VOIP weathermap - a VOIP QOS collection analysis and dissemination system

 Current trends point to VoIP as a cheaper and more effective long term solution than possible future PSTN upgrades. To move towards greater adoption of VoIP the future converged digital network is moving towards a service level management and control regime. To ensure that VoIP services provide an acceptable quality of service (QoS) a measurement solution would be helpful. The research outcome presented in this thesis is a new system for testing, analysing and presenting the call quality of Voice over Internet Protocol (VoIP). The system is called VoIP WeatherMap. Information about the current status of the Internet for VoIP calls is currently limited and a recognised approach to identifying the network status has not been adopted. An important consideration is the difficulty of assessing network conditions across links including network segments belonging to different telecommunication companies and Internet Service Providers. The VoIP WeatherMap includes the use of probes to simulate voice calls by implementing RTP/RTCP stacks. VoIP packets are sent from a probe to a server over the Internet. The important characteristics of VoIP calls such as delay and packet loss rate are collected by the server, analysed, stored in a database and presented through a web based interface. The collected voice call session data is analysed using the E-model algorithm described in ITU-T G.107. The VoIP WeatherMap presentation system includes a geographic display and internet connection links are coloured to represent the Quality of Service rank

Framework for Automated Functional Tests within Value-Added Service Environments

Full version unavailable due to 3rd party copyright restrictions.Recent years have witnessed that standard telecommunication services evolved more and more to next generation value-added services. This fact is accompanied by a change of service characteristics as new services are designed to fulfil the customer’s demands instead of just focussing on technologies and protocols. These demands can be very specific and, therefore, diverse potential service functionalities have to be considered by the service providers. To make matters worse for service providers, a fast transition from concept to market product and low price of a new service is required due to the increasing competition in the telecommunication industry. Therefore, effective test solutions need to be developed that can be integrated in current value-added service development life-cycles. Besides, these solutions should support the involvement of all participating stakeholders such as the service provider, the test developers as well as the service developers, and, in order to consider an agile approach, also the service customer. This thesis proposes a novel framework for functional testing that is based on a new sort of description language for value-added services (Service Test Description). Based on instances of the Service Test Description, sets of reusable test components described by means of an applied Statecharts notation are automatically selected and composed to so-called behaviour models. From the behaviour models, abstract test cases can be automatically generated which are then transformed to TTCN-3 test cases and then assembled to an Executable Test Suite. Within a TTCN-3 test system, the Executable Test Suite can be executed against the corresponding value-added service referred to as System Under Test. One benefit of the proposed framework is its application within standard development life-cycles. Therefore, the thesis presents a methodology that considers both service development and test development as parallel tasks and foresees procedures to synchronise the tasks and to allow an agile approach with customer involvement. The novel framework is validated through a proof-of-concept working prototype. Example value-added services have been chosen to illustrate the whole process from compiling instances of the Service Test Description until the execution of automated tests. Overall, this thesis presents a novel solution for service providers to improve the quality of their provided value-added services through automated functional testing procedures. It enables the early involvement of the customers into the service development life-cycle and also helps test developers and service developers to collaborate

Real Time System Development with UML: A Case Study

In this thesis we look at the challenges regarding VoIP and to the developer of an application providing this service. We explore CASE tools that can be used to model and verify the design of a VoIP application. VoIP applications will not be accepted by the market unless it is able to provide an audio quality comparable to traditional phones. The voice module of the application that we analyse initially did not meet these requirements. We investigate how the design and implementation must be altered to meet them. Although UML in its current specification is not adapted to the design of real-time applications, CASE tools exist that propose an extension of UML for this purpose. We investigate two of these - Rational Rose RT and Telelogic Tau - for their usefulness in re-engineering the application. We show their support partially covers our needs and we present novel UML concepts that would have been useful in resolving our task. We further demonstrate important new concepts of UML 2.0

A high abstraction level approach for detecting feature interactions between telecommunication services

AbstractWhen several telecommunication services are running at the same time, undesirable behaviors may arise, which are commonly called feature interactions. Several methods have been developed for detecting and resolving feature interactions. However, most of these methods are based on detailed models of services, which make them suffer from state space explosion. Moreover, different telecommunication operators cannot cooperate to manage feature interactions by exchanging detailed service models because this violates the confidentiality principle. Our work is a part of the few attempts to develop feature interaction detection methods targeting to avoid or reduce significantly state space explosion. In order to reach this objective, we first develop a so called Cause–Restrict language to model subscribers of telecommunication services at a very high abstraction level. A Cause–Restrict model of a subscriber provides information such as: what is the cause of what, and what restricts (or forbids) what, and specifies coarsely the frequency of each operation “cause” or “restrict” by “always” or “sometimes”. Then, we develop a method that detects feature interactions between telecommunication services modeled in the Cause–Restrict language. We demonstrate the applicability of our approach by modeling several services and detecting several feature interactions between them. New feature interactions have been detected by our approach

