107 research outputs found
Data Confidentiality in Mobile Ad hoc Networks
Mobile ad hoc networks (MANETs) are self-configuring infrastructure-less
networks comprised of mobile nodes that communicate over wireless links without
any central control on a peer-to-peer basis. These individual nodes act as
routers to forward both their own data and also their neighbours' data by
sending and receiving packets to and from other nodes in the network. The
relatively easy configuration and the quick deployment make ad hoc networks
suitable the emergency situations (such as human or natural disasters) and for
military units in enemy territory. Securing data dissemination between these
nodes in such networks, however, is a very challenging task. Exposing such
information to anyone else other than the intended nodes could cause a privacy
and confidentiality breach, particularly in military scenarios. In this paper
we present a novel framework to enhance the privacy and data confidentiality in
mobile ad hoc networks by attaching the originator policies to the messages as
they are sent between nodes. We evaluate our framework using the Network
Simulator (NS-2) to check whether the privacy and confidentiality of the
originator are met. For this we implemented the Policy Enforcement Points
(PEPs), as NS-2 agents that manage and enforce the policies attached to packets
at every node in the MANET.Comment: 12 page
Revisiting Internet Adressing: Back to the Future!
IP prefixes undermine three goals of Internet routing: accurate reflection of network-layer reachability, secure routing messages, and effective traffic control. This paper presents Atomic IP (AIP), a simple change to Internet addressing (which in fact reverts to how addressing once worked), that allows Internet routing to achieve these goals
UCIP: User controlled internet protocol
Internet protocols have developed significantly over the last 50 years but have reached a point where the further improvements in performance, resilience, security and privacy cannot be achieved by simple incremental changes. This paper proposes a new IP protocol that puts the user's end host at the centre of major algorithmic decisions. It consist of three new mechanisms: a private source routing establishment protocol that allows inter-domain traffic routes to be decided by the user and kept private from the providers whilst allowing for anonymous connections where two node can communicate without knowing the identity/address of the other end point; a mechanism to control reception of packets that mitigates denial-of-service attacks and a new directory system that puts the end user at the core of the decisions enabling anycast and mobility with a pub-sub mechanism with fine grain capabilities for describe resources. These changes allow end nodes to have a much tighter control of how they send and receive their traffic and provide a paradigm shift for the Internet ecosystem
Critical Infrastructures You Can Trust: Where Telecommunications Fits
This paper discusses two NISs: the public telephone network (PTN) and the Internet. Being themselves large and complex NISs, they not only merit study in their own right but can help us to understand some of the technical problems faced by the developers and operators of other NISs. In addition, the high cost of building a global communications infrastructure from the ground up implies that one or both of these two networks is likely to furnish communications services for most other NISs. Therefore, an understanding of the vulnerabilties of the PTN and Internet informs the assessment of the trustworthiness of other NISs. Ideas for improving the trustworthiness of the PTN and Internet are also proposed, both for the short-term (by improved use of existing technologies and procedures) and for the long-term (by identifying some areas where the state-of-the-art is inadequate and research is therefore needed). Finally, some observations are offered about Internet telephony and the use of the Internet for critical infrastructures
Survey and Analysis of Production Distributed Computing Infrastructures
This report has two objectives. First, we describe a set of the production
distributed infrastructures currently available, so that the reader has a basic
understanding of them. This includes explaining why each infrastructure was
created and made available and how it has succeeded and failed. The set is not
complete, but we believe it is representative.
Second, we describe the infrastructures in terms of their use, which is a
combination of how they were designed to be used and how users have found ways
to use them. Applications are often designed and created with specific
infrastructures in mind, with both an appreciation of the existing capabilities
provided by those infrastructures and an anticipation of their future
capabilities. Here, the infrastructures we discuss were often designed and
created with specific applications in mind, or at least specific types of
applications. The reader should understand how the interplay between the
infrastructure providers and the users leads to such usages, which we call
usage modalities. These usage modalities are really abstractions that exist
between the infrastructures and the applications; they influence the
infrastructures by representing the applications, and they influence the ap-
plications by representing the infrastructures
A session-based architecture for Internet mobility
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, February 2003.Includes bibliographical references (p. 179-189).The proliferation of mobile computing devices and wireless networking products over the past decade has led to an increasingly nomadic computing lifestyle. A computer is no longer an immobile, gargantuan machine that remains in one place for the lifetime of its operation. Today's personal computing devices are portable, and Internet access is becoming ubiquitous. A well-traveled laptop user might use half a dozen different networks throughout the course of a day: a cable modem from home, wide-area wireless on the commute, wired Ethernet at the office, a Bluetooth network in the car, and a wireless, local-area network at the airport or the neighborhood coffee shop. Mobile hosts are prone to frequent, unexpected disconnections that vary greatly in duration. Despite the prevalence of these multi-homed mobile devices, today's operating systems on both mobile hosts and fixed Internet servers lack fine-grained support for network applications on intermittently connected hosts. We argue that network communication is well-modeled by a session abstraction, and present Migrate, an architecture based on system support for a flexible session primitive. Migrate works with application-selected naming services to enable seamless, mobile "suspend/resume" operation of legacy applications and provide enhanced functionality for mobile-aware, session-based network applications, enabling adaptive operation of mobile clients and allowing Internet servers to support large numbers of intermittently connected sessions. We describe our UNIX-based implementation of Migrate and show that sessions are a flexible, robust, and efficient way to manage mobile end points, even for legacy applications.(cont.) In addition, we demonstrate two popular Internet servers that have been extended to leverage our novel notion of session continuations to enable support for large numbers of suspended clients with only minimal resource impact. Experimental results show that Migrate introduces only minor throughput degradation (less than 2% for moderate block sizes) when used over popular access link technologies, gracefully detects and suspends disconnected sessions, rapidly resumes from suspension, and integrates well with existing applications.by Mark Alexander Connell Snoeren.Ph.D
Resource management for data streaming applications
This dissertation investigates novel middleware mechanisms for building streaming
applications. Developing streaming applications is a challenging task
because (i) they are continuous in nature; (ii) they require fusion of data coming from multiple sources to derive
higher level information; (iii) they require
efficient transport of data from/to distributed sources and sinks;
(iv) they need access to heterogeneous resources spanning sensor networks and high
performance computing; and (v) they are time critical in nature. My thesis is that an
intuitive programming abstraction will make it easier to build dynamic,
distributed, and ubiquitous data streaming applications. Moreover, such an abstraction will
enable an efficient allocation of shared and heterogeneous computational resources thereby making it easier for
domain experts to build these applications. In support of the thesis, I present a novel programming abstraction, called DFuse,
that makes it easier to develop these applications. A domain expert only needs to specify the input and output
connections to fusion channels, and the fusion functions. The subsystems developed in
this dissertation take care of instantiating the application,
allocating resources for the application (via the scheduling heuristic developed in this dissertation) and dynamically
managing the resources (via the dynamic scheduling algorithm presented in this dissertation). Through extensive
performance evaluation, I demonstrate that the resources are allocated efficiently to optimize the throughput and latency
constraints of an application.Ph.D.Committee Chair: Ramachandran, Umakishore; