Algorithmes d'adressage et routage pour des réseaux fortement mobiles à grande échelle

After successfully connecting machines and people later (world wide web), the new era of In-ternet is about connecting things. Due to increasing demands in terms of addresses, mobility, scalability, security and other new unattended challenges, the evolution of current Internet archi-tecture is subject to major debate worldwide. The Internet Architecture Board (IAB) workshop on Routing and Addressing report described the serious scalability problems faced by large backbone operators in terms of routing and addressing, illustrated by the unsustainable growth of the Default Free Zone (DFZ) routing tables. Some proposals tackled the scalability and IP semantics overload issues with two different approaches: evolutionary approach (backward com-patibility) or a revolutionary approach. Several design objectives (technical or high-level) guided researchers in their proposals. Mobility is definitely one of the main challenges.Inter-Vehicle Communication (IVC) attracts considerable attention from the research com-munity and the industry for its potential in providing Intelligent Transportation Systems (ITS) and passengers services. Vehicular Ad-Hoc Networks (VANETs) are emerging as a class of wire-less network, formed between moving vehicles equipped with wireless interfaces (cellular and WiFi) employing heterogeneous communication systems. A VANET is a form of mobile ad-hoc network that provides IVC among nearby vehicles and may involve the use of a nearby fixed equipment on the roadside. The impact of Internet-based vehicular services (infotainment) are quickly developing. Some of these applications, driver assistance services or traffic reports, have been there for a while. But market-enabling applications may also be an argument in favor of a more convenient journey. Such use cases are viewed as a motivation to further adoption of the ITS standards developed within IEEE, ETSI, and ISO.This thesis focuses on applying Future Internet paradigm to vehicle-to-Internet communica-tions in an attempt to define the solution space of Future Vehicular Internet. We first introduce two possible vehicle-to-Internet use cases and great enablers for IP based services : eHealth and Fully-electric Vehicles. We show how to integrate those use cases into IPv6 enabled networks. We further focus on the mobility architectures and determine the fundamental components of a mobility architecture. We then classify those approaches into centralized and distributed to show the current trends in terms of network mobility extension, an essential component to vehicular networking. We eventually analyze the performance of these proposals. In order to define an identifier namespace for vehicular communications, we introduce the Vehicle Identification Numbers are possible candidates. We then propose a conversion algorithm that preserves the VIN characteristics while mapping it onto usable IPv6 networking objects (ad-dresses, prefixes, and Mobile Node Identifiers). We make use of this result to extend LISP-MN protocol with the support of our VIN6 addressing architecture. We also apply those results to group IP-based communications, when the cluster head is in charge of a group of followers.Cette thèse a pour objectif de faire avancer l'état de l'art des communications basée sur Internet Protocol version 6 (IPv6) dans le domaine des réseaux véhiculaires, et ce dans le cadre des évolutions récentes de IP, notamment l'avènement du Future Internet. Le Future Internet (F.I.) définit un ensemble d'approches pour faire évoluer l'Internet actuel , en particulier l'émergence d'un Internet mobile exigeant en ressources. Les acteurs de ce domaine définissent les contraintes inhérentes aux approches utilisées historiquement dans l'évolution de l'architecture d'Internet et tentent d'y remédier soit de manière évolutive soit par une rupture technologique (révolutionnaire). Un des problèmes au centre de cette nouvelle évolution d'Internet est la question du nommage et de l'adressage dans le réseau. Nous avons entrepris dans cette thèse l'étude de ce problème, dans le cadre restreint des communications véhiculaires Internet.Dans ce contexte, l'état de l'art du Future Internet a mis en avant les distinctions des approches révolutionnaires comparées aux propositions évolutives basées sur IPv6. Les réseaux véhiculaires étant d'ores-et-déjà dotés de piles protocolaires comprenant une extension IPv6, nous avons entamé une approche évolutive visant à intégrer les réseaux véhiculaires au Future Internet. Une première proposition a été de convertir un identifiant présent dans le monde automobile (VIN, Numéro d'Identification de Véhicule) en un lot d'adresses réseau propres à chaque véhicule (qui est donc propriétaire de son adressage issu de son identifiant). Cette proposition étant centrée sur le véhicule, nous avons ensuite intégré ces communications basés dans une architecture globale Future Internet basée sur IPv6 (protocole LISP). En particulier, et avec l'adressage VIN, nous avons défini un espace d'adressage indépendant des fournisseurs d'accès à Internet où le constructeur automobile devient acteur économique fournissant des services IPv6 à sa flotte de véhicules conjointement avec les opérateurs réseau dont il dépend pour transporter son trafic IP. Nous nous sommes ensuite intéressés à l'entourage proche du véhicule afin de définir un nouveau mode de communication inter-véhiculaire à Internet: le V2V2I (Angl. Vehicle-to-Vehicle-to-Infrastructure). Jusqu'à présent, les modes de transmission de données à Internet dans le monde du véhicule consistaient en des topologies V2I, à savoir véhicule à Internet, où le véhicule accède à l'infrastructure directement sans intermédiaire. Dans le cadre des communications véhiculaires à Internet, nous proposons une taxonomie des méthodes existantes dans l'état de l'art. Les techniques du Future Internet étant récentes, nous avons étendu notre taxonomie par une nouvelle approche basée sur la séparation de l'adressage topologique dans le cluster de celui de l'infrastructure. Le leader du cluster s'occupe d'affecter les adresses (de son VIN) et de gérer le routage à l'intérieur de son cluster. La dernière contribution consiste en la comparaison des performances des protocoles de gestion de mobilité, notamment pour les réseaux de véhicules et des communications de type vehicule-à-Internet. Dans ce cadre, nous avons proposé une classification des protocoles de gestion de mobilité selon leur déploiement: centralisé (basé réseau ou host) et distribué. Nous avons ensuite évalué les performances en modélisant les durées de configurations et de reconfigurations des différents protocoles concernés