Mobility management in IP-Based Networks

Mobile communication networks experience a tremendous development clearly evident from the wide variety of new applications way beyond classical phone services. The tremendous success of the Internet along with the demand for always-on connectivity has triggered the development of All-IP mobile communication networks. Deploying these networks requires, however, overcoming many challenges. One of the main challenges is how to manage the mobility between cells connecting through an IP core in a way that satisfies real-time requirements. This challenge is the focus of this dissertation. This dissertation delivers an in-depth analysis of the mobility management issue in IP-based mobile communication networks. The advantages and disadvantages of various concepts for mobility management in different layers of the TCP/IP protocol stack are investigated. In addition, a classification and brief description of well-known mobility approaches for each layer are provided. The analysis concludes that network layer mobility management solutions seem to be best suited to satisfy the requirements of future All-IP networks. The dissertation, therefore, provides a comprehensive review of network layer mobility management protocols along with a discussion of their pros and cons. Analyses of previous work in this area show that the proposed techniques attempt to improve the performance by making constraints either on access networks (e.g. requiring a hierarchical topology, introducing of intermediate nodes, etc.) or mobile terminals (e.g. undertaking many measurements, location tracking, etc.). Therefore, a new technique is required that completes handoffs quickly without affecting the end-to-end performance of ongoing applications. In addition, it should place restrictions neither on access networks nor on mobiles. To meet these requirements, a new solution named Mobile IP Fast Authentication protocol (MIFA) is proposed. MIFA provides seamless mobility and advances the state of the art. It utilizes the fact that mobiles movements are limited to a small set of neighboring subnets. Thus, contacting these neighbors and providing them in advance with sufficient data related to the mobiles enable them to fast re-authenticate the mobiles after the handoff. The dissertation specifies the proposal for both IPv4 and IPv6. The specification of MIFA considers including many error recovery mechanisms to cover the most likely failures. Security considerations are studied carefully as well. MIFA does not make any restrictions on the network topology. It makes use of layer 2 information to optimize the performance and works well even if such information is not available.In order to analyze our new proposal in comparison to a wide range of well-known mobility management protocols, this dissertation proposes a generic mathematical model that supports the evaluation of figures such as average handoff latency, average number of dropped packets, location update cost and packet delivery cost. The generic model considers dropped control messages and takes different network topologies and mobility scenarios into account. This dissertation also validates the generic mathematical model by comparing its results to simulation results as well as results of real testbeds under the same assumptions. The validation proves that the generic model delivers an accurate evaluation of the performance in low-loaded networks. The accuracy of the model remains acceptable even under high loads. The validation also shows that simulation results lie in a range of 23 %, while results of real testbeds lie in a range of 30 % of the generic model?s results. To simplify the analysis using the generic mathematical model, 4 new tools are developed in the scope of this work. They automate the parameterization of mobility protocols, network topologies and mobility scenarios. This dissertation also evaluates the new proposal in comparison to well-known approaches (e.g. Mobile IP, Handoff-Aware Wireless Access Internet Infrastructure (HAWAII), etc.) by means of the generic mathematical model as well as simulation studies modeled in the Network Simulator 2. The evaluation shows that MIFA is a very fast protocol. It outperforms all studied protocols with respect to the handoff latency and number of dropped packets per handoff. MIFA is suitable for low as well as high speeds. Moreover, there is no significant impact of the network topology on its performance. A main advantage of MIFA is its robustness against the dropping of control messages. It remains able to achieve seamless handoffs even if a dropping occurs. The performance improvement is achieved, however, at the cost of introducing new control messages mainly to distribute data concerning mobile terminals to neighbor subnets. This results in more location update cost than that resulting from the other mobility management protocols studied. Due to excluding any constraints on the network topology, MIFA generates the same packet delivery cost as Mobile IP and less than other protocols.An additional focus of this dissertation is the development of an adaptive eLearning environment that personalizes eLearning contents conveying the topics of this dissertation depending on users? characteristics. The goal is to allow researchers to quickly become involved in research on mobility management, while learners such as students are able to gain information on the topics without excess detail. Analyses of existing eLearning environments show a lack of adaptivity support. Existing environments focus mainly on adapting either the navigation or the presentation of contents depending on one or more selected users? characteristics. There is no environment that supports both simultaneously. In addition, many user characteristics are disregarded during the adaptivity process. Thus, there is a need to develop a new adaptive eLearning environment able to eliminate these drawbacks. This dissertation, therefore, designs a new Metadata-driven Adaptive eLearning Environment (MAeLE). MAeLE generates personalized eLearning courses along with building an adequate navigation at run-time. Adaptivity depends mainly on providing contents with their describing metadata, which are stored in a separate database, thus enabling reusing of eLearning contents. The relation between the metadata that describe contents and those describing learners are defined accurately, which enables a dynamic building of personalized courses at run-time. A prototype for MAeLE is provided in this dissertation as well

