Roll, Roll, Roll your Root:A Comprehensive Analysis of the First Ever DNSSEC Root KSK Rollover

The DNS Security Extensions (DNSSEC) add authenticity and integrity to the naming system of the Internet. Resolvers that validate information in the DNS need to know the cryptographic public key used to sign the root zone of the DNS. Eight years after its introduction and one year after the originally scheduled date, this key was replaced by ICANN for the first time in October 2018. ICANN considered this event, called a rollover, "an overwhelming success" and during the rollover they detected "no significant outages". In this paper, we independently follow the process of the rollover starting from the events that led to its postponement in 2017 until the removal of the old key in 2019. We collected data from multiple vantage points in the DNS ecosystem for the entire duration of the rollover process. Using this data, we study key events of the rollover. These events include telemetry signals that led to the rollover being postponed, a near real-time view of the actual rollover in resolvers and a significant increase in queries to the root of the DNS once the old key was revoked. Our analysis contributes significantly to identifying the causes of challenges observed during the rollover. We show that while from an end-user perspective, the roll indeed passed without major problems, there are many opportunities for improvement and important lessons to be learned from events that occurred over the entire duration of the rollover. Based on these lessons, we propose improvements to the process for future rollovers

Improving service level agreements for a job scheduler by visualizing simulations

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2012.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Cataloged from student-submitted PDF version of thesis.Includes bibliographical references (p. 49-51).Currently, job owners at Google do not have a good way to generate suitable Service Level Agreements (SLAs), which means that they cannot accurately communicate their intentions to the job scheduler. This means that the owner's job might not finish on time or at all. The solution described in this thesis helps users visualize design changes to SLAs and use simulation to explore the behavior resulting from the SLAs. I have designed and begun development of a visualization and simulation framework that allows users to see how the job scheduler's behavior might vary under different SLA parameters. This thesis describes the steps made towards designing and implementing a system that both helps users visualize SLAs and their reward functions, and allows users to create an SLA and gain an idea of the behavior of a job scheduler with the SLA as input.by Dina M. Betser.M.Eng

ENERGY AWARE TRAFFIC ENGINEERING IN WIRED COMMUNICATION NETWORKS

The reduction of power consumption in communication networks has become a key issue for both the Internet Service Providers (ISP) and the research community. Ac- cording to different studies, the power consumption of Information and Communication Technologies (ICT) varies from 2% to 10% of the worldwide power consumption [1,2]. Moreover, the expected trends for the future predict a notably increase of the ICT power consumption, doubling its value by 2020 [2] and growing to around 30% of the worldwide electricity demand by 2030 according to business-as-usual evaluation scenarios [15]. It is therefore not surprising that researchers, manufacturers and network providers are spending significant efforts to reduce the power consumption of ICT systems from dif- ferent angles. To this extent, networking devices waste a considerable amount of power. In partic- ular, their power consumption has always been increased in the last years, coupled with the increase of the offered performance [16]. Actually, power consumption of network- ing devices scales with the installed capacity, rather than the current load [17]. Thus, for an ISP the network power consumption is practically constant, unrespectively to traffic fluctuations. However, actual traffic is subject to strong day/night oscillations [3]. Thus, many devices are underutilized, especially during off-peak hours when traffic is low. This represents a clear opportunity for saving energy, since many resources (i.e., routers and links) are powered on without being fully utilized. In this context, resource consolidation is a known paradigm for the reduction of the power consumption. It consists in having a carefully selected subset of network devices entering a low power state, and use the rest to transport the required amount of traffic. This is possible without disrupting the Quality of Service (QoS) offered by the network infrastructure, since communication networks are designed over the peak foreseen traffic request, and with redundancy and over-provisioning in mind. In this thesis work, we present different techniques to perform resource consolida- tion in backbone IP-based networks, ranging from centralized solutions, where a central entity computes a global solution based on an omniscient vision of the network, to dis- tributed solutions, where single nodes take independent decisions on the local power- state, based solely on local knowledge. Moreover, different technological assumptions are made, to account for different possible directions of the network devices evolutions, ranging from the possibility to switch off linecard ports, to whole network nodes, and taking into account different power consumption profiles

Aspects of proactive traffic engineering in IP networks

To deliver a reliable communication service over the Internet it is essential for the network operator to manage the traffic situation in the network. The traffic situation is controlled by the routing function which determines what path traffic follows from source to destination. Current practices for setting routing parameters in IP networks are designed to be simple to manage. This can lead to congestion in parts of the network while other parts of the network are far from fully utilized. In this thesis we explore issues related to optimization of the routing function to balance load in the network and efficiently deliver a reliable communication service to the users. The optimization takes into account not only the traffic situation under normal operational conditions, but also traffic situations that appear under a wide variety of circumstances deviating from the nominal case. In order to balance load in the network knowledge of the traffic situations is needed. Consequently, in this thesis we investigate methods for efficient derivation of the traffic situation. The derivation is based on estimation of traffic demands from link load measurements. The advantage of using link load measurements is that they are easily obtained and consist of a limited amount of data that need to be processed. We evaluate and demonstrate how estimation based on link counts gives the operator a fast and accurate description of the traffic demands. For the evaluation we have access to a unique data set of complete traffic demands from an operational IP backbone. However, to honor service level agreements at all times the variability of the traffic needs to be accounted for in the load balancing. In addition, optimization techniques are often sensitive to errors and variations in input data. Hence, when an optimized routing setting is subjected to real traffic demands in the network, performance often deviate from what can be anticipated from the optimization. Thus, we identify and model different traffic uncertainties and describe how the routing setting can be optimized, not only for a nominal case, but for a wide range of different traffic situations that might appear in the network. Our results can be applied in MPLS enabled networks as well as in networks using link state routing protocols such as the widely used OSPF and IS-IS protocols. Only minor changes may be needed in current networks to implement our algorithms. The contributions of this thesis is that we: demonstrate that it is possible to estimate the traffic matrix with acceptable precision, and we develop methods and models for common traffic uncertainties to account for these uncertainties in the optimization of the routing configuration. In addition, we identify important properties in the structure of the traffic to successfully balance uncertain and varying traffic demands

A mid-level framework for independent network services configuration management

Tese doutoramento do Programa Doutoral em TelecomunicaçõesDecades of evolution in communication network’s resulted in a high diversity of solutions, not only in terms of network elements but also in terms of the way they are managed. From a management perspective, having heterogeneous elements was a feasible scenario over the last decades, where management activities were mostly considered as additional features. However, with the most recent advances on network technology, that includes proposals for future Internet as well as requirements for automation, scale and efficiency, new management methods are required and integrated network management became an essential issue. Most recent solutions aiming to integrate the management of heterogeneous network elements, rely on the application of semantic data translations to obtain a common representation between heterogeneous managed elements, thus enabling their management integration. However, the realization of semantic translations is very complex to be effectively achieved, requiring extensive processing of data to find equivalent representation, besides requiring the administrator’s intervention to create and validate conversions, since contemporary data models lack a formal semantic representation. From these constrains a research question arose: Is it possible to integrate the con g- uration management of heterogeneous network elements overcoming the use of manage- ment translations? In this thesis the author uses a network service abstraction to propose a framework for network service management, which comprehends the two essential management operations: monitoring and configuring. This thesis focus on describing and experimenting the subsystem responsible for the network services configurations management, named Mid-level Network Service Configuration (MiNSC), being the thesis most important contribution. The MiNSC subsystem proposes a new configuration management interface for integrated network service management based on standard technologies that includes an universal information model implemented on unique data models. This overcomes the use of management translations while providing advanced management functionalities, only available in more advanced research projects, that includes scalability and resilience improvement methods. Such functionalities are provided by using a two-layer distributed architecture, as well as over-provisioning of network elements. To demonstrate MiNSC’s management capabilities, a group of experiments was conducted, that included, configuration deployment, instance migration and expansion using a DNS management system as test bed. Since MiNSC represents a new architectural approach, with no direct reference for a quantitative evaluation, a theoretical analysis was conducted in order to evaluate it against important integrated network management perspectives. It was concluded that there is a tendency to apply management translations, being the most straightforward solution when integrating the management of heterogeneous management interfaces and/or data models. However, management translations are very complex to be realized, being its effectiveness questionable for highly heterogeneous environments. The implementation of MiNSC’s standard configuration management interface provides a simplified perspective that, by using universal configurations, removes translations from the management system. Its distributed architecture uses independent/universal configurations and over-provisioning of network elements to improve the service’s resilience and scalability, enabling as well a more efficient resource management by dynamically allocating resources as needed

Smart Sensor Technologies for IoT

The recent development in wireless networks and devices has led to novel services that will utilize wireless communication on a new level. Much effort and resources have been dedicated to establishing new communication networks that will support machine-to-machine communication and the Internet of Things (IoT). In these systems, various smart and sensory devices are deployed and connected, enabling large amounts of data to be streamed. Smart services represent new trends in mobile services, i.e., a completely new spectrum of context-aware, personalized, and intelligent services and applications. A variety of existing services utilize information about the position of the user or mobile device. The position of mobile devices is often achieved using the Global Navigation Satellite System (GNSS) chips that are integrated into all modern mobile devices (smartphones). However, GNSS is not always a reliable source of position estimates due to multipath propagation and signal blockage. Moreover, integrating GNSS chips into all devices might have a negative impact on the battery life of future IoT applications. Therefore, alternative solutions to position estimation should be investigated and implemented in IoT applications. This Special Issue, “Smart Sensor Technologies for IoT” aims to report on some of the recent research efforts on this increasingly important topic. The twelve accepted papers in this issue cover various aspects of Smart Sensor Technologies for IoT