Design and implementation of the node identity internetworking architecture

The Internet Protocol (IP) has been proven very flexible, being able to accommodate all kinds of link technologies and supporting a broad range of applications. The basic principles of the original Internet architecture include end-to-end addressing, global routeability and a single namespace of IP addresses that unintentionally serves both as locators and host identifiers. The commercial success and widespread use of the Internet have lead to new requirements, which include internetworking over business boundaries, mobility and multi-homing in an untrusted environment. Our approach to satisfy these new requirements is to introduce a new internetworking layer, the node identity layer. Such a layer runs on top of the different versions of IP, but could also run directly on top of other kinds of network technologies, such as MPLS and 2G/3G PDP contexts. This approach enables connectivity across different communication technologies, supports mobility, multi-homing, and security from ground up. This paper describes the Node Identity Architecture in detail and discusses the experiences from implementing and running a prototype

Names, addresses and identities in ambient networks

Ambient Networks interconnect independent realms that may use different local network technologies and may belong to different administrative or legal entities. At the core of these advanced internetworking concepts is a flexible naming architecture based on dynamic indirections between names, addresses and identities. This paper gives an overview of the connectivity abstractions of Ambient Networks and then describes its naming architecture in detail, comparing and contrasting them to other related next-generation network architectures

Millimeter-wave Wireless LAN and its Extension toward 5G Heterogeneous Networks

Millimeter-wave (mmw) frequency bands, especially 60 GHz unlicensed band, are considered as a promising solution for gigabit short range wireless communication systems. IEEE standard 802.11ad, also known as WiGig, is standardized for the usage of the 60 GHz unlicensed band for wireless local area networks (WLANs). By using this mmw WLAN, multi-Gbps rate can be achieved to support bandwidth-intensive multimedia applications. Exhaustive search along with beamforming (BF) is usually used to overcome 60 GHz channel propagation loss and accomplish data transmissions in such mmw WLANs. Because of its short range transmission with a high susceptibility to path blocking, multiple number of mmw access points (APs) should be used to fully cover a typical target environment for future high capacity multi-Gbps WLANs. Therefore, coordination among mmw APs is highly needed to overcome packet collisions resulting from un-coordinated exhaustive search BF and to increase the total capacity of mmw WLANs. In this paper, we firstly give the current status of mmw WLANs with our developed WiGig AP prototype. Then, we highlight the great need for coordinated transmissions among mmw APs as a key enabler for future high capacity mmw WLANs. Two different types of coordinated mmw WLAN architecture are introduced. One is the distributed antenna type architecture to realize centralized coordination, while the other is an autonomous coordination with the assistance of legacy Wi-Fi signaling. Moreover, two heterogeneous network (HetNet) architectures are also introduced to efficiently extend the coordinated mmw WLANs to be used for future 5th Generation (5G) cellular networks.Comment: 18 pages, 24 figures, accepted, invited paper

Internet Governance: the State of Play

The Global Forum on Internet Governance held by the UNICT Task Force in New York on 25-26 March concluded that Internet governance issues were many and complex. The Secretary-General's Working Group on Internet Governance will have to map out and navigate this complex terrain as it makes recommendations to the World Summit on an Information Society in 2005. To assist in this process, the Forum recommended, in the words of the Deputy Secretary-General of the United Nations at the closing session, that a matrix be developed "of all issues of Internet governance addressed by multilateral institutions, including gaps and concerns, to assist the Secretary-General in moving forward the agenda on these issues." This paper takes up the Deputy Secretary-General's challenge. It is an analysis of the state of play in Internet governance in different forums, with a view to showing: (1) what issues are being addressed (2) by whom, (3) what are the types of consideration that these issues receive and (4) what issues are not adequately addressed

Building a truster environment for e-business : a Malaysian perspective

Internet identify ‘security’ as a major concern for businesses. In general, the level of security in any network environment is closely linked to the level of trust assigned to a particular individual or organization within that environment. It is the trust element that is crucial in ensuring a secure environment. Besides physical security, security technology needs to be utilised to provide a trusted environment for e-business. Network security components for perimeter defense, i.e., Virtual Private Networks, firewalls and Intrusion Detection Systems, need to be complemented by security components at the applications and user level, e.g., authentication of user. ID or password security solution may be an option but now with the availability of legally binding digital certificates, security in e-business transactions can be further improved. Time and date stamping of e-business transactions are also of concern to prove at a later date that the transactions took place at the stipulated date and time. Digital certificates are part of a Public Key Infrastructure (PKI) scheme, which is an enabling technology for building a trusted epvironment. PIU comprise policies and procedures for establishing a secure method for exchanging information over a network environment. The Digital Signature Act 1997 (DSA 1997) facilitates the PKI implementation in Malaysia. Following the DSA 1997, Certification Authorities (CAs) were set up in Malaysia. This paper describes a trusted platform for spurring ebusiness and provides a Malaysian perspective of it

To NACK or not to NACK? Negative Acknowledgments in Information-Centric Networking

Information-Centric Networking (ICN) is an internetworking paradigm that offers an alternative to the current IP\nobreakdash-based Internet architecture. ICN's most distinguishing feature is its emphasis on information (content) instead of communication endpoints. One important open issue in ICN is whether negative acknowledgments (NACKs) at the network layer are useful for notifying downstream nodes about forwarding failures, or requests for incorrect or non-existent information. In benign settings, NACKs are beneficial for ICN architectures, such as CCNx and NDN, since they flush state in routers and notify consumers. In terms of security, NACKs seem useful as they can help mitigating so-called Interest Flooding attacks. However, as we show in this paper, network-layer NACKs also have some unpleasant security implications. We consider several types of NACKs and discuss their security design requirements and implications. We also demonstrate that providing secure NACKs triggers the threat of producer-bound flooding attacks. Although we discuss some potential countermeasures to these attacks, the main conclusion of this paper is that network-layer NACKs are best avoided, at least for security reasons.Comment: 10 pages, 7 figure

Revisiting Cybersecurity Awareness in the Midst of Disruptions

The awareness of cybersecurity and knowledge about risks from a variety of threats, which present harm or steal private information in internetworking could help in mitigation of vulnerabilities to risks of threats in safeguarding information from malware and bots. Revisiting cybersecurity awareness of every member and evaluation of organization’s posture might help to protect sensitive or private information from a network of computers, working together and forming into botnets. The purpose of the qualitative case study narrative was to explore prospects for integrating cybersecurity education into elementary school children’s curriculum through interviews of elementary schoolteachers, IT experts, and parents to gain feedback about perceptions on cybersecurity knowledge and awareness. The analysis of schools’ organizational security postures related to all levels of education, recommending in raising awareness of the underlying and unprecedented security vulnerabilities. One area of greatest need is in protecting the wellbeing of people in securing private or protected assets and sensitive information, most valuable and vulnerable amid disruption. The possible lack of cybersecurity awareness in online settings could increase an organizational vulnerability to risks of threats and outsider attempts to install malware during a variety of cyber-attacks. Organizations with online ambiguity face a threat from botnets to infect networks. This qualitative exploratory single case-study into perceptions of teachers and leaders, information technology (IT) experts, and parents of elementary school children about cybersecurity awareness level of children in elementary schools helped to reinforce the important role of education in building foundational cyber-safety practices