Remote software upload techniques in future vehicles and their performance analysis

Updating software in vehicle Electronic Control Units (ECUs) will become a mandatory requirement for a variety of reasons, for examples, to update/fix functionality of an existing system, add new functionality, remove software bugs and to cope up with ITS infrastructure. Software modules of advanced vehicles can be updated using Remote Software Upload (RSU) technique. The RSU employs infrastructure-based wireless communication technique where the software supplier sends the software to the targeted vehicle via a roadside Base Station (BS). However, security is critically important in RSU to avoid any disasters due to malfunctions of the vehicle or to protect the proprietary algorithms from hackers, competitors or people with malicious intent. In this thesis, a mechanism of secure software upload in advanced vehicles is presented which employs mutual authentication of the software provider and the vehicle using a pre-shared authentication key before sending the software. The software packets are sent encrypted with a secret key along with the Message Digest (MD). In order to increase the security level, it is proposed the vehicle to receive more than one copy of the software along with the MD in each copy. The vehicle will install the new software only when it receives more than one identical copies of the software. In order to validate the proposition, analytical expressions of average number of packet transmissions for successful software update is determined. Different cases are investigated depending on the vehicle\u27s buffer size and verification methods. The analytical and simulation results show that it is sufficient to send two copies of the software to the vehicle to thwart any security attack while uploading the software. The above mentioned unicast method for RSU is suitable when software needs to be uploaded to a single vehicle. Since multicasting is the most efficient method of group communication, updating software in an ECU of a large number of vehicles could benefit from it. However, like the unicast RSU, the security requirements of multicast communication, i.e., authenticity, confidentiality and integrity of the software transmitted and access control of the group members is challenging. In this thesis, an infrastructure-based mobile multicasting for RSU in vehicle ECUs is proposed where an ECU receives the software from a remote software distribution center using the road side BSs as gateways. The Vehicular Software Distribution Network (VSDN) is divided into small regions administered by a Regional Group Manager (RGM). Two multicast Group Key Management (GKM) techniques are proposed based on the degree of trust on the BSs named Fully-trusted (FT) and Semi-trusted (ST) systems. Analytical models are developed to find the multicast session establishment latency and handover latency for these two protocols. The average latency to perform mutual authentication of the software vendor and a vehicle, and to send the multicast session key by the software provider during multicast session initialization, and the handoff latency during multicast session is calculated. Analytical and simulation results show that the link establishment latency per vehicle of our proposed schemes is in the range of few seconds and the ST system requires few ms higher time than the FT system. The handoff latency is also in the range of few seconds and in some cases ST system requires less handoff time than the FT system. Thus, it is possible to build an efficient GKM protocol without putting too much trust on the BSs

End-to-end security in active networks

Active network solutions have been proposed to many of the problems caused by the increasing heterogeneity of the Internet. These ystems allow nodes within the network to process data passing through in several ways. Allowing code from various sources to run on routers introduces numerous security concerns that have been addressed by research into safe languages, restricted execution environments, and other related areas. But little attention has been paid to an even more critical question: the effect on end-to-end security of active flow manipulation. This thesis first examines the threat model implicit in active networks. It develops a framework of security protocols in use at various layers of the networking stack, and their utility to multimedia transport and flow processing, and asks if it is reasonable to give active routers access to the plaintext of these flows. After considering the various security problem introduced, such as vulnerability to attacks on intermediaries or coercion, it concludes not. We then ask if active network systems can be built that maintain end-to-end security without seriously degrading the functionality they provide. We describe the design and analysis of three such protocols: a distributed packet filtering system that can be used to adjust multimedia bandwidth requirements and defend against denial-of-service attacks; an efficient composition of link and transport-layer reliability mechanisms that increases the performance of TCP over lossy wireless links; and a distributed watermarking servicethat can efficiently deliver media flows marked with the identity of their recipients. In all three cases, similar functionality is provided to designs that do not maintain end-to-end security. Finally, we reconsider traditional end-to-end arguments in both networking and security, and show that they have continuing importance for Internet design. Our watermarking work adds the concept of splitting trust throughout a network to that model; we suggest further applications of this idea

A wireless multicast delivery architecture for mobile terminals

Content delivery over the Internet to a large number of mobile users offers interesting business opportunities for content providers, intermediaries, and access network operators. A user could receive, for example, music or a digital newspaper directly to a mobile device over wireless networks. Currently, content delivery over the Internet is held back by a number of reasons. Existing network technologies, such as GPRS, have a very limited capacity to transfer large files, such as those required for good-quality pictures in a newspaper. Another problem is security. Content received over the Internet is very vulnerable to being forged. A user who cannot be certain about the source and consistency of the received stock quotes is unlikely to pay for the information. Furthermore, content providers are unwilling to distribute their valuable information over the Internet due to their fear of copyright infringements. Traditionally, content has been considered consumed as soon as it has been downloaded. Content providers have been keen on preventing their content from being transferred over peer-to-peer networks because they consider the delivery itself to be a copyright infringement. In this dissertation, content delivery is separated from content consumption by encrypting the content before delivery. When the users wishes to consume the content, a license which includes the decryption key is provided. The architecture allows content to be delivered to users' devices even before the user commits to consume the content. The user can choose to receive content whenever downloading it is the most convenient and affordable. Thus, the content providers are able to maintain control over the use of their information even after the data has been transferred to the users' terminals. In addition, content received by users can be strongly source authenticated. The architecture allows secure, efficient and reliable delivery of content to a large group of receivers. The architecture does not commit itself to any specific delivery technique, and the content can be delivered using any delivery technique including multicast, broadcast, unicast, and peer-to-peer. This dissertation focuses mostly on multicast as the delivery technique. The efficiency of the multicast delivery over unreliable heterogenous wireless access networks is thoroughly analyzed. Mobile terminals can seamlessly switch between access points and access technologies while continuing to receive data reliably from the network. The multicast delivery uses adaptive error correction and retransmissions to deliver the content as efficiently as possible to a very large number of receivers. The simulations show, that the vast majority of receivers are able to receive the content reliably with a small delay even when the radio network suffers from high packet loss probability. Although the architecture is designed to deliver content to mobile terminals, it is also suitable for delivering content to terminals with fixed Internet connectivity.Digitaalisen sisällön siirtäminen liikkuville käyttäjille Internetin yli tarjoaa uusia liiketoimintamahdollisuuksia niin sisällöntuottajille, välittäjille kuin verkko-operaattoreille. Teknikkaa voidaan käyttää esimerkiksi musiikin tai sähköisten lehtien välittämiseen käyttäjille langattoman verkon kautta. Sisällön välittämistä Internetin kautta hankaloittaa yhä usea seikka. Nykyisin laajassa käytössä olevat verkkotekniikat, kuten GPRS, ovat liian hitaita siirtämään hyvin suuria tiedostoja suurelle määrällä vastaanottajia. Lisäksi väärennetyn tiedon välittäminen Internetin kautta on erittäin helppoa. Sisältö, jonka aitoudesta ja alkuperästä ei ole varmuutta, on usein arvotonta käyttäjälle. Sisällöntuottajat puolestaan ovat haluttomia käyttämään sisältönsä levittämiseen Internetiä mikäli digitaalisesti levitettävän sisällön kopioiminen ja oikeudeton kuluttaminen on liian helppoa. Perinteisesti sisältö ajatellaankin kulutetuksi jo sillä hetkellä, kun se on siirretty käyttäjän laitteeseen. Sen vuoksi sisällön tuottajat ovatkin käyttäneet paljon resursejaan estääkseen sisältönsä välittämisen vertaisverkoissa, koska jo pelkkää sisällön siirtämistä pidetään tekijänoikeusrikkomuksena. Tässä työssä erotetaan sisällön siirtäminen sisällön kuluttamisesta suojaamalla sisältö salauksella ennen sen siirtämistä käyttäjille ja sallimalla vapaa salatun sisällön jakelu. Arkkitehtuuri mahdollistaa sisällön siirtämisen käyttäjien laitteille silloin kun sisällön siirtäminen on edullisinta ja tehokkainta. Vasta käyttäjän halutessa kuluttaa aiemmin lataamaansa sisältöä, tarkistetaan oikeis sisällön käyttöön. Arkkitehtuuri mahdollistaa myös ladatun sisällön alkuperän ja eheyden vahvan tarkistamisen. Arkkitehtuuri mahdollistaa turvallisen, tehokkaan ja luotettavan sisällön siirtämisen suurelle määrälle vastaanottajia. Arkkitehtuuri ei pakota sisällön jakelua käyttämään mitään tiettyä siirtomenetelmää vaan sisältö voidaan siirtää käyttäen esimerkiksi ryhmälähetystä (multicast), joukkolähetystä (broadcast), täsmälähetystä (unicast) tai vertaisverkkoja (peer-to-peer). Tässä työssä on keskitytty analysoimaan ryhmälähetyksen soveltuvuutta tiedon siirtomenetelmänä. Ryhmälähetysmenetelmän tehokkuutta on analysoitu siirrettäessä sisältöä heterogeenisen langattoman liityntäverkon yli. Liikkuvat päätelaitteet voivat siirtyä saumattomasti liityntäverkosta toiseen samalla kun ne vastaanottavat sisältöä. Ryhmälähetys hyödyntää adaptiivista virheenkorjausta ja uudelleenlähetyksiä siirtääkseen sisällönmahdollisimman tehokkaasti suurelle joukolle vastaanottajia. Simulaatiot osoittavat, että erittäin suuri osa vastaanottajista saa sisällön luotettavasti ja pienellä viiveellä vaikka liityntäverkossa pakettien virhetodennäköisyys olisi suuri. Arkkitehtuuri on suunniteltu siirtämään sisältöä liikkuville laitteille, mutta sitä voidaan käyttää yhtä hyvin myös kiinteään verkkoon liitettyjen laitteiden kanssa.reviewe

