Active management of multi-service networks.

Future multiservice networks will be extremely large and complex. Novel management solutions will be required to keep the management costs reasonable. Active networking enables management to be delegated to network users as a large set of independent small scale management systems. A novel architecture for an active network based management solution for multiservice networking is presented

Multidomain Network Based on Programmable Networks: Security Architecture

This paper proposes a generic security architecture designed for a multidomain and multiservice network based on programmable networks. The multiservice network allows users of an IP network to run programmable services using programmable nodes located in the architecture of the network. The programmable nodes execute codes to process active packets, which can carry user data and control information. The multiservice network model defined here considers the more pragmatic trends in programmable networks. In this scenario, new security risks that do not appear in traditional IP networks become visible. These new risks are as a result of the execution of code in the programmable nodes and the processing of the active packets. The proposed security architecture is based on symmetric cryptography in the critical process, combined with an efficient manner of distributing the symmetric keys. Another important contribution has been to scale the security architecture to a multidomain scenario in a single and efficient way.Publicad

DoS protection for a Pragmatic Multiservice Network Based on Programmable Networks

Proceedings of First International IFIP TC6 Conference, AN 2006, Paris, France, September 27-29, 2006.We propose a scenario of a multiservice network, based on pragmatic ideas of programmable networks. Active routers are capable of processing both active and legacy packets. This scenario is vulnerable to a Denial of Service attack, which consists in inserting false legacy packets into active routers. We propose a mechanism for detecting the injection of fake legacy packets into active routers. This mechanism consists in exchanging accounting information on the traffic between neighboring active routers. The exchange of accounting information must be carried out in a secure way using secure active packets. The proposed mechanism is sensitive to the loss of packets. To deal with this problem some improvements in the mechanism has been proposed. An important issue is the procedure for discharging packets when an attack has been detected. We propose an easy and efficient mechanism that would be improved in future work.Publicad

Modelling Self-similar Traffic Of Multiservice Networks

Simulation modelling is carried out, which allows adequate describing the traffic of multiservice networks with the commutation of packets with the characteristic of burstiness. One of the most effective methods for studying the traffic of telecommunications systems is computer simulation modelling. By using the theory of queuing systems (QS), computer simulation modelling of packet flows (traffic) in modern multi-service networks is performed as a random self-similar process. Distribution laws such as exponential, Poisson and normal-logarithmic distributions, Pareto and Weibull distributions have been considered.The distribution of time intervals between arrivals of packages and the service duration of service of packages at different system loads has been studied. The research results show that the distribution function of time intervals between packet arrivals and the service duration of packages is in good agreement with the Pareto and Weibull distributions, but in most cases the Pareto distribution prevails.The queuing systems with the queues M/Pa/1 and Pa/M/1 has been studied, and the fractality of the intervals of requests arriving have been compared by the properties of the estimates of the system load and the service duration. It has been found out that in the system Pa/M/1, with the parameter of the form a> 2, the fractality of the intervals of requests arriving does not affect the average waiting time and load factor. However, when ≤2, as in the M/Pa/1 system, both considered statistical estimates differ.The application of adequate mathematical models of traffic allows to correctly assess the characteristics of the quality of service (QoS) of the network

Multiservice QoS-Enabled MAC for Optical Burst Switching

The emergence of a broad range of network-driven applications (e.g., multimedia, online gaming) brings in the need for a network environment able to provide multiservice capabilities with diverse quality-of-service (QoS) guarantees. In this paper, a medium access control protocol is proposed to support multiple services and QoS levels in optical burst-switched mesh networks without wavelength conversion. The protocol provides two different access mechanisms, queue-arbitrated and prearbitrated for connectionless and connection-oriented burst transport, respectively. It has been evaluated through extensive simulations and its simplistic form makes it very promising for implementation and deployment. Results indicate that the protocol can clearly provide a relative quality differentiation for connectionless traffic and guarantee null (or negligible, and thus acceptable) burst loss probability for a wide range of network (or offered) load while ensuring low access delay for the higher-priority traffic. Furthermore, in the multiservice scenario mixing connectionless and connection-oriented burst transmissions, three different prearbitrated slot scheduling algorithms are evaluated, each one providing a different performance in terms of connection blocking probability. The overall results demonstrate the suitability of this architecture for future integrated multiservice optical networks

Structural properties of optimal coordinate-convex policies for CAC with nonlinearly-constrained feasibility regions

Necessary optimality conditions for Call Admission Control (CAC) problems with nonlinearly-constrained feasibility regions and two classes of users are derived. The policies are restricted to the class of coordinate-convex policies. Two kinds of structural properties of the optimal policies and their robustness with respect to changes of the feasibility region are investigated: 1) general properties not depending on the revenue ratio associated with the two classes of users and 2) more specific properties depending on such a ratio. The results allow one to narrow the search for the optimal policies to a suitable subset of the set of coordinate-convex policies

Operational and Performance Issues of a CBQ router

The use of scheduling mechanisms like Class Based Queueing (CBQ) is expected to play a key role in next generation multiservice IP networks. In this paper we attempt an experimental evaluation of ALTQ/CBQ demonstrating its sensitivity to a wide range of parameters and link layer driver design issues. We pay attention to several CBQ internal parameters that affect performance drastically and particularly to “borrowing”, a key feature for flexible and efficient link sharing. We are also investigating cases where the link sharing rules are violated, explaining and correcting these effects wheneverpossible. Finally we evaluateCBQ performance and make suggestions for effective deployment in real networks.

MIRAI Architecture for Heterogeneous Network

One of the keywords that describe next-generation wireless communications is "seamless." As part of the e-Japan Plan promoted by the Japanese Government, the Multimedia Integrated Network by Radio Access Innovation project has as its goal the development of new technologies to enable seamless integration of various wireless access systems for practical use by 2005. This article describes a heterogeneous network architecture including a common tool, a common platform, and a common access. In particular, software-defined radio technologies are used to develop a multiservice user terminal to access different wireless networks. The common platform for various wireless networks is based on a wireless-supporting IPv6 network. A basic access network, separated from other wireless access networks, is used as a means for wireless system discovery, signaling, and paging. A proof-of-concept experimental demonstration system is available