Security Aspects in Modern Web Applications

World Wide Webin taustalla olevat tekniikat kehitettiin alun perin helpottamaan tiedon jakamista. Tämä jaettu tieto oli aluksi muuttumatonta tai harvoin muuttuvaa, mutta webin yleistyminen muutti tilanteen. Yleistyminen teki web-selaimesta nopeasti yleismaailmallisen ohjelmiston sovellusten tuottamiselle ja käyttäjälle välittämiselle. Vaikka nämä web-sovelluksiksi kutsuttavat ohjelmistot olivat alkujaan työpöytäsovelluksia monin tavoin huonompia, muuttui tilanne nopeasti. Web-sovelluksissa käytettävät tekniikat, kuten JavaScript ja CSS, sekä webselainten moninaisuus muodostavat yhdessä erin aisten kysymysten sekamelskan, jota vastaavaa ei työpöytäsovelluksissa ole. Eräs tärkeä kysymys on, miten sovellusten käyttäjien lähettämä ja käyttämä tieto turvataan. Tässä diplomityössä tutkitaan ja kuvaterään web-sovelluksen tietoturvallisuutta ja tietoturvaratkaisuja. Arvioiminen vaatii tiet astä sekä yleisistä tietoturvallisuuskysymyksistä että erityisesti web-sovelluksiin liittyvistä kysymyksistä. Ensimmäisenä tutustutaan tietoturvallisuuden peruskysymyksiin ja käsitteisiin, joiden ymmärtäminen on välttämätöntä. Perusteiden jälkeen käsillään pääsynhallintaa ja sovellusohjelmistojen tietoturvallisuutta. Ensimmäinen osa päättyy web-sovellusten ja niihin liittyvien tietoturvallisuuskysymysten esittelyyn. Jälkimmäinen osa diplomity tä soveltaa käsiteltyjä teorioita ja menetelmiä erään web-sovelluksen tapaustutkimuksessa. Tapaustutkimuksessa kuvataan ja arvioidaan sovelluksen tietoturvallisuutta sekä lopuksi esitellään löydettyjä haavoittuvuuksia ja ratkaisuja näihin haavoittuvuuksiin. Vaikka joidenkin ohjelmistojen tietoturvallisuuden arviointimenetelmien soveltamisessa olikin ongelmia, saatiin tapaustutkimuksen tuloksena tärkeää tietoa heikkouksista ohjelmiston tietoturvallisuudessa ja hyviä esityksiä näiden heikkouksien poistamiseksi. Esitykset toteuttamalla parannettiin sekä nykyistä tietoturvallisuutta että vakuututtiin siitä, että heikkouksia esintyy jatkossa vähemmän.Technologies behind the World Wide Web were created initially to ease sharing of static data in form of web pages. Popularity of the Web grew rapidly and led to adoption of web browser as a universal client for application delivery. Though initially inferior to desktop applications, these applications have caught up with their desktop counterparts in features and usability. These applications, called web applications, use multiple web technologies such as JavaScript and CSS and this multiplicity of web technologies combined with multiplicity of web browsers creates a unique brew of issues not found on the desktop. One of these issues is how data send and used by the applications' users is protected. In this thesis, security in one mature web application is described and assessed. Such an assessment requires knowledge of information security aspects both in the broader sense concerning all information systems and in the sense of aspects specific to web applications. Therefore, first introduced are the fundamental concepts of information security, building blocks for all the other sections. The fundamentals are followed by discussion of access control and security aspects in applications. The background part is concluded by discussion of web applications in general and of security questions specific to them. The latter part explores and applies these theories and methods in a case study of a mature web application. The case study first describes, then evaluates the subject and its security and concludes with discussion of some of the found vulnerabilities and solutions to them. Although there were some problems in application of security assessment methods, assessment results provided valuable information on the application's weaknesses and improvement proposals. Implementation of the proposals both improved current security and also gave assurance of fewer weaknesses in the future

Revised reference model

This document contains an update of the HIDENETS Reference Model, whose preliminary version was introduced in D1.1. The Reference Model contains the overall approach to development and assessment of end-to-end resilience solutions. As such, it presents a framework, which due to its abstraction level is not only restricted to the HIDENETS car-to-car and car-to-infrastructure applications and use-cases. Starting from a condensed summary of the used dependability terminology, the network architecture containing the ad hoc and infrastructure domain and the definition of the main networking elements together with the software architecture of the mobile nodes is presented. The concept of architectural hybridization and its inclusion in HIDENETS-like dependability solutions is described subsequently. A set of communication and middleware level services following the architecture hybridization concept and motivated by the dependability and resilience challenges raised by HIDENETS-like scenarios is then described. Besides architecture solutions, the reference model addresses the assessment of dependability solutions in HIDENETS-like scenarios using quantitative evaluations, realized by a combination of top-down and bottom-up modelling, as well as verification via test scenarios. In order to allow for fault prevention in the software development phase of HIDENETS-like applications, generic UML-based modelling approaches with focus on dependability related aspects are described. The HIDENETS reference model provides the framework in which the detailed solution in the HIDENETS project are being developed, while at the same time facilitating the same task for non-vehicular scenarios and application