MUSeS: Mobile User Secured Session

International audienceMobility and security are very important services for both current and future network infrastructures. However, the integration of mobility in traditional virtual private networks is difficult due to the costs of re-establishing broken secure tunnels and restarting broken application connections. In order to address this issue, we propose a new communication system called Mobile User Secured Session. Based upon a peer-to-peer overlay network, it provides security services to the application layer connections of mobile users. The secure and resilient sessions allow user connections to survive network failures as opposed to regular transport layer secured connections. We have implemented a prototype and have assessed its proper functioning by running experimentations upon a simple virtual dynamic network

Istunnon aloitusprotokollaan pohjautuvat mobiilivertaisverkot

This work continues on my Master's Thesis work done between July 2005 and January 2006. In my Master's Thesis, we presented how a mobile peer-to-peer file-sharing application can be implemented using the Session Initiation Protocol (SIP) as the underlying signaling protocol. The main objective of this thesis is to evaluate what kind of special requirements mobile environment poses for peer-to-peer application design, and present how peer-to-peer based services can be efficiently realized in next-generation mobile networks by using SIP with some enhancements as the peer-to-peer signaling protocol. This thesis is divided into two parts. In the first part, we present different peer-to-peer architectures and search algorithms, and evaluate their suitability for mobile use. We also review some mobile peer-to-peer middleware and file-sharing applications. Then, in the second part, we present our hybrid mobile peer-to-peer architecture consisting of a Symbian based mobile client and a SIP Application Server based super-peer. Key findings of this thesis are that the mobile peer-to-peer application based on SIP signaling and hybrid peer-to-peer architecture is suitable for mobile use as it minimizes overhead in mobile nodes and allows mobile operator to have control on its users in multi-operator environment. Also, the performance of the application satisfies user requirements.Tämä työ on jatkoa diplomityölleni, joka tehtiin Heinäkuu 2005 – Tammikuu 2006 välisenä aikana. Diplomityössäni esitimme kuinka mobiilivertaisverkkosovellus voidaan toteuttaa käyttäen Session Initiation Protocol (SIP) protokollaa allaolevana signalointiprotokollana. Tämän työn päätavoite on selvittää, mitä erikoisvaatimuksia mobiiliympäristö vertaisverkkosovelluksen suunnittelulle asettaa sekä kuinka vertaisverkkopalveluita voidaan tehokkaasti toteuttaa seuraavan sukupolven mobiiliverkoissa käyttämällä laajennettua SIP protokollaa sovelluksen merkinantoprotokollana. Tämä työ on jaettu kahteen osaan. Ensimmäisessa osassa käsittelemme eri vertaisverkkoarkkitehtuureja ja hakualgoritmeja, sekä arvioimme näiden sopivuutta mobiilikäyttöön. Käymme myös läpi joitain mobiilivertaisverkkotiedostojako-ohjelmia sekä middleware-alustoja. Työn toisessa osassa esittelemme oman mobiilivertaisverkkoarkkitehtuurimme, joka koostuu Symbian mobiilisovelluksesta sekä SIP sovelluspalvelin super-peer solmusta. Tutkimuksen päälöydökset ovat seuraavat: SIP protokollaa käyttävä hybridi-vertaisverkkosovellus toimii hyvin matkapuhelinympäristössä, koska se minimoi puhelimeen kohdistuvan rasituksen ja tekee mahdolliseksi matkapuhelinoperaattorin hallita sovelluksen käyttäjiä myöskin monioperaattoriympäristössä. Tämän lisäksi ohjelmiston suorituskyky täyttää käytäjien sille asettamat vaatimukset

Harnessing Artificial Intelligence Capabilities to Improve Cybersecurity

Cybersecurity is a fast-evolving discipline that is always in the news over the last decade, as the number of threats rises and cybercriminals constantly endeavor to stay a step ahead of law enforcement. Over the years, although the original motives for carrying out cyberattacks largely remain unchanged, cybercriminals have become increasingly sophisticated with their techniques. Traditional cybersecurity solutions are becoming inadequate at detecting and mitigating emerging cyberattacks. Advances in cryptographic and Artificial Intelligence (AI) techniques (in particular, machine learning and deep learning) show promise in enabling cybersecurity experts to counter the ever-evolving threat posed by adversaries. Here, we explore AI\u27s potential in improving cybersecurity solutions, by identifying both its strengths and weaknesses. We also discuss future research opportunities associated with the development of AI techniques in the cybersecurity field across a range of application domains

