Secure communication using dynamic VPN provisioning in an Inter-Cloud environment

Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualised computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud enviroment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the srevice owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offer a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and flexibility of peer- to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results carried out on two commercial clouds

A Framework for Multiaccess Support for Unreliable Internet Traffic using Multipath DCCP

Mobile nodes are typically equipped with multiple radios and can connect to multiple radio access networks (e.g. WiFi, LTE and 5G). Consequently, it is important to design mechanisms that efficiently manage multiple network interfaces for aggregating the capacity, steering of traffic flows or switching flows among multiple interfaces. While such multi-access solutions have the potential to increase the overall traffic throughput and communication reliability, the variable latencies on different access links introduce packet delay variation which has negative effect on the application quality of service and user quality of experience. In this paper, we present a new IP-compatible multipath framework for heterogeneous access networks. The framework uses Multipath Datagram Congestion Control Protocol (MP-DCCP) - a set of extensions to regular DCCP - to enable a transport connection to operate across multiple access networks, simultaneously. We present the design of the new protocol framework and show simulation and experimental testbed results that (1) demonstrate the operation of the new framework, and (2) demonstrate the ability of our solution to manage significant packet delay variation caused by the asymmetry of network paths, by applying pluggable packet scheduling or reordering algorithms

Mobility Management in beyond 3G-Environments

Beyond 3G-environments are typically defined as environments that integrate different wireless and fixed access network technologies. In this paper, we address IP based Mobility Management (MM) in beyond 3G-environments with a focus on wireless access networks, motivated by the current trend of WiFi, GPRS, and UMTS networks. The GPRS and UMTS networks provide countrywide network access, while the WiFi networks provide network access in local areas such as city centres and airports. As a result, mobile end-users can be always on-line and connected to their preferred network(s), these network preferences are typically stored in a user profile. For example, an end-user who wishes to be connected with highest bandwidth could be connected to a WiFi network when available and fall back to GPRS when moving outside the hotspot area.\ud In this paper, we consider a combination of MM for legacy services (like web browsing, telnet, etc.) using Mobile IP and multimedia services using SIP. We assume that the end-user makes use of multi-interface terminals with the capability of selecting one or more types of access networks\ud based on preferences. For multimedia sessions, like VoIP or streaming video, we distinguish between changes in network access when the end-user is in a session or not in a session. If the end-user is not in a session, he or she needs to be able to start new sessions and receive invitations for new sessions. If the end-user is in a session, the session needs to be handed over to the new access network as seamless as possible from the perspective of the end-user. We propose an integrated but flexible solution to these problems that facilitates MM with a customizable transparency to applications and end-users

Transportation, Terrorism and Crime: Deterrence, Disruption and Resilience

Abstract: Terrorists likely have adopted vehicle ramming as a tactic because it can be carried out by an individual (or “lone wolf terrorist”), and because the skills required are minimal (e.g. the ability to drive a car and determine locations for creating maximum carnage). Studies of terrorist activities against transportation assets have been conducted to help law enforcement agencies prepare their communities, create mitigation measures, conduct effective surveillance and respond quickly to attacks. This study reviews current research on terrorist tactics against transportation assets, with an emphasis on vehicle ramming attacks. It evaluates some of the current attack strategies, and the possible mitigation or response tactics that may be effective in deterring attacks or saving lives in the event of an attack. It includes case studies that can be used as educational tools for understanding terrorist methodologies, as well as ordinary emergencies that might become a terrorist’s blueprint

Not All Wireless Sensor Networks Are Created Equal: A Comparative Study On Tunnels

Wireless sensor networks (WSNs) are envisioned for a number of application scenarios. Nevertheless, the few in-the-field experiences typically focus on the features of a specific system, and rarely report about the characteristics of the target environment, especially w.r.t. the behavior and performance of low-power wireless communication. The TRITon project, funded by our local administration, aims to improve safety and reduce maintenance costs of road tunnels, using a WSN-based control infrastructure. The access to real tunnels within TRITon gives us the opportunity to experimentally assess the peculiarities of this environment, hitherto not investigated in the WSN field. We report about three deployments: i) an operational road tunnel, enabling us to assess the impact of vehicular traffic; ii) a non-operational tunnel, providing insights into analogous scenarios (e.g., underground mines) without vehicles; iii) a vineyard, serving as a baseline representative of the existing literature. Our setup, replicated in each deployment, uses mainstream WSN hardware, and popular MAC and routing protocols. We analyze and compare the deployments w.r.t. reliability, stability, and asymmetry of links, the accuracy of link quality estimators, and the impact of these aspects on MAC and routing layers. Our analysis shows that a number of criteria commonly used in the design of WSN protocols do not hold in tunnels. Therefore, our results are useful for designing networking solutions operating efficiently in similar environments