2,044 research outputs found
Active Topology Inference using Network Coding
Our goal is to infer the topology of a network when (i) we can send probes
between sources and receivers at the edge of the network and (ii) intermediate
nodes can perform simple network coding operations, i.e., additions. Our key
intuition is that network coding introduces topology-dependent correlation in
the observations at the receivers, which can be exploited to infer the
topology. For undirected tree topologies, we design hierarchical clustering
algorithms, building on our prior work. For directed acyclic graphs (DAGs),
first we decompose the topology into a number of two-source, two-receiver
(2-by-2) subnetwork components and then we merge these components to
reconstruct the topology. Our approach for DAGs builds on prior work on
tomography, and improves upon it by employing network coding to accurately
distinguish among all different 2-by-2 components. We evaluate our algorithms
through simulation of a number of realistic topologies and compare them to
active tomographic techniques without network coding. We also make connections
between our approach and alternatives, including passive inference, traceroute,
and packet marking
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Key distribution technique for IPTV services with support for admission control and user defined groups
Tese de doutoramento. Engenharia Electrotécnica e de Computadores. Faculdade de Engenharia. Universidade do Porto. 200
A decentralized framework for cross administrative domain data sharing
Federation of messaging and storage platforms located in remote datacenters is an essential functionality to share data among geographically distributed platforms. When systems are administered by the same owner data replication reduces data access latency bringing data closer to applications and enables fault tolerance to face disaster recovery of an entire location. When storage platforms are administered by different owners data replication across different administrative domains is essential for enterprise application data integration. Contents and services managed by different software platforms need to be integrated to provide richer contents and services. Clients may need to share subsets of data in order to enable collaborative analysis and service integration. Platforms usually include proprietary federation functionalities and specific APIs to let external software and platforms access their internal data. These different techniques may not be applicable to all environments and networks due to security and technological restrictions. Moreover the federation of dispersed nodes under a decentralized administration scheme is still a research issue. This thesis is a contribution along this research direction as it introduces and describes a framework, called \u201cWideGroups\u201d, directed towards the creation and the management of an automatic federation and integration of widely dispersed platform nodes. It is based on groups to exchange messages among distributed applications located in different remote datacenters. Groups are created and managed using client side programmatic configuration without touching servers. WideGroups enables the extension of the software platform services to nodes belonging to different administrative domains in a wide area network environment. It lets different nodes form ad-hoc overlay networks on-the-fly depending on message destinations located in distinct administrative domains. It supports multiple dynamic overlay networks based on message groups, dynamic discovery of nodes and automatic setup of overlay networks among nodes with no server-side configuration. I designed and implemented platform connectors to integrate the framework as the federation module of Message Oriented Middleware and Key Value Store platforms, which are among the most widespread paradigms supporting data sharing in distributed systems
A Secure and Efficient Communications Architecture for Global Information Grid Users via Cooperating Space Assets
With the Information Age in full and rapid development, users expect to have global, seamless, ubiquitous, secure, and efficient communications capable of providing access to real-time applications and collaboration. The United States Department of Defense’s (DoD) Network-Centric Enterprise Services initiative, along with the notion of pushing the “power to the edge,” aims to provide end-users with maximum situational awareness, a comprehensive view of the battlespace, all within a secure networking environment. Building from previous AFIT research efforts, this research developed a novel security framework architecture to address the lack of efficient and scalable secure multicasting in the low earth orbit satellite network environment. This security framework architecture combines several key aspects of different secure group communications architectures in a new way that increases efficiency and scalability, while maintaining the overall system security level. By implementing this security architecture in a deployed environment with heterogeneous communications users, reduced re-keying frequency will result. Less frequent re-keying means more resources are available for throughput as compared to security overhead. This translates to more transparency to the end user; it will seem as if they have a “larger pipe” for their network links. As a proof of concept, this research developed and analyzed multiple mobile communication environment scenarios to demonstrate the superior re-keying advantage offered by the novel “Hubenko Security Framework Architecture” over traditional and clustered multicast security architectures. For example, in the scenario containing a heterogeneous mix of user types (Stationary, Ground, Sea, and Air), the Hubenko Architecture achieved a minimum ten-fold reduction in total keys distributed as compared to other known architectures. Another experiment demonstrated the Hubenko Architecture operated at 6% capacity while the other architectures operated at 98% capacity. In the 80% overall mobility experiment with 40% Air users, the other architectures re-keying increased 900% over the Stationary case, whereas the Hubenko Architecture only increased 65%. This new architecture is extensible to numerous secure group communications environments beyond the low earth orbit satellite network environment, including unmanned aerial vehicle swarms, wireless sensor networks, and mobile ad hoc networks
VCube-PS: A Causal Broadcast Topic-based Publish/Subscribe System
In this work we present VCube-PS, a topic-based Publish/Subscribe system
built on the top of a virtual hypercube-like topology. Membership information
and published messages are broadcast to subscribers (members) of a topic group
over dynamically built spanning trees rooted at the publisher. For a given
topic, the delivery of published messages respects the causal order. VCube-PS
was implemented on the PeerSim simulator, and experiments are reported
including a comparison with the traditional Publish/Subscribe approach that
employs a single rooted static spanning-tree for message distribution. Results
confirm the efficiency of VCube-PS in terms of scalability, latency, number and
size of messages.Comment: Improved text and performance evaluation. Added proof for the
algorithms (Section 3.4
- …