2,338 research outputs found
Leveraging an open source VPN technology to end user.
Virtual Private Network (VPN) can be implemented by corporate and public user in a few methods. The methods included proprietary or open source solutions. It has shown great potential due to its encrypted traffic flow which gives it a secure environment. With a good reception of internet in Malaysia it is unfortunate that the major Internet Service Providers (ISPs) have imposed packet filtering. In effect they have throttled the fast broadband to become a slow medium. As a result it gives a disadvantage to active end user. To overcome an ISP packet filtering which slows down internet traffic, this paper intends to study and provide a sample of VPN solution service to end user to improve the current problem
Leveraging an open VPN technology to end user / Md Ikhwan Hamdan
The vital part of internet to end user is file-sharing. This activity has been active ever since the beginning of the evolution of internet. Significantly during 1999 to 2003 era many P2P authors began to enhance the technology which has attained four generations in that period. Incidentally the latest P2P technology involves "many to one" model which predominantly exists in BitTorrent and its clones. This has been a very innovative approach. Meanwhile in 2001 Streamyx began to bring broadband to Malaysia. This quickly attracted many waiting users which gradually boost up its one millionth subscribers around 2007. However sometimes in 2006 Streamyx began to impose packet filtering without notice in trend with most world ISPs. During that time most users began to express their grouse. The issue has been also vigorously highlighted by a couple of local press. Meanwhile the ISP alleges that the international lines are at fault which coincidentally coincides with the Taiwan earthquake in 2006 and another incident of cable fault in Middle East in 2008. However according to Cisco Systems the issue of slow internet connection to end user which deprived its user to enjoy its prescribed capacity as promised is not an issue unless ISP has abide to the procedure of good network infrastructure. Apparently for ISP to impose packet filtering there are various methods available. Currently the Deep Packet Inspection (DPI) method is the most advanced option up-to date to prevent rampant P2P activities. Realizing the method used many P2P authors began to include an encrypted technology in their products. However it has not given much effect to counter DPI. Hence with the issue of limited capacity to broadband service for end user this paper is undertaking a task to address it. After much thought one of the most promising technology in focus is Virtual Private Network (VPN). This technology has been mainly adopted by most corporate users and has the capability of a powerful encrypted traffic and secured network environment. Thus this paper is basically to show that by leveraging on the strength of VPN the end user has now an option to circumvent and address the stated issue indefinitely. In this context there are two VPN options available. They are the Propriety and an Open Source VPN. However to keep the cost Iowan Open Source VPN plus a couple of other software are implemented. The result is shown in this paper with success to benefit the end users in general
Pando: Personal Volunteer Computing in Browsers
The large penetration and continued growth in ownership of personal
electronic devices represents a freely available and largely untapped source of
computing power. To leverage those, we present Pando, a new volunteer computing
tool based on a declarative concurrent programming model and implemented using
JavaScript, WebRTC, and WebSockets. This tool enables a dynamically varying
number of failure-prone personal devices contributed by volunteers to
parallelize the application of a function on a stream of values, by using the
devices' browsers. We show that Pando can provide throughput improvements
compared to a single personal device, on a variety of compute-bound
applications including animation rendering and image processing. We also show
the flexibility of our approach by deploying Pando on personal devices
connected over a local network, on Grid5000, a French-wide computing grid in a
virtual private network, and seven PlanetLab nodes distributed in a wide area
network over Europe.Comment: 14 pages, 12 figures, 2 table
Recommended from our members
Secure communication using dynamic VPN provisioning in an Inter-Cloud environment
Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualised computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud enviroment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the srevice owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offer a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and flexibility of peer- to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results carried out on two commercial clouds
Segment Routing: a Comprehensive Survey of Research Activities, Standardization Efforts and Implementation Results
Fixed and mobile telecom operators, enterprise network operators and cloud
providers strive to face the challenging demands coming from the evolution of
IP networks (e.g. huge bandwidth requirements, integration of billions of
devices and millions of services in the cloud). Proposed in the early 2010s,
Segment Routing (SR) architecture helps face these challenging demands, and it
is currently being adopted and deployed. SR architecture is based on the
concept of source routing and has interesting scalability properties, as it
dramatically reduces the amount of state information to be configured in the
core nodes to support complex services. SR architecture was first implemented
with the MPLS dataplane and then, quite recently, with the IPv6 dataplane
(SRv6). IPv6 SR architecture (SRv6) has been extended from the simple steering
of packets across nodes to a general network programming approach, making it
very suitable for use cases such as Service Function Chaining and Network
Function Virtualization. In this paper we present a tutorial and a
comprehensive survey on SR technology, analyzing standardization efforts,
patents, research activities and implementation results. We start with an
introduction on the motivations for Segment Routing and an overview of its
evolution and standardization. Then, we provide a tutorial on Segment Routing
technology, with a focus on the novel SRv6 solution. We discuss the
standardization efforts and the patents providing details on the most important
documents and mentioning other ongoing activities. We then thoroughly analyze
research activities according to a taxonomy. We have identified 8 main
categories during our analysis of the current state of play: Monitoring,
Traffic Engineering, Failure Recovery, Centrally Controlled Architectures, Path
Encoding, Network Programming, Performance Evaluation and Miscellaneous...Comment: SUBMITTED TO IEEE COMMUNICATIONS SURVEYS & TUTORIAL
Systemization of Pluggable Transports for Censorship Resistance
An increasing number of countries implement Internet censorship at different
scales and for a variety of reasons. In particular, the link between the
censored client and entry point to the uncensored network is a frequent target
of censorship due to the ease with which a nation-state censor can control it.
A number of censorship resistance systems have been developed thus far to help
circumvent blocking on this link, which we refer to as link circumvention
systems (LCs). The variety and profusion of attack vectors available to a
censor has led to an arms race, leading to a dramatic speed of evolution of
LCs. Despite their inherent complexity and the breadth of work in this area,
there is no systematic way to evaluate link circumvention systems and compare
them against each other. In this paper, we (i) sketch an attack model to
comprehensively explore a censor's capabilities, (ii) present an abstract model
of a LC, a system that helps a censored client communicate with a server over
the Internet while resisting censorship, (iii) describe an evaluation stack
that underscores a layered approach to evaluate LCs, and (iv) systemize and
evaluate existing censorship resistance systems that provide link
circumvention. We highlight open challenges in the evaluation and development
of LCs and discuss possible mitigations.Comment: Content from this paper was published in Proceedings on Privacy
Enhancing Technologies (PoPETS), Volume 2016, Issue 4 (July 2016) as "SoK:
Making Sense of Censorship Resistance Systems" by Sheharbano Khattak, Tariq
Elahi, Laurent Simon, Colleen M. Swanson, Steven J. Murdoch and Ian Goldberg
(DOI 10.1515/popets-2016-0028
Design and Implementation of a Measurement-Based Policy-Driven Resource Management Framework For Converged Networks
This paper presents the design and implementation of a measurement-based QoS
and resource management framework, CNQF (Converged Networks QoS Management
Framework). CNQF is designed to provide unified, scalable QoS control and
resource management through the use of a policy-based network management
paradigm. It achieves this via distributed functional entities that are
deployed to co-ordinate the resources of the transport network through
centralized policy-driven decisions supported by measurement-based control
architecture. We present the CNQF architecture, implementation of the prototype
and validation of various inbuilt QoS control mechanisms using real traffic
flows on a Linux-based experimental test bed.Comment: in Ictact Journal On Communication Technology: Special Issue On Next
Generation Wireless Networks And Applications, June 2011, Volume 2, Issue 2,
Issn: 2229-6948(Online
- …