New Waves of IoT Technologies Research – Transcending Intelligence and Senses at the Edge to Create Multi Experience Environments

The next wave of Internet of Things (IoT) and Industrial Internet of Things (IIoT) brings new technological developments that incorporate radical advances in Artificial Intelligence (AI), edge computing processing, new sensing capabilities, more security protection and autonomous functions accelerating progress towards the ability for IoT systems to self-develop, self-maintain and self-optimise. The emergence of hyper autonomous IoT applications with enhanced sensing, distributed intelligence, edge processing and connectivity, combined with human augmentation, has the potential to power the transformation and optimisation of industrial sectors and to change the innovation landscape. This chapter is reviewing the most recent advances in the next wave of the IoT by looking not only at the technology enabling the IoT but also at the platforms and smart data aspects that will bring intelligence, sustainability, dependability, autonomy, and will support human-centric solutions.acceptedVersio

Internet Interconnection Ecosystem in Finland

For both fixed and mobile network operators, interconnection constitutes an indisputably key element to provide end users with a variety of services. Internet interconnection is particularly an intriguing subject due to the importance of the Internet in our everyday lives and our genuine curiosity to grasp its underlying structure. This thesis aims to provide a holistic approach to study the Internet interconnections in a nation-centric stance. To accomplish the objective, initially the method that breaks down the key features of the interconnection analysis is introduced. The nation-centric analysis is conducted for Finland by jointly utilizing the Internet registry data and collected Internet routing data. Covering the last decade of the Finnish Internet, the longitudinal analysis yields significant findings for the Internet address usage statistics and the level of multi-homed networks, along with the classification and inference of relationships between stakeholders in the interconnection ecosystem. The implications that the emerging interconnection models pose for the future global service delivery among both fixed and mobile networks are expounded from the perspective of the existing domestic interconnection practices. The longitudinal interconnectivity study allows us to comprehend both technical and business interfaces between market players by revealing a complete list of customer-provider relationships. Within a national milieu, the assessment of the current Internet market dynamics and future implications of emerging models can be considered in more rationally anticipated manner. Hence, authorities who desire to design new pricing schemes and policies for future networking interconnections can be guided more thoroughly

Secure Connectivity With Persistent Identities

In the current Internet the Internet Protocol address is burdened with two roles. It serves as the identifier and the locator for the host. As the host moves its identity changes with its locator. The research community thinks that the Future Internet will include identifier-locator split in some form. Identifier-locator split is seen as the solution to multiple problems. However, identifier-locator split introduces multiple new problems to the Internet. In this dissertation we concentrate on: the feasibility of using identifier-locator split with legacy applications, securing the resolution steps, using the persistent identity for access control, improving mobility in environments using multiple address families and so improving the disruption tolerance for connectivity. The proposed methods achieve theoretical and practical improvements over the earlier state of the art. To raise the overall awareness, our results have been published in interdisciplinary forums.Nykypäivän Internetissä IP-osoite on kuormitettu kahdella eri roolilla. IP toimii päätelaitteen osoitteena, mutta myös usein sen identiteetinä. Tällöin laitteen identiteetti muuttuu laitteen liikkuessa, koska laitteen osoite vaihtuu. Tutkimusyhteisön mielestä paikan ja identiteetin erottaminen on välttämätöntä tulevaisuuden Internetissä. Paikan ja identiteetin erottaminen tuo kuitenkin esiin joukon uusia ongelmia. Tässä väitöskirjassa keskitytään selvittämään paikan ja identiteetin erottamisen vaikutusta olemassa oleviin verkkoa käyttäviin sovelluksiin, turvaamaan nimien muuntaminen osoitteiksi, helpottamaan pitkäikäisten identiteettien käyttöä pääsyvalvonnassa ja parantamaan yhteyksien mahdollisuuksia selviytyä liikkumisesta usean osoiteperheen ympäristöissä. Väitöskirjassa ehdotetut menetelmät saavuttavat sekä teoreettisia että käytännön etuja verrattuna aiempiin kirjallisuudessa esitettyihin menetelmiin. Saavutetut tulokset on julkaistu eri osa-alojen foorumeilla