software Defined Networking (SDN)-
based architectures) and clean-slate network architectures (e.g., Information
Centric Networking (ICN) architectures) being proposed. With
each network architectural proposal aiming to provide better solutions
for specific Internet utilization requirements, an heterogeneous Future
Internet composed by several architectures can be expected, each targeting
and optimizing different use case scenarios. Moreover, the increasing
number of mobile devices, with increasing capabilities and
supporting different connectivity technologies, are changing the patterns
of traffic exchanged in the Internet.
As such, this thesis focuses on the study of interoperability and mobility
in Future Internet architectures, two key requirements that need to be
addressed for the widely adoption of these network architectures. The
first contribution of this thesis is an interoperability framework that,
by enabling resources to be shared among different network architectures,
avoids resources to be restricted to a given network architecture
and, at the same time, promotes the initial roll out of new network
architectures. The second contribution of this thesis consists on the
development of enhancements for SDN-based and ICN network architectures
through IEEE 802.21 mechanisms to facilitate and optimize
the handover procedures on those architectures. The last contribution
of this thesis is the definition of an inter-network architecture mobility
framework that enables MNs to move across access network supporting
different network architectures without losing the reachability to
resources being accessed. All the proposed solutions were evaluated
with results highlighting the feasibility of such solutions and the impact
on the overall communication.A Internet do Futuro tem sido alvo de vários estudos nos últimos anos,
com a proposta de arquitecturas de rede seguindo quer abordagens
evolutionárias (por exemplo, Redes Definidas por Software (SDN))
quer abordagens disruptivas (por exemplo, Redes Centradas na Informação (ICN)). Cada uma destas arquitecturas de rede visa providenciar
melhores soluções relativamente a determinados requisitos de
utilização da Internet e, portanto, uma Internet do Futuro heterogénea
composta por diversas arquitecturas de rede torna-se uma possibilidade,
onde cada uma delas é usada para optimizar diferentes casos
de utilização. Para além disso, o aumento do número de dispositivos
móveis, com especificações acrescidas e com suporte para diferentes
tecnologias de conectividade, está a mudar os padrões do tráfego na
Internet.
Assim, esta tese foca-se no estudo de aspectos de interoperabilidade e
mobilidade em arquitecturas de rede da Internet do Futuro, dois importantes
requisitos que necessitam de ser satisfeitos para que a adopção
destas arquitecturas de rede seja considerada. A primeira contribuição
desta tese é uma solução de interoperabilidade que, uma vez que permite
que recursos possam ser partilhados por diferentes arquitecturas
de rede, evita que os recursos estejam restringidos a uma determinada
arquitectura de rede e, ao mesmo tempo, promove a adopção de novas
arquitecturas de rede. A segunda contribuição desta tese consiste
no desenvolvimento de extensões para arquitecturas de rede baseadas
em SDN ou ICN através dos mecanismos propostos na norma IEEE
802.21 com o objectivo de facilitar e optimizar os processos de mobilidade
nessas arquitecturas de rede. Finalmente, a terceira contribuição
desta tese é a definição de uma solução de mobilidade envolvendo diferentes
arquitecturas de rede que permite a mobilidade de dispositivos
móveis entre redes de acesso que suportam diferentes arquitecturas de
rede sem que estes percam o acesso aos recursos que estão a ser acedidos.
Todas as soluções propostas foram avaliadas com os resultados
a demonstrar a viabilidade de cada uma das soluções e o impacto que
têm na comunicação.Programa Doutoral em Informátic
Generalized Virtual Networking: an enabler for Service Centric Networking and Network Function Virtualization
In this paper we introduce the Generalized Virtual Networking (GVN) concept.
GVN provides a framework to influence the routing of packets based on service
level information that is carried in the packets. It is based on a protocol
header inserted between the Network and Transport layers, therefore it can be
seen as a layer 3.5 solution. Technically, GVN is proposed as a new transport
layer protocol in the TCP/IP protocol suite. An IP router that is not GVN
capable will simply process the IP destination address as usual. Similar
concepts have been proposed in other works, and referred to as Service Oriented
Networking, Service Centric Networking, Application Delivery Networking, but
they are now generalized in the proposed GVN framework. In this respect, the
GVN header is a generic container that can be adapted to serve the needs of
arbitrary service level routing solutions. The GVN header can be managed by GVN
capable end-hosts and applications or can be pushed/popped at the edge of a GVN
capable network (like a VLAN tag). In this position paper, we show that
Generalized Virtual Networking is a powerful enabler for SCN (Service Centric
Networking) and NFV (Network Function Virtualization) and how it couples with
the SDN (Software Defined Networking) paradigm
Coexistence of ICN and IP networks: an NFV as a service approach
International audienceIn contrast to the current host-centric architecture, Information-Centric Networking (ICN) adopts content naming instead of host address and in-network caching to enhance the content delivery, improve the data distribution, and satisfy users' requirements. As ICN is being incrementally deployed in different real-world scenarios, it will exist with IP-based services in a hybrid network setting. Full deployment of ICN and total replacement of IP protocol is not feasible at the current stage since IP is dominating the Internet. On the other hand, redesigning TCP/IP applications from ICN perspective is a time-consuming task and requires a careful investigation from both business and technical point of view. Thus, the coexistence of ICN and IP is one of the suitable solutions. Towards this end, we propose a simple yet efficient coexistence solution based on Network Function Virtualization (NFV) technology. We define a set of communication regions and control virtual functions. A gateway node is used as an intermediate entity to fetch and deliver content over regions. The simulation results show that the proposed approach is valid and allow content fetching and delivering from different ICN and/to IP regions in an efficient manner
Quality of Service improvements for real time multimedia applications using next generation network architectures and blockchain in Internet Service Provider cooperative scenario
Real time communications are becoming part of our daily life, requiring constrained requisites with the purpose of being enjoyed in harmony by end users. The factors ruling these requisites are Quality of Service parameters of the users' Internet connections. Achieving a satisfactory QoS level for real time communications depends on parameters that are strongly influenced by the quality of the network connections among the Internet Service Providers, which are located in the path between final users and Over The Top service providers that are supplying them with real time services. Final users can be: business people having real time videoconferences, or adopting crytpocurrencies in their exchanges, videogamers playing online games together with others residing in other countries, migrants talking with their relatives or watching their children growing up in their home countries, people with disabilities adopting tecnologies to help them, doctors performing remote surgeries, manufacturers adopting augmented reality devices to perform dangerous tasks. Each of them performing their daily activities are requiring specific QoS parameters to their ISPs, that nowadays seem to be unable to provide them with a satisfactory QoS level for these kinds of real time services. Through the adoption of next generation networks, such as the Information Centric Networking, it would be possible to overcome the QoS problems that nowadays are experienced. By adopting Blockchain technologies, in several use cases, it would be possible to improve those security aspects related to the non-temperability of information and privacy. I started this thesis analyzing next generation architectures enabling real time multimedia communications. In Software Defined Networking, Named Data Networking and Community Information Centric Networking, I highlighted potential approaches to solve QoS problems that are affecting real time multimedia applications. During my experiments I found that applications able to transmit high quality videos, such as 4k or 8k videos, or to directly interact with devices AR/VR enabled are missing for both ICN approaches. Then I proposed a REST interface for the enforcing of a specific QoS parameter, the round trip time (RTT) taking into consideration the specific use case of a game company that connects with the same telecommunication company of the final user. Supposing that the proposed REST APIs have been deployed in the game company and in the ISP, when one or more users are experiencing lag, the game company will try to ask the ISP to reduce the RTT for that specific user or that group of users. This request can be done by performing a call to a method where IP address(es) and the maximum RTT desired are passed. I also proposed other methods, through which it would be possible to retrieve information about the QoS parameters, and exchange, if necessary, an exceeding parameter in change of another one. The proposed REST APIs can also be used in more complex scenarios, where ISPs along the path are chained together, in order to improve the end to end QoS among Over The Top service provider and final users. To store the information exchanged by using the proposed REST APIs, I proposed to adopt a permissioned blockchain, analizying the ISPs cooperative use case with Hyperledger Fabric, where I proposed the adoption of the Proof of Authority consensus algorithm, to increase the throughput in terms of transactions per second. In a specific case that I examined, I am proposing a combination of Information Centric Networking and Blockchain, in an architecture where ISPs are exchanging valuable information regarding final Users, to improve their QoS parameters. I also proposed my smart contract for the gaming delay use case, that can be used to rule the communication among those ISPs that are along the path among OTT and final users. An extension of this work can be done, by defining billing costs for the QoS improvements
Software Defined Networks based Smart Grid Communication: A Comprehensive Survey
The current power grid is no longer a feasible solution due to
ever-increasing user demand of electricity, old infrastructure, and reliability
issues and thus require transformation to a better grid a.k.a., smart grid
(SG). The key features that distinguish SG from the conventional electrical
power grid are its capability to perform two-way communication, demand side
management, and real time pricing. Despite all these advantages that SG will
bring, there are certain issues which are specific to SG communication system.
For instance, network management of current SG systems is complex, time
consuming, and done manually. Moreover, SG communication (SGC) system is built
on different vendor specific devices and protocols. Therefore, the current SG
systems are not protocol independent, thus leading to interoperability issue.
Software defined network (SDN) has been proposed to monitor and manage the
communication networks globally. This article serves as a comprehensive survey
on SDN-based SGC. In this article, we first discuss taxonomy of advantages of
SDNbased SGC.We then discuss SDN-based SGC architectures, along with case
studies. Our article provides an in-depth discussion on routing schemes for
SDN-based SGC. We also provide detailed survey of security and privacy schemes
applied to SDN-based SGC. We furthermore present challenges, open issues, and
future research directions related to SDN-based SGC.Comment: Accepte
The road to BOFUSS: The basic OpenFlow userspace software switch
Software switches are pivotal in the Software-Defined Networking (SDN) paradigm, particularly in the early phases of development, deployment and testing. Currently, the most popular one is Open vSwitch (OVS), leveraged in many production-based environments. However, due to its kernel-based nature, OVS is typically complex to modify when additional features or adaptation is required. To this regard, a simpler user-space is key to perform these modifications.
In this article, we present a rich overview of BOFUSS, the basic OpenFlow user-space software switch. BOFUSS has been widely used in the research community for diverse reasons, but it lacked a proper reference document. For this purpose, we describe the switch, its history, architecture, uses cases and evaluation, together with a survey of works that leverage this switch. The main goal is to provide a comprehensive overview of the switch and its characteristics. Although the original BOFUSS is not expected to surpass the high performance of OVS, it is a useful complementary artefact that provides some OpenFlow features missing in OVS and it can be easily modified for extended functionality. Moreover, enhancements provided by the BEBA project brought the performance from BOFUSS close to OVS. In any case, this paper sheds light to researchers looking for the trade-offs between performance and customization of BOFUSS
- …