An ILNP-based solution for future heterogeneous wireless networks

Utilization of the different wireless interfaces (Cellular, Wi-Fi and WiMAX) that come with many of the Mobile Nodes today is central to improving Quality of Experience and Quality of Service in future networks. Although the interfaces are of different technologies as are the access links, the core/backbone networks are now based on IP infrastructure. Efforts to simplify network handover between these technologies – termed vertical handover (VHO) – have not been successful with IP due its mechanism for managing nodes’ identity and location. Researchers have defined and implemented some solutions that proposed the separation of identity of a Mobile Node from its location, and among those proposals is the Identifier Locator Network Protocol (ILNP). In this work, we propose a Linux-based implementation of the ILNPv6 protocol – an instance of the ILNP that is compatible with IPv6 – on laboratory testbed. We also proposed an Information Server managing a defined geographical location we called AREA, to augment some of the shortfalls that we observed with ILNP. We believe that this combination provides the necessary ground for achieving seamless VHO in heterogeneous wireless environments of the future

Inter-domain mobility with LISP-MN:a performance comparison with MIPv6

In this work, we aim to evaluate Locator Identifier Separation Protocol-Mobile Node (LISP-MN) performance in an inter-domain mobility scenario for both multi-interface and single interface MN with focus on throughput, handover delay, service disruption time and packet loss. To serve as the benchmark for performance, we compare LISP-MN with the IETF standardised MIPv6. We implement the 2 protocols on a laboratory testbed comprising all the nodes necessary for their operation. For multi-interface MNs, LISP-MN shows a better response in soft handover scenarios in terms of throughput and packet loss. MIPv6 on the other hand shows shorter handover delay with lower service disruption time in a hard handover scenario. Both protocols demonstrate poor performance for a single interface MN due to the long handover delay experienced. Although LISP-MN’s handover control messages doubled that of MIPv6, our experiments show that it takes a similar time as MIPv6 to complete the handover message exchange