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Communication Architecture For Distributed Interactive Simulation (CADIS): Military Standard (draft)

Report establishes the requirements for the communication architecture to be used in a distributed interactive simulation, including the standards and the recommended practices for implementing the communication architecture and the rationales behind them

EFFICIENT AND SCALABLE NETWORK SECURITY PROTOCOLS BASED ON LFSR SEQUENCES

The gap between abstract, mathematics-oriented research in cryptography and the engineering approach of designing practical, network security protocols is widening. Network researchers experiment with well-known cryptographic protocols suitable for different network models. On the other hand, researchers inclined toward theory often design cryptographic schemes without considering the practical network constraints. The goal of this dissertation is to address problems in these two challenging areas: building bridges between practical network security protocols and theoretical cryptography. This dissertation presents techniques for building performance sensitive security protocols, using primitives from linear feedback register sequences (LFSR) sequences, for a variety of challenging networking applications. The significant contributions of this thesis are: 1. A common problem faced by large-scale multicast applications, like real-time news feeds, is collecting authenticated feedback from the intended recipients. We design an efficient, scalable, and fault-tolerant technique for combining multiple signed acknowledgments into a single compact one and observe that most signatures (based on the discrete logarithm problem) used in previous protocols do not result in a scalable solution to the problem. 2. We propose a technique to authenticate on-demand source routing protocols in resource-constrained wireless mobile ad-hoc networks. We develop a single-round multisignature that requires no prior cooperation among nodes to construct the multisignature and supports authentication of cached routes. 3. We propose an efficient and scalable aggregate signature, tailored for applications like building efficient certificate chains, authenticating distributed and adaptive content management systems and securing path-vector routing protocols. 4. We observe that blind signatures could form critical building blocks of privacypreserving accountability systems, where an authority needs to vouch for the legitimacy of a message but the ownership of the message should be kept secret from the authority. We propose an efficient blind signature that can serve as a protocol building block for performance sensitive, accountability systems. All special forms digital signatures—aggregate, multi-, and blind signatures—proposed in this dissertation are the first to be constructed using LFSR sequences. Our detailed cost analysis shows that for a desired level of security, the proposed signatures outperformed existing protocols in computation cost, number of communication rounds and storage overhead

A Semantic-Based Middleware for Multimedia Collaborative Applications

The Internet growth and the performance increase of desktop computers have enabled large-scale distributed multimedia applications. They are expected to grow in demand and services and their traffic volume will dominate. Real-time delivery, scalability, heterogeneity are some requirements of these applications that have motivated a revision of the traditional Internet services, the operating systems structures, and the software systems for supporting application development. This work proposes a Java-based lightweight middleware for the development of large-scale multimedia applications. The middleware offers four services for multimedia applications. First, it provides two scalable lightweight protocols for floor control. One follows a centralized model that easily integrates with centralized resources such as a shared too], and the other is a distributed protocol targeted to distributed resources such as audio. Scalability is achieved by periodically multicasting a heartbeat that conveys state information used by clients to request the resource via temporary TCP connections. Second, it supports intra- and inter-stream synchronization algorithms and policies. We introduce the concept of virtual observer, which perceives the session as being in the same room with a sender. We avoid the need for globally synchronized clocks by introducing the concept of user\u27s multimedia presence, which defines a new manner for combining streams coming from multiple sites. It includes a novel algorithm for estimation and removal of clock skew. In addition, it supports event-driven asynchronous message reception, quality of service measures, and traffic rate control. Finally, the middleware provides support for data sharing via a resilient and scalable protocol for transmission of images that can dynamically change in content and size. The effectiveness of the middleware components is shown with the implementation of Odust, a prototypical sharing tool application built on top of the middleware

Switching considerations in storage networks.

by Leung Yiu Tong.Thesis (M.Phil.)--Chinese University of Hong Kong, 2003.Includes bibliographical references (leaves 96-98).Abstracts in English and Chinese.Chapter 1. --- Introduction --- p.1Chapter 1.1 --- Motivation --- p.1Chapter 1.2 --- Thesis Organization --- p.3Chapter 2. --- Storage Network Fundamentals --- p.4Chapter 2.1 --- Storage Network Topology --- p.4Chapter 2.1.1 --- Direct Attached Storage (DAS) --- p.5Chapter 2.1.2 --- Network Attached Storage (NAS) --- p.7Chapter 2.1.3 --- Storage Area Network (SAN) --- p.9Chapter 2.1.3.1 --- SAN and the Fibre Channel Protocol --- p.11Chapter 2.1.4 --- Summary on Storage Network Topology --- p.12Chapter 2.2 --- Storage Protocol --- p.15Chapter 2.2.1 --- Fibre Channel --- p.15Chapter 2.2.1.1 --- Fibre Channel over IP (FCIP) --- p.17Chapter 2.2.1.2 --- Internet Fibre Channel Protocol (iFCP) --- p.19Chapter 2.2.2 --- Internet SCSI (iSCSI) --- p.20Chapter 2.2.3 --- InfiniBand --- p.22Chapter 2.2.4 --- Review on Storage Network Protocol --- p.25Chapter 2.3 --- Standard Organization --- p.27Chapter 2.4 --- Summary --- p.28Chapter 3. --- Switching Design for Storage Networks --- p.30Chapter 3.1. --- Shared Bus Design --- p.32Chapter 3.2. --- Time Division Switch --- p.36Chapter 3.3. --- Share Buffer Memory Switch --- p.37Chapter 3.3.1 --- Parallel Memory Array --- p.40Chapter 3.3.2 --- Distributive Storage --- p.43Chapter 3.4. --- Crossbar Switch --- p.45Chapter 3.4.1 --- Arbitrated Crossbar vs. Buffered Crossbar --- p.46Chapter 3.4.1.1 --- Arbitrated Crossbar Switch --- p.47Chapter 3.4.1.2 --- Buffered Crossbar Switch --- p.48Chapter 3.4.2 --- Switch Scheduling --- p.49Chapter 3.4.2.1 --- Bipartite Matching --- p.50Chapter 3.4.2.2 --- Token-based Distributive Scheduling --- p.53Chapter 3.4.2.3 --- Resource Counting using Semaphore --- p.56Chapter 3.5. --- Algebraic Switches --- p.60Chapter 3.5.1 --- Switching by Conditionally Nonblocking Properties --- p.61Chapter 3.5.2 --- Self-Routing Mechanism with Zero-Bit Buffering --- p.64Chapter 3.5.3 --- Multistage Interconnection of Self-routing Concentrators --- p.69Chapter 3.6. --- Summary --- p.73Chapter 4. --- Investigating Switching Issue in Storage Networks --- p.74Chapter 4.1 --- Choosing a Suitable Switch --- p.74Chapter 4.2 --- Quality of Service (QoS) --- p.76Chapter 4.3 --- Multicasting --- p.77Chapter 4.3.1 --- Crossbar Switch --- p.78Chapter 4.3.2 --- Shared-Buffer Memory Switches --- p.80Chapter 4.3.3 --- Algebraic Switch --- p.82Chapter 4.3.4 --- Application on Multicast Transmission --- p.86Chapter 4.4 --- Load Balancing Mechanism --- p.87Chapter 4.5 --- Optimization on Storage Utilization --- p.91Chapter 4.6 --- Summary --- p.93Chapter 5. --- Conclusion and Summary of Original Contributions --- p.9

Supporting distributed computation over wide area gigabit networks

The advent of high bandwidth fibre optic links that may be used over very large distances has lead to much research and development in the field of wide area gigabit networking. One problem that needs to be addressed is how loosely coupled distributed systems may be built over these links, allowing many computers worldwide to take part in complex calculations in order to solve "Grand Challenge" problems. The research conducted as part of this PhD has looked at the practicality of implementing a communication mechanism proposed by Craig Partridge called Late-binding Remote Procedure Calls (LbRPC). LbRPC is intended to export both code and data over the network to remote machines for evaluation, as opposed to traditional RPC mechanisms that only send parameters to pre-existing remote procedures. The ability to send code as well as data means that LbRPC requests can overcome one of the biggest problems in Wide Area Distributed Computer Systems (WADCS): the fixed latency due to the speed of light. As machines get faster, the fixed multi-millisecond round trip delay equates to ever increasing numbers of CPU cycles. For a WADCS to be efficient, programs should minimise the number of network transits they incur. By allowing the application programmer to export arbitrary code to the remote machine, this may be achieved. This research has looked at the feasibility of supporting secure exportation of arbitrary code and data in heterogeneous, loosely coupled, distributed computing environments. It has investigated techniques for making placement decisions for the code in cases where there are a large number of widely dispersed remote servers that could be used. The latter has resulted in the development of a novel prototype LbRPC using multicast IP for implicit placement and a sequenced, multi-packet saturation multicast transport protocol. These prototypes show that it is possible to export code and data to multiple remote hosts, thereby removing the need to perform complex and error prone explicit process placement decisions

Dependable IPTV Hosting

This research focuses on the challenges of hosting 3rd party RESTful applications that have to meet specific dependability standards. To provide a proof of concept I have implemented an architecture and framework for the use case of internet protocol television. Delivering TV services via internet protocols over high-speed connections is commonly referred to as IPTV (internet protocol television). Similar to the app-stores of smartphones, IPTV platforms enable the emergence of IPTV services in which 3rd party developers provide services to consumer that add value to the IPTV experience. A key issue in the IPTV ecosystem is that currently telecommunications IPTV providers do not have a system that allows 3rd party developers to create applications that meet their standards. The main challenges are that the 3rd party applications must be dependable, scalable and adhere to service level agreements. This research provides an architecture and framework to overcome these challenges