Architecture for Mobile Heterogeneous Multi Domain Networks

Multi domain networks can be used in several scenarios including military, enterprize networks, emergency networks and many other cases. In such networks, each domain might be under its own administration. Therefore, the cooperation among domains is conditioned by individual domain policies regarding sharing information, such as network topology, connectivity, mobility, security, various service availability and so on. We propose a new architecture for Heterogeneous Multi Domain (HMD) networks, in which one the operations are subject to specific domain policies. We propose a hierarchical architecture, with an infrastructure of gateways at highest-control level that enables policy based interconnection, mobility and other services among domains. Gateways are responsible for translation among different communication protocols, including routing, signalling, and security. Besides the architecture, we discuss in more details the mobility and adaptive capacity of services in HMD. We discuss the HMD scalability and other advantages compared to existing architectural and mobility solutions. Furthermore, we analyze the dynamic availability at the control level of the hierarchy

Towards a Taxonomy of Inter-network Architectures

Over the past decade, research on network architecture design has intensified. However, contributions to the field have mainly been idiosyncratic and architectural descriptions remain idiomatic. This state of affairs has led to the emergence of a large body of network architecture proposals with no clear indication of their compatibility points, their cross similarities, and their differences. Thus, a taxonomy of network architectures that provides a framework for better understanding, organizing, and thinking about the complex architecture design space would be a timely contribution. This paper presents a first step in that direction by attempting a classification based on the architecture\u27s information model. The taxonomy is applied to a special network architecture highlighting its descriptive and classification powers

Measuring Risks of Interdependencies in Enterprise Systems: An Application to Ghana’s Salt Enterprise

This dissertation describes the use of Functional Dependency Network Analysis (FDNA) for modeling risks resulting from dependencies among elements of enterprise systems with application to salt processing enterprise in Ghana. FDNA was developed to model dependencies among members of enterprise systems by highlighting two dimensions of dependency: strength and criticality. Nonetheless, the concepts and analytics for these two dimensions of dependencies needed further development and generalization in the context of project management and systems development in developing countries. Managing risks within the interdependency in enterprise systems through integration will help improve global economic growth. Coherent theory for enterprise integration must be developed, especially in developing countries like Ghana. The significance of this dissertation is the further development of theoretical concept that can be used to analyze dimensions of dependencies in enterprise systems. This model development is contingent upon the strength and criticality dimensions of dependencies in enterprise systems as they apply to project management and the development of enterprise systems. The research covers empirical investigation of the complexities and of enterprise risk management in the Sub-Saharan region for the appropriateness of using the FDNA concept to develop the salt processing enterprise in Ghana

Dovetail: Stronger Anonymity in Next-Generation Internet Routing

Current low-latency anonymity systems use complex overlay networks to conceal a user's IP address, introducing significant latency and network efficiency penalties compared to normal Internet usage. Rather than obfuscating network identity through higher level protocols, we propose a more direct solution: a routing protocol that allows communication without exposing network identity, providing a strong foundation for Internet privacy, while allowing identity to be defined in those higher level protocols where it adds value. Given current research initiatives advocating "clean slate" Internet designs, an opportunity exists to design an internetwork layer routing protocol that decouples identity from network location and thereby simplifies the anonymity problem. Recently, Hsiao et al. proposed such a protocol (LAP), but it does not protect the user against a local eavesdropper or an untrusted ISP, which will not be acceptable for many users. Thus, we propose Dovetail, a next-generation Internet routing protocol that provides anonymity against an active attacker located at any single point within the network, including the user's ISP. A major design challenge is to provide this protection without including an application-layer proxy in data transmission. We address this challenge in path construction by using a matchmaker node (an end host) to overlap two path segments at a dovetail node (a router). The dovetail then trims away part of the path so that data transmission bypasses the matchmaker. Additional design features include the choice of many different paths through the network and the joining of path segments without requiring a trusted third party. We develop a systematic mechanism to measure the topological anonymity of our designs, and we demonstrate the privacy and efficiency of our proposal by simulation, using a model of the complete Internet at the AS-level

Deployable filtering architectures against large denial-of-service attacks

Denial-of-Service attacks continue to grow in size and frequency despite serious underreporting. While several research solutions have been proposed over the years, they have had important deployment hurdles that have prevented them from seeing any significant level of deployment on the Internet. Commercial solutions exist, but they are costly and generally are not meant to scale to Internet-wide levels. In this thesis we present three filtering architectures against large Denial-of-Service attacks. Their emphasis is in providing an effective solution against such attacks while using simple mechanisms in order to overcome the deployment hurdles faced by other solutions. While these are well-suited to being implemented in fast routing hardware, in the early stages of deployment this is unlikely to be the case. Because of this, we implemented them on low-cost off-the-shelf hardware and evaluated their performance on a network testbed. The results are very encouraging: this setup allows us to forward traffic on a single PC at rates of millions of packets per second even for minimum-sized packets, while at the same time processing as many as one million filters; this gives us confidence that the architecture as a whole could combat even the large botnets currently being reported. Better yet, we show that this single-PC performance scales well with the number of CPU cores and network interfaces, which is promising for our solutions if we consider the current trend in processor design. In addition to using simple mechanisms, we discuss how the architectures provide clear incentives for ISPs that adopt them early, both at the destination as well as at the sources of attacks. The hope is that these will be sufficient to achieve some level of initial deployment. The larger goal is to have an architectural solution against large DoS deployed in place before even more harmful attacks take place; this thesis is hopefully a step in that direction

The InterMesh Network Architecture

The rapid spread of mobile devices, the emergence of key wireless technologies, and the nomadic user and computing lifestyles on current networks are continuously evolving in synergy. MANETs, WSNs, and WMNs are examples of self-organizing unstructured networks that have their local communication paradigms and are optimized to perform under their particular physical constraints. Wireless Mesh Networks (WMNs) are particularly interesting because of their ability to operate in a pure ad-hoc mode or to include some infrastructural components, making them suitable for a multitude of applications. Inter-networking among the heterogeneous access networks is currently offered by the Internet Protocol (IP). However, the evolution of and the innovation within these networks is greatly hindered by the rigidity of the current Internet implementation and its lag in efficiently supporting flexible unstructured communication paradigms. To broaden the user\u27s innovation space and to efficiently embrace the characteristics of emerging networks, clean-slate architectural approaches are being pursued. In this paper, we propose InterMesh, a novel iner-networking platform for wireless mesh networks. InterMesh enables heterogeneous access networks to converge at novel Persistent Identification and Networking Layer (PINL), providing a seamless service to individual network entities. This paper identifies the key concepts behind the InterMesh network platform, presents an interesting prototype implementation that can coexist with today\u27s Internet while still be able to evolve separately, and discusses some preliminary performance results of the prototype