Virtual Mobility Domains - A Mobility Architecture for the Future Internet

The advances in hardware and wireless technologies have made mobile communication devices affordable by a vast user community. With the advent of rich multimedia and social networking content, an influx of myriads of applications, and Internet supported services, there is an increasing user demand for the Internet connectivity anywhere and anytime. Mobility management is thus a crucial requirement for the Internet today. This work targets novel mobility management techniques, designed to work with the Floating Cloud Tiered (FCT) internetworking model, proposed for a future Internet. We derive the FCT internetworking model from the tiered structure existing among Internet Service Provider (ISP) networks, to define their business and peering relationships. In our novel mobility management scheme, we define Virtual Mobility Domains (VMDs) of various scopes, that can support both intra and inter-domain roaming using a single address for a mobile node. The scheme is network based and hence imposes no operational load on the mobile node. This scheme is the first of its kind, by leveraging the tiered structure and its hierarchical properties, the collaborative network-based mobility management mechanism, and the inheritance information in the tiered addresses to route packets. The contributions of this PhD thesis can be summarized as follows: · We contribute to the literature with a comprehensive analysis of the future Internet architectures and mobility protocols over the period of 2002-2012, in light of their identity and handoff management schemes. We present a qualitative evaluation of current and future schemes on a unified platform. · We design and implement a novel user-centric future Internet mobility architecture called Virtual Mobility Domain. VMD proposes a seamless, network-based, unique collaborative mobility management within/across ASes and ISPs in the FCT Internetworking model. The analytical and simulation-based handoff performance analysis of the VMD architecture in comparison with the IPv6-based mobility protocols presents the considerable performance improvements achieved by the VMD architecture. · We present a novel and user-centric handoff cost framework to analyze handoff performance of different mobility schemes. The framework helps to examine the impacts of registration costs, signaling overhead, and data loss for Internet connected mobile users employing a unified cost metric. We analyze the effect of each parameter in the handoff cost framework on the handoff cost components. We also compare the handoff performance of IPv6-based mobility protocols to the VMD. · We present a handoff cost optimization problem and analysis of its characteristics. We consider a mobility user as the primary focus of our study. We then identify the suitable mathematical methods that can be leveraged to solve the problem. We model the handoff cost problem in an optimization tool. We also conduct a mobility study - best of our knowledge, first of its kind - on providing a guide for finding the number of handoffs in a typical VMD for any given user\u27s mobility model. Plugging the output of mobility study, we then conduct a numerical analysis to find out optimum VMD for a given user mobility model and check if the theoretical inferences are in agreement with the output of the optimization tool

Support for network-based user mobility with LISP

Projecte realitzat en el marc d'un programa de mobilitat amb el Politecnico di TorinoThe goal of this work is developing the most possibly abstract solution for making a user roam in different networks, without dropping his active connections. Better, design a network architecture in charge of maintaining user's connections and being transparent to the user at the same time

IPv6 Security Issues: A Systematic Review Following PRISMA Guidelines

Since Internet Protocol version 6 is a new technology, insecure network configurations are inevitable. The researchers contributed a lot to spreading knowledge about IPv6 vulnerabilities and how to address them over the past two decades. In this study, a systematic literature review is conducted to analyze research progress in IPv6 security field following the Preferred Reporting Items for the Systematics Review and Meta-Analysis (PRISMA) method. A total of 427 studies have been reviewed from two databases, IEEE and Scopus. To fulfil the review goal, several key data elements were extracted from each study and two kinds of analysis were administered: descriptive analysis and literature classification. The results show positive signs of the research contributions in the field, and generally, they could be considered as a reference to explore the research of in the past two decades in IPv6 security field and to draw the future directions. For example, the percentage of publishing increased from 147 per decade from 2000-2010 to 330 per decade from 2011 to 2020 which means that the percentage increase was 124%. The number of citations is another key finding that reflects the great global interest in research devoted to IPv6 security issues, as it was 409 citations in the decade from 2000-2010, then increased to 1643 citations during the decade from 2011 to 2020, that is, the percentage increase was 302%

An improved locator identifier split architecture (ILISA) to enhance mobility

The increased use of mobile devices has prompted the need for efficient mobility management protocols to ensure continuity of communication sessions as users switch connection between available wireless access networks in an area. Locator/Identifier (LOC/ID) split architectures are designed to, among other functions, enable the mobility of nodes on the Internet. The protocols based on these architectures enable mobility by ensuring that the identifier (IP address) used for creating a communication session is maintained throughout the lifetime of the session and only the location of a mobile node (MN) is updated as the device moves. While the LOC/ID protocols ensure session continuity during handover, they experience packet loss and long service disruption times as the MN moves from one access network to another. The mobility event causes degradation of throughput, poor network utilisation, and affects the stability of some applications, such as video players. This poor performance was confirmed from the experiments we conducted on a laboratory testbed running Locator Identifier Separation Protocol MN (LISP-MN) and Mobile IPv6 (MIPv6). The MIPv6, as the standardised IETF mobility protocol, was used to benchmark the performance of LISP-MN. The poor performance recorded is owed to the design of the LISP-MN’s architecture, with no specific way of handling packets that arrive during handover events. Our main aim in this thesis is to introduce an Improved Locator/Identifier Split Architecture (ILISA) designed to enhance the mobility of nodes running a LOC/ID protocol by mitigating packet loss and reducing service disruption in handovers. A new network node, Loc-server, is central to the new architecture with the task of buffering incoming packets during handover and forwarding the packets to the MN on the completion of the node’s movement process. We implemented ILISA with LISP-MN on a laboratory testbed to evaluate its performance in different mobility scenarios. Our experimental results show a significant improvement in the mobility performance of MNs as reflected by the different network parameters investigated

Towards Seamless Mobility: An IEEE 802.21 Practical Approach

In the recent years, mobile devices such as cell phones, notebook or ultra mobile computers and videogame consoles are experiencing an impressive evolution in terms of hardware and software possibilities. Elements such a wideband Internet connection allows a broad range of possibilities for creative developers. Many of these possibilities can include applications requiring continuity of service when the user moves form a coverage area to another. Nowadays, mobile devices are equipped with one or more radio interfaces such as GSM, UMTS, WiMax or Wi‐ Fi. Many of these technologies are ready to allow transparent roaming within their own coverage areas, but they are not ready to handle a service transfer between different technologies. In order to find a solution to this issue, the IEEE has developed a standard known as Media Independent Handover (MIH) Services with the aim of easing seamless mobility between these technologies. The present work has been centered in developing a system capable to enable a service of mobility under the terms specified in the stated standard. The development of a platform aiming to provide service continuity is mandatory, being a cross‐layer solution based in elements from link and network layers supplying a transparent roaming mechanism from user’s point of view. Two applications have been implemented in C/C++ language under a Linux environment. One application is designed to work within a mobile device, and the other one in the network access point. The mobile device basically consists in a notebook equipped with two Wi‐Fi interfaces, which is not a common feature in commercial devices, allowing seamless communication transfers aided by the application. Network access points are computers equipped with a Wi‐Fi interface and configured to provide Internet wireless access and services of mobility. In order to test the operation, a test‐bed has been implemented. It consists on a pair of access points connected through a network and placed within partially overlapped coverage areas, and a mobile device, all of them properly set. The mobile detects the networks that are compatible and gets attached to the one that provides better conditions for the demanded service. When the service degrades up to certain level, the mobile transfers the communication to the other access point, which offers better service conditions. Finally, in order to check if the changes have been done properly, the duration of the required actions has been measured, as well as the data that can have been lost or buffered meanwhile. The result is a MIH‐alike system working in a proper way. The discovery and selection of a destination network is correct and is done before the old connection gets too degraded, providing seamless mobility. The measured latencies and packet losses are affordable in terms of MIH protocol, but require future work improvements in terms of network protocols that have not been considered under the scope of this work

Proposta e Estudo de Soluções para Otimização de Rotas em Ambientes de Mobilidade de Redes

Tese de doutoramento em Engenharia Informática, apresentada à Faculdade de Ciências e Tecnologia da Universidade de CoimbraNo mundo de hoje, no qual se acentua a tendência para que todo o tipo de comunicações recorra à arquitetura TCP/IP e crescem, em número e tipo, os dispositivos que utilizam ligações sem fios, a mobilidade em ambiente IP assume um papel de extrema importância. Por esse facto, tem sido grande a atenção da comunidade científica à proposta e desenvolvimento de soluções de mobilidade IP de nós individuais e de redes. O NEMO Basic Support Protocol, IETF RFC 3963, foi desenvolvido com o objetivo de fornecer mobilidade de redes de forma imediata e transparente para a Internet atual. Contudo, a sua simplicidade está na génese das suas maiores limitações, que resultam em claros problemas de desempenho. Por outro lado, nenhuma das alternativas propostas com o intuito de resolver estas limitações conseguiu reunir consenso. Nesta tese é apresentada uma mudança de paradigma, que consiste em envolver os dispositivos finais nos processos de mobilidade de redes. A proposta Optimised Mobility for Enhanced Networking, OMEN, faculta os mecanismos necessários para que os dispositivos finais tomem consciência da sua condição de mobilidade e possam recorrer aos mecanismos de otimização de rotas já previstos no MIPv6, de forma a não estarem sujeitos às limitações do RFC 3963. Com esta medida consegue-se resolver o problema da decisão da altura ideal para otimizar a rota de um determinado fluxo e, ao mesmo tempo, permitir que os elementos da infraestrutura de rede móvel fiquem dedicados às suas funções de encaminhamento de pacotes, resultando num incremento acentuado do desempenho da rede e num decréscimo do consumo de energia. As simulações realizadas mostram que a proposta OMEN apresenta valores de desempenho de comunicação e de perda de pacotes substancialmente melhores que as restantes soluções existentes, corroborando as vantagens da mudança de paradigma. Para a realização dos diversos estudos de comparação das soluções foi necessário desenvolver um emulador que permitisse resolver as limitações de falta de implementação das soluções de mobilidade de redes e, ao mesmo tempo, permitir simulações de larga escala e de carga na rede. O emulador desenvolvido, denominado mobSim, foi executado num cluster de grandes dimensões, dado o tamanho e complexidade dos cenários de simulação.In the current world, in which there is a growing trend to use the TCP/IP protocol suite in all types of communication networks, and the number and type of devices using wireless connections is growing, IP mobility of both nodes and networks is of extreme importance. This is the main reason why the scientific community has paid and is paying special attention to the proposal and development of IP mobility solutions. The NEMO Basic Support Protocol, IETF RFC 3963, was developed with the objective of readily allowing transparent network mobility in the current Internet. Nevertheless, the simplicity of this solution is at the basis of its limitations, which severely affect its performance. On the other hand, none of the proposed alternatives is gathering enough consensus of the community. In this thesis, a paradigm shift is proposed, consisting of involving end nodes in the network mobility process. The proposal, named Optimised Mobility for Enhanced Networking, OMEN, establishes the necessary means for informing end nodes of their mobility condition, which can then use existing MIPv6 route optimisation mechanisms in order for them not to be subject to the limitations of RFC 3963. In this way, the problem of deciding which and when to optimise flows is left to the end nodes, which are in the best position to decide. At the same time, mobile routers are freed from all tasks concerning the mobility management of a potentially large number of flows, making them lighter and with lower power requirements. The performed simulations show that the OMEN proposal leads to better performance then existing network mobility solutions, confirming the advantages of the paradigm shift. The performed studies were carried out using a specially built network mobility emulator, in order to overcome the lack of support for this type of mobility and the scalability limitations of existing simulators. The developed emulator, named mobSim, ran in a large cluster, due to the size and complexity of the simulated scenarios.IST-FP6-0384239: CONTENT – Network of Excellence on Content Networks and Services for Home UsersFCT PTDC/EIA –EIA/116173/2009: CoFiMoM - Combate a Incêndios com Multihoming e Mobilidad

Privacidade em redes de próxima geração

Doutoramento em Engenharia InformáticaIn the modern society, communications and digital transactions are becoming the norm rather than the exception. As we allow networked computing devices into our every-day actions, we build a digital lifestyle where networks and devices enrich our interactions. However, as we move our information towards a connected digital environment, privacy becomes extremely important as most of our personal information can be found in the network. This is especially relevant as we design and adopt next generation networks that provide ubiquitous access to services and content, increasing the impact and pervasiveness of existing networks. The environments that provide widespread connectivity and services usually rely on network protocols that have few privacy considerations, compromising user privacy. The presented work focuses on the network aspects of privacy, considering how network protocols threaten user privacy, especially on next generation networks scenarios. We target the identifiers that are present in each network protocol and support its designed function. By studying how the network identifiers can compromise user privacy, we explore how these threats can stem from the identifier itself and from relationships established between several protocol identifiers. Following the study focused on identifiers, we show that privacy in the network can be explored along two dimensions: a vertical dimension that establishes privacy relationships across several layers and protocols, reaching the user, and a horizontal dimension that highlights the threats exposed by individual protocols, usually confined to a single layer. With these concepts, we outline an integrated perspective on privacy in the network, embracing both vertical and horizontal interactions of privacy. This approach enables the discussion of several mechanisms to address privacy threats on individual layers, leading to architectural instantiations focused on user privacy. We also show how the different dimensions of privacy can provide insight into the relationships that exist in a layered network stack, providing a potential path towards designing and implementing future privacy-aware network architectures.Na sociedade moderna, as comunicações e transacções digitais estão a tornar-se a regra e não a excepção. À medida que permitimos a intromissão de dispositivos electrónicos de rede no nosso quotidiano, vamos construíndo um estilo de vida digital onde redes e dispositivos enrirquecem as nossas interacções. Contudo, ao caminharmos para um ambiente digital em rede, a nossa privacidade vai-se revestindo de maior importãncia, pois a nossa informação pessoal passa a encontrar-se cada vez mais na rede. Isto torna-se particularmente relevante ao adoptarmos redes de próxima geração, que permitem acesso ubíquo a redes, serviços e conteúdos, aumentando o impacte e pervasividade das redes actuais. Os ambientes onde a conectividade e os serviços se tornam uma constante, assentam em protocolos de rede que normalmente contemplam poucas considerações sobre privacidade, comprometendo desta forma o utlizador. O presente trabalho centra-se nos aspectos de privacidade que dizem respeito à rede devido à forma como os protocolos são utilizados nas diferentes camadas, e que resultando em ameaças à privacidade do utilizador. Abordamos especificamente os identificadores presentes nos protocolos de rede, e que são essenciais à sua função. Neste contexto exploramos a possibilidade destes identificadores comprometerem a privacidade do utilizador através da informação neles contida, bem como das relações que podem ser estabelecidas entre identificadores de diferentes protocolos. Após este estudo centrado nos identificadores, mostramos como a privacidade em redes pode ser explorada ao longo de duas dimensões: uma dimensão que acentua as relações verticais de privacidade, cruzando vários protocolos até chegar ao utilizador, e uma dimensão horizontal que destaca as ameaças causadas por cada protocolo, de forma individual, normalmente limitadas a uma única camada. Através destes conceitos, mostramos uma visão integrada de privacidade em redes, abrangendo tanto as interacçoes de privacidade verticais como as horizontais. Esta visão permite discutir vários mecanismos para mitigar ameaças específicas a cada camada de rede, resultando em instânciações arquitecturais orientadas à privacidade do utilizador. Finalmente, mostramos como as diferentes dimensões de privacidade podem fornecer uma visão diferente sobre as relações estabelecidas na pilha protocolar que assenta em camadas, mostrando um caminho possível para o desenvolvimento de futuras arquitecturas de rede com suporte para privacidade