Maturity and Performance of Programmable Secure Computation

Secure computation research has gained traction internationally in the last five years. In the United States, the DARPA PROCEED program (2011-2015) focused on development of multiple SC paradigms and improving their performance. In the European Union, the PRACTICE program (2013-2016) focuses on its use to secure cloud computing. Both programs have demonstrated exceptional prototypes and performance improvements. In this paper, we collect the results from both programs and other published literature to present the state of the art in what can be achieved with today\u27s secure computing technology. We consider linear secret sharing based computations, garbled circuits and fully homomorphic encryption. We describe theoretical and practical criteria that can be used to characterize secure computation paradigms and provide an overview of common benchmarks such as AES evaluation

Improved Performance of Secured VoIP Via Enhanced Blowfish Encryption Algorithm

Both the development and the integration of efficient network, open source technology, and Voice over Internet Protocol (VoIP) applications have been increasingly important and gained quick popularity due to new rapidly emerging IP-based network technology. Nonetheless, security and privacy concerns have emerged as issues that need to be addressed. The privacy process ensures that encryption and decryption methods protect the data from being alternate and intercept, a privacy VoIP call will contribute to private and confidential conversation purposes such as telebanking, telepsychiatry, health, safety issues and many more. Hence, this study had quantified VoIP performance and voice quality under security implementation with the technique of IPSec and the enhancement of the Blowfish encryption algorithm. In fact, the primary objective of this study is to improve the performance of Blowfish encryption algorithm. The proposed algorithm was tested with varying network topologies and a variety of audio codecs, which contributed to the impact upon VoIP network. A network testbed with seven experiments and network configurations had been set up in two labs to determine its effects on network performance. Besides, an experimental work using OPNET simulations under 54 experiments of network scenarios were compared with the network testbed for validation and verification purposes. Next, an enhanced Blowfish algorithm for VoIP services had been designed and executed throughout this research. From the stance of VoIP session and services performance, the redesign of the Blowfish algorithm displayed several significant effects that improved both the performance of VoIP network and the quality of voice. This finding indicates some available opportunities that could enhance encrypted algorithm, data privacy, and integrity; where the balance between Quality of Services (QoS) and security techniques can be applied to boost network throughput, performance, and voice quality of existing VoIP services. With that, this study had executed and contributed to a threefold aspect, which refers to the redesign of the Blowfish algorithm that could minimize computational resources. In addition, the VoIP network performance was analysed and compared in terms of end-to-end delay, jitter, packet loss, and finally, sought improvement for voice quality in VoIP services, as well as the effect of the designed enhanced Blowfish algorithm upon voice quality, which had been quantified by using a variety of voice codecs

Media gateway utilizando um GPU

Mestrado em Engenharia de Computadores e Telemátic

Radio resource management techniques for QoS provision in 5G networks

Premi extraordinari doctorat UPC curs 2017-2018. Àmbit d’Enginyeria de les TICAs numerous mobile applications and over-the-top (OTT) services emerge and mobile Internet connectivity becomes ubiquitous, the provision of high quality of service (QoS) is more challenging for mobile network operators (MNOs). Research efforts focus on the development of innovative resource management techniques and have introduced the long term evolution advanced (LTE-A) communication standard. Novel business models make the growth of network capacity sustainable by enabling MNOs to combine their resources. The fifth generation (5G) mobile networks will involve technologies and business stakeholders with different capabilities and demands that may affect the QoS provision, requiring efficient radio resource sharing. The need for higher network capacity has introduced novel technologies that improve resource allocation efficiency. Direct connectivity among user equipment terminals (UEs) circumventing the LTE-A infrastructure alleviates the network overload. Part of mobile traffic is offloaded to outband device-to-device (D2D) connections (in unlicensed spectrum) enabling data exchange between UEs directly or via UEs-relays. Still, MNOs need additional spectrum resources and infrastructure. The inter-operator network sharing concept has emerged motivating the adoption of virtualization that enables network slicing, i.e., dynamic separation of resources in virtual slices (VSs). VSs are managed in isolation by different tenants using software defined networking and encompass core and radio access network resources allocated periodically to UEs. When UEs access OTT applications, flows with different QoS demands and priorities determined by OTT service providers (OSPs) are generated. OSPs’ policies should be considered in VS allocation. The coexisting technologies, business models and stakeholders require sophisticated radio resource management (RRM) techniques. To that end, RRM is performed in a complex ecosystem. When D2D communication involves data concurrently downloaded by the mobile network, QoS may be affected by LTE-A network parameters (resource scheduling policy, downlink channel conditions). It is also affected by the relay selection, as UEs may not be willing to help unknown UE pairs and UEs’ social ties in mobile applications may influence willingness for D2D cooperation. Thus, effective medium access control (MAC) mechanisms should coordinate D2D transmissions employing advanced techniques, e.g., network coding (NC). When UEs access OTT applications, OSPs’ policies are not considered by MNOs in RRM and OSPs cannot apply flow prioritization. Network neutrality issues also arise when OSPs claim resources from MNOs aiming to minimize grade of service (GoS). OSPs’ intervention may delay flows’ accommodation due to the time required for OSP-MNO interaction and the time the flows spent waiting for resources. This thesis proposes novel solutions to the RRM issues of outband D2D communication and VS allocation for OSPs in 5G networks. We present a cooperative D2D MAC protocol that leverages the opportunities for NC in D2D communication under the influence of LTE-A network parameters and its throughput performance analysis. The protocol improves D2D throughput and energy efficiency, especially for UEs with better downlink channel conditions. We next introduce social awareness in D2D MAC design and present a social-aware cooperative D2D MAC protocol that employs UEs’ social ties to promote the use of friendly relays reducing the total energy consumption. Motivated by the lack of approaches for OSP-oriented RRM, we present a novel flow prioritization algorithm based on matching theory that applies OSPs’ policies respecting the network neutrality and the analysis of its GoS and delay performance. The algorithm maintains low overhead and delay without affecting fairness among OSPs. Our techniques highlight the QoS improvement induced by the joint consideration of different technologies and business stakeholders in RRM design.A medida que varias aplicaciones móviles y servicios over-the-top (OTT) surgen y el Internet móvil se vuelve ubicua, la prestación de alta calidad de servicio (QoS) es desafiante para los operadores de red móvil (MNOs). Los estudios de investigación se enfocan en técnicas innovadoras para la gestión de recursos de red y han resultado en la especificación del estándar de comunicación long term evolution advanced (LTE-A). Modelos comerciales nuevos hacen que el crecimiento de la capacidad de red sea sostenible al permitir que MNOs combinen sus recursos. La quinta generación (5G) de redes móviles implicará tecnologías y partes comerciales interesadas con varias habilidades y demandas que pueden afectar la provisión de QoS y demandan la gestión eficaz de recursos de radio. La necesidad de capacidad de red más alta ha introducido tecnologías que hacen más eficiente la asignación de recursos. La conectividad directa entre terminales de equipos de usuarios (UEs) eludiendo la infraestructura LTE-A alivia la sobrecarga de red. Parte del tráfico es dirigido a conexiones de dispositivo a dispositivo (D2D) outband permitiendo la comunicación de UEs directamente o con relés. Los MNOs necesitan nuevos recursos de espectro e infraestructura. El intercambio de recursos entre MNOs ha surgido motivando la adopción de virtualización que realiza la segmentación de red i.e., la separación dinámica de recursos en trozos virtuales (VSs). Los VSs son administrados de forma aislada por inquilinos diferentes con software defined networking y abarcan recursos de red core y radio access asignadas periódicamente a UEs. Cuando UEs usan aplicaciones OTT, flujos de aplicación con demandas y prioridades definidas por proveedores de servicios OTT (OSPs) se generan. Las políticas de OSPs deben ser integradas en la asignación de VSs. La coexistencia de varias tecnologías y partes comerciales demanda técnicas sofisticadas de gestión de recursos radio (RRM). Con ese fin, la RRM se realiza en un ecosistema complejo. Si la comunicación D2D involucra datos descargados simultáneamente por la red móvil, los parámetros de red LTE-A (política de scheduling de recursos, condiciones de canal downlink) afectan el QoS. La selección de relés afecta el rendimiento porque los UEs no desean siempre ayudar a UEs desconocidos. Las relaciones sociales de los UEs en aplicaciones móviles pueden determinar la voluntad para la comunicación cooperativa D2D. Por lo tanto, mecanismos de control de acceso al medio (MAC) deben coordinar las transmisiones D2D con técnicas avanzadas ej., codificación de red. Si los UEs usan servicios OTT, las políticas de OSPs no son consideradas en RRM y los OSPs no emplean flujos prioritarios. Problemas de neutralidad de red surgen cuando los OSPs reclaman recursos de MNOs para minimizar el grado de servicio (GoS). La intervención de OSPs puede causar retraso en el servicio de flujos debido a la interacción OSP-MNO y el tiempo requerido para que los flujos reciban recursos. Esta tesis presenta soluciones nuevas para los problemas RRM de comunicación D2D outband y asignación de VSs a OSPs en redes 5G. Proponemos un protocolo D2D MAC cooperativo que explota las oportunidades de NC bajo la influencia de parámetros de red LTE-A y su análisis de rendimiento. El protocolo mejora el rendimiento y la eficiencia energética especialmente para UEs con mejores condiciones de canal downlink. Introducimos la conciencia social en el D2D MAC y proponemos un protocolo que utiliza relaciones sociales de UEs para elegir relés-amigos y reduce el consumo de energía. Dada la falta de técnicas que aborden el problema RRM de OSPs presentamos un algoritmo que aplique políticas de OSPs y respete la neutralidad usando la teoría de matching, y su análisis de GoS y retraso. El algoritmo induce bajo coste y retraso sin afectar la imparcialidad entre OSPs. Estas técnicas demuestran la mejora de QoS gracias a la consideración de tecnologas y partes comerciales diferentes en RRM.Award-winningPostprint (published version