5,914 research outputs found
Mobile IP: state of the art report
Due to roaming, a mobile device may change its network attachment each time it moves to a new link. This might cause a disruption for the Internet data packets that have to reach the mobile node. Mobile IP is a protocol, developed by the Mobile IP Internet Engineering Task Force (IETF) working group, that is able to inform the network about this change in network attachment such that the Internet data packets will be delivered in a seamless way to the new point of attachment. This document presents current developments and research activities in the Mobile IP area
Network layer access control for context-aware IPv6 applications
As part of the Lancaster GUIDE II project, we have developed a novel wireless access point protocol designed to support the development of next generation mobile context-aware applications in our local environs. Once deployed, this architecture will allow ordinary citizens secure, accountable and convenient access to a set of tailored applications including location, multimedia and context based services, and the public Internet. Our architecture utilises packet marking and network level packet filtering techniques within a modified Mobile IPv6 protocol stack to perform access control over a range of wireless network technologies. In this paper, we describe the rationale for, and components of, our architecture and contrast our approach with other state-of-the- art systems. The paper also contains details of our current implementation work, including preliminary performance measurements
AAA architectures applied in multi-domain IMS (IP multimedia subsystem)
There is a group of communication services that use\ud
resources from multiple domains in order to deliver their service.\ud
Authorization of the end-user is important for such services,\ud
because several domains are involved. There are no current\ud
solutions for delivering authentication, authorization and\ud
accounting (AAA) to multi-domain services. In our study we\ud
present two architectures for the delivery of AAA to such\ud
services. The architectures are analyzed on their qualitative\ud
aspects. A result of this analysis is that direct interconnection of\ud
AAA servers is an effective architectural solution. In current\ud
multi-domain IP Multimedia Subsystem (IMS) architectures,\ud
direct interconnection of AAA servers, such as the Home\ud
Subscriber Servers (HSS), is not yet possible. In this paper we\ud
argue and recommend to extend the IMS specification by adding\ud
a new interface to HSS in order to support the direct\ud
interconnection of HSS/AAA servers located in different IMS\ud
administrative domains
CyberLiveApp: a secure sharing and migration approach for live virtual desktop applications in a cloud environment
In recent years we have witnessed the rapid advent of cloud computing, in which the remote software is delivered as a service and accessed by users using a thin client over the Internet. In particular, the traditional desktop application can execute in the remote virtual machines without re-architecture providing a personal desktop experience to users through remote display technologies. However, existing cloud desktop applications mainly achieve isolation environments using virtual machines (VMs), which cannot adequately support application-oriented collaborations between multiple users and VMs. In this paper, we propose a flexible collaboration approach, named CyberLiveApp, to enable live virtual desktop applications sharing based on a cloud and virtualization infrastructure. The CyberLiveApp supports secure application sharing and on-demand migration among multiple users or equipment. To support VM desktop sharing among multiple users, a secure access mechanism is developed to distinguish view privileges allowing window operation events to be tracked to compute hidden window areas in real time. A proxy-based window filtering mechanism is also proposed to deliver desktops to different users. To support application sharing and migration between VMs, we use the presentation streaming redirection mechanism and VM cloning service. These approaches have been preliminary evaluated on an extended MetaVNC. Results of evaluations have verified that these approaches are effective and useful
Session Initiation Protocol Attacks and Challenges
In recent years, Session Initiation Protocol (SIP) has become widely used in
current internet protocols. It is a text-based protocol much like Hyper Text
Transport Protocol (HTTP) and Simple Mail Transport Protocol (SMTP). SIP is a
strong enough signaling protocol on the internet for establishing, maintaining,
and terminating session. In this paper the areas of security and attacks in SIP
are discussed. We consider attacks from diverse related perspectives. The
authentication schemes are compared, the representative existing solutions are
highlighted, and several remaining research challenges are identified. Finally,
the taxonomy of SIP threat will be presented
Defending against Sybil Devices in Crowdsourced Mapping Services
Real-time crowdsourced maps such as Waze provide timely updates on traffic,
congestion, accidents and points of interest. In this paper, we demonstrate how
lack of strong location authentication allows creation of software-based {\em
Sybil devices} that expose crowdsourced map systems to a variety of security
and privacy attacks. Our experiments show that a single Sybil device with
limited resources can cause havoc on Waze, reporting false congestion and
accidents and automatically rerouting user traffic. More importantly, we
describe techniques to generate Sybil devices at scale, creating armies of
virtual vehicles capable of remotely tracking precise movements for large user
populations while avoiding detection. We propose a new approach to defend
against Sybil devices based on {\em co-location edges}, authenticated records
that attest to the one-time physical co-location of a pair of devices. Over
time, co-location edges combine to form large {\em proximity graphs} that
attest to physical interactions between devices, allowing scalable detection of
virtual vehicles. We demonstrate the efficacy of this approach using
large-scale simulations, and discuss how they can be used to dramatically
reduce the impact of attacks against crowdsourced mapping services.Comment: Measure and integratio
A survey on subjecting electronic product code and non-ID objects to IP identification
Over the last decade, both research on the Internet of Things (IoT) and
real-world IoT applications have grown exponentially. The IoT provides us with
smarter cities, intelligent homes, and generally more comfortable lives.
However, the introduction of these devices has led to several new challenges
that must be addressed. One of the critical challenges facing interacting with
IoT devices is to address billions of devices (things) around the world,
including computers, tablets, smartphones, wearable devices, sensors, and
embedded computers, and so on. This article provides a survey on subjecting
Electronic Product Code and non-ID objects to IP identification for IoT
devices, including their advantages and disadvantages thereof. Different
metrics are here proposed and used for evaluating these methods. In particular,
the main methods are evaluated in terms of their: (i) computational overhead,
(ii) scalability, (iii) adaptability, (iv) implementation cost, and (v) whether
applicable to already ID-based objects and presented in tabular format.
Finally, the article proves that this field of research will still be ongoing,
but any new technique must favorably offer the mentioned five evaluative
parameters.Comment: 112 references, 8 figures, 6 tables, Journal of Engineering Reports,
Wiley, 2020 (Open Access
- …