IP ROUTING AND KEY MANAGEMENT FOR SECURE MULTICAST IN SATELLITE ATM NETWORKS

Communication satellites offer an efficient way to extend IP multicast services for groups in wide-area networks. This poses interesting challenges for routing and security. Satellite networks can have wired and wireless links and different link-layer technologies like Ethernet and ATM. For security, the multicast traffic should be restricted to legitimate receivers, which can be achieved by data encryption.This requires secure and efficient methods to manage the encryption keys. This thesis attempts to solve the above problems for secure multicast in wide-area networks that have Ethernet LANs interconnected by ATM-based satellite channels. The thesis reviews the multicast services offered by IP and ATM and proposes a multicast routing framework for hybrid satellite networks. The thesis also investigates current group key management protocols, and designs a scheme for secure and scalable key management for the proposed multicast architecture. The various proposed schemes are presented in detail, alongwith analysis and simulation results

IP and ATM integration: A New paradigm in multi-service internetworking

ATM is a widespread technology adopted by many to support advanced data communication, in particular efficient Internet services provision. The expected challenges of multimedia communication together with the increasing massive utilization of IP-based applications urgently require redesign of networking solutions in terms of both new functionalities and enhanced performance. However, the networking context is affected by so many changes, and to some extent chaotic growth, that any approach based on a structured and complex top-down architecture is unlikely to be applicable. Instead, an approach based on finding out the best match between realistic service requirements and the pragmatic, intelligent use of technical opportunities made available by the product market seems more appropriate. By following this approach, innovations and improvements can be introduced at different times, not necessarily complying with each other according to a coherent overall design. With the aim of pursuing feasible innovations in the different networking aspects, we look at both IP and ATM internetworking in order to investigating a few of the most crucial topics/ issues related to the IP and ATM integration perspective. This research would also address various means of internetworking the Internet Protocol (IP) and Asynchronous Transfer Mode (ATM) with an objective of identifying the best possible means of delivering Quality of Service (QoS) requirements for multi-service applications, exploiting the meritorious features that IP and ATM have to offer. Although IP and ATM often have been viewed as competitors, their complementary strengths and limitations from a natural alliance that combines the best aspects of both the technologies. For instance, one limitation of ATM networks has been the relatively large gap between the speed of the network paths and the control operations needed to configure those data paths to meet changing user needs. IP\u27s greatest strength, on the other hand, is the inherent flexibility and its capacity to adapt rapidly to changing conditions. These complementary strengths and limitations make it natural to combine IP with ATM to obtain the best that each has to offer. Over time many models and architectures have evolved for IP/ATM internetworking and they have impacted the fundamental thinking in internetworking IP and ATM. These technologies, architectures, models and implementations will be reviewed in greater detail in addressing possible issues in integrating these architectures s in a multi-service, enterprise network. The objective being to make recommendations as to the best means of interworking the two in exploiting the salient features of one another to provide a faster, reliable, scalable, robust, QoS aware network in the most economical manner. How IP will be carried over ATM when a commercial worldwide ATM network is deployed is not addressed and the details of such a network still remain in a state of flux to specify anything concrete. Our research findings culminated with a strong recommendation that the best model to adopt, in light of the impending integrated service requirements of future multi-service environments, is an ATM core with IP at the edges to realize the best of both technologies in delivering QoS guarantees in a seamless manner to any node in the enterprise

Scalabale Group Communication Support for ATM Networks

In dieser Arbeit wird ein Ansatz vorgestellt, der eine skalierbare Gruppenkommunikationsunterstützung für ATM-Netze (SkaGAN) ermöglicht. Die herkömmliche rechnergestützte Kommunikation findet zwischen einem Sender und einem Empfänger statt. Die Gruppenkommunikation erweitert diese Form und erlaubt einer Gruppe von Rechnern untereinander zu kommunizieren. Diese Dissertation legt dabei den Fokus auf die ATM-Technologie (Asynchronous Transfer Mode), die keine akzeptable Gruppenkommunikationsunterstützung anbietet. Heutzutage wird ATM hauptsächlich in Backbone-Netzen eingesetzt, womit sich auch diese Arbeit auseinandersetzt. Der Schwerpunkt bei SkaGAN ist die Skalierbarkeit in Bezug auf Netzwerk- und Gruppengröße. Für den Bereich der lokalen ATM-Netze wird ebenfalls ein Lösungsvorschlag präsentiert, der eine Lastverteilung aktiver Gruppenteilnehmer auf mehrere Server beinhaltet. Der Lösungsansatz von SkaGAN für ATM-Weitverkehrsnetze orientiert sich an dem PNNI-Routingprotokoll und basiert auf einem hierarchischen Schema. Für die Verwaltung der Gruppen wird eine Baumhierarchie eingesetzt, die eine erhebliche Reduktion des Signalisierungsaufwandes und eine gute Skalierbarkeit ermöglicht. Für den Datentransfer zwischen den Gruppenteilnehmern wird ebenfalls eine Baumstruktur eingesetzt, die sich dynamisch an Änderungen in den Gruppen anpassen kann. Dabei wird die Anzahl der benötigten Zwischensysteme möglichst gering gehalten und die Lokalität der Teilnehmer berücksichtigt. Damit konnte auch in diesen Bereich eine gute Skalierbarkeit bei der Gruppenkommunikation erreicht werden.In this work, an approach is introduced, that enables scaleable group communication support for ATM networks (SkaGAN). The conventional computer supported communication takes place between one sender and one receiver. Group communication expands this form and allows a group of computers to communicate among each other. This dissertation puts its focus on the ATM technology (Asynchronous Transfer Mode), which offers no acceptable group communication support. Nowadays ATM is mainly utilized in backbone networks, wherewith this work deals. The focal point in SkaGAN is the scalability with regard to network and group sizes. In the area of local ATM networks a solution proposal is presented, that includes a load distribution of active group members on several servers. The approach for the solution of SkaGAN for ATM wide area networks orients itself on the PNNI routing protocol and is based on a hierarchical scheme. For the administration of the groups, a tree hierarchy is inserted, that enables a considerable reduction of the signaling expenses and a good scalability. For the data transfer between the group members also a tree structure is used, that can adapt itself dynamically to group changes. Thereby the amount of necessary intermediate systems is as small as possible and the location of the group members will be considered. Therewith also in this area a good scalability could be reached in the group communication

Application of overlay techniques to network monitoring

Measurement and monitoring are important for correct and efficient operation of a network, since these activities provide reliable information and accurate analysis for characterizing and troubleshooting a network’s performance. The focus of network measurement is to measure the volume and types of traffic on a particular network and to record the raw measurement results. The focus of network monitoring is to initiate measurement tasks, collect raw measurement results, and report aggregated outcomes. Network systems are continuously evolving: besides incremental change to accommodate new devices, more drastic changes occur to accommodate new applications, such as overlay-based content delivery networks. As a consequence, a network can experience significant increases in size and significant levels of long-range, coordinated, distributed activity; furthermore, heterogeneous network technologies, services and applications coexist and interact. Reliance upon traditional, point-to-point, ad hoc measurements to manage such networks is becoming increasingly tenuous. In particular, correlated, simultaneous 1-way measurements are needed, as is the ability to access measurement information stored throughout the network of interest. To address these new challenges, this dissertation proposes OverMon, a new paradigm for edge-to-edge network monitoring systems through the application of overlay techniques. Of particular interest, the problem of significant network overheads caused by normal overlay network techniques has been addressed by constructing overlay networks with topology awareness - the network topology information is derived from interior gateway protocol (IGP) traffic, i.e. OSPF traffic, thus eliminating all overlay maintenance network overhead. Through a prototype that uses overlays to initiate measurement tasks and to retrieve measurement results, systematic evaluation has been conducted to demonstrate the feasibility and functionality of OverMon. The measurement results show that OverMon achieves good performance in scalability, flexibility and extensibility, which are important in addressing the new challenges arising from network system evolution. This work, therefore, contributes an innovative approach of applying overly techniques to solve realistic network monitoring problems, and provides valuable first hand experience in building and evaluating such a distributed system

Distribuição de vídeo para grupos de utilizadores em redes móveis heterogéneas19

The evolutions veri ed in mobile devices capabilities (storage capacity, screen resolution, processor, etc.) over the last years led to a signi cant change in mobile user behavior, with the consumption and creation of multimedia content becoming more common, in particular video tra c. Consequently, mobile operator networks, despite being the target of architectural evolutions and improvements over several parameters (such as capacity, transmission and reception performance, amongst others), also increasingly become more frequently challenged by performance aspects associated to the nature of video tra c, whether by the demanding requirements associated to that service, or by its volume increase in such networks. This Thesis proposes modi cations to the mobile architecture towards a more e cient video broadcasting, de ning and developing mechanisms applicable to the network, or to the mobile terminal. Particularly, heterogeneous networks multicast IP mobility supported scenarios are focused, emphasizing their application over di erent access technologies. The suggested changes are applicable to mobile or static user scenarios, whether it performs the role of receiver or source of the video tra c. Similarly, the de ned mechanisms propose solutions targeting operators with di erent video broadcasting goals, or whose networks have di erent characteristics. The pursued methodology combined an experimental evaluation executed over physical testbeds, with the mathematical evaluation using network simulation, allowing the veri cation of its impact on the optimization of video reception in mobile terminalsA evolução veri cada nas características dos dispositivos moveis (capacidade de armazenamento, resolução do ecrã, processador, etc.) durante os últimos anos levou a uma alteração signi cativa nos comportamentos dos utilizadores, sendo agora comum o consumo e produção de conteúdos multimédia envolvendo terminais móveis, em particular o tráfego vídeo. Consequentemente, as redes de operador móvel, embora tendo também sido alvo constante de evoluções arquitecturais e melhorias em vários parâmetros (tais como capacidade, ritmo de transmissão/recepção, entre outros), vêemse cada vez mais frequentemente desa adas por aspectos de desempenho associados à natureza do tráfego de vídeo, seja pela exigência de requisitos associados a esse serviço, quer pelo aumento do volume do mesmo nesse tipo de redes. Esta Tese propôe alterações à arquitetura móvel para a disseminação de vídeo mais e ciente, de nindo e desenvolvendo mecanismos aplicáveis à rede, ou ao utilizador móvel. Em particular, são focados cenários suportados por IP multicast em redes móveis heterogéneas, isto é, com ênfase na aplicação destes mecanismos sobre diferentes tecnologias de acesso. As alterações sugeridas aplicam-se a cenários de utilizador estático ou móvel, sendo este a fonte ou receptor do tráfego vídeo. Da mesma forma, são propostas soluções tendo em vista operadores com diferentes objectivos de disseminação de vídeo, ou cujas redes têm diferentes características. A metodologia utilizada combinou a avaliação experimental em testbeds físicas com a avaliação matemática em simulações de redes, e permitiu veri car o impacto sobre a optimização da recepção de vídeo em terminais móveisPrograma Doutoral em Telecomunicaçõe