MUSeS: Mobile User Secured Session

International audienceMobility and security are very important services for both current and future network infrastructures. However, the integration of mobility in traditional virtual private networks is difficult due to the costs of re-establishing broken secure tunnels and restarting broken application connections. In order to address this issue, we propose a new communication system called Mobile User Secured Session. Based upon a peer-to-peer overlay network, it provides security services to the application layer connections of mobile users. The secure and resilient sessions allow user connections to survive network failures as opposed to regular transport layer secured connections. We have implemented a prototype and have assessed its proper functioning by running experimentations upon a simple virtual dynamic network

Le réseau privé virtuel (VPN) sur les réseaux maillés sans fil WMN

Les Réseaux Privés Virtuels (VPN) peuvent offrir une grande sécurité aux réseaux maillés sans fil (WMN). Toutefois, le déploiement conjoint des deux technologies devient problématique pour la gestion de la mobilité IP dont souffrent déjà les deux réseaux. En effet, diverses solutions ont été proposées pour assurer un handoff VPN rapide et transparent sur les réseaux sans fil. Cependant, ces solutions ne peuvent pas fonctionner convenablement sur les WMNs qui ont des caractéristiques de multi saut et une topologie dynamique. À cet effet, une nouvelle approche est proposée, l’algorithme Seamless Handoff VPN pour les réseaux maillés sans fil (SHVM). Celui-ci repose sur trois conceptions, à savoir la conception de chemin optimal, la conception de CE (Customer Edge) basés sur VRF et la conception de l’application de l’adresse statique de VPN. L’objectif de la solution proposée est de réduire le délai de handoff et de minimiser le taux de perte de paquets. Le modèle proposé est supposé être sécurisé avec la technologie MPLS-VPN. Dans le but de valider notre approche, le modèle a été simulé sur OPNET 16. Les résultats obtenus montrent que le délai et le taux de pertes de paquets sont effectivement inférieurs aux normes requises pour assurer un seamless handoff pour une application en temps réel

MobiVPN: Towards a Reliable and Efficient Mobile VPN

abstract: A Virtual Private Network (VPN) is the traditional approach for an end-to-end secure connection between two endpoints. Most existing VPN solutions are intended for wired networks with reliable connections. In a mobile environment, network connections are less reliable and devices experience intermittent network disconnections due to either switching from one network to another or experiencing a gap in coverage during roaming. These disruptive events affects traditional VPN performance, resulting in possible termination of applications, data loss, and reduced productivity. Mobile VPNs bridge the gap between what users and applications expect from a wired network and the realities of mobile computing. In this dissertation, MobiVPN, which was built by modifying the widely-used OpenVPN so that the requirements of a mobile VPN were met, was designed and developed. The aim in MobiVPN was for it to be a reliable and efficient VPN for mobile environments. In order to achieve these objectives, MobiVPN introduces the following features: 1) Fast and lightweight VPN session resumption, where MobiVPN is able decrease the time it takes to resume a VPN tunnel after a mobility event by an average of 97.19\% compared to that of OpenVPN. 2) Persistence of TCP sessions of the tunneled applications allowing them to survive VPN tunnel disruptions due to a gap in network coverage no matter how long the coverage gap is. MobiVPN also has mechanisms to suspend and resume TCP flows during and after a network disconnection with a packet buffering option to maintain the TCP sending rate. MobiVPN was able to provide fast resumption of TCP flows after reconnection with improved TCP performance when multiple disconnections occur with an average of 30.08\% increase in throughput in the experiments where buffering was used, and an average of 20.93\% of increased throughput for flows that were not buffered. 3) A fine-grained, flow-based adaptive compression which allows MobiVPN to treat each tunneled flow independently so that compression can be turned on for compressible flows, and turned off for incompressible ones. The experiments showed that the flow-based adaptive compression outperformed OpenVPN's compression options in terms of effective throughput, data reduction, and lesser compression operations.Dissertation/ThesisDoctoral Dissertation Computer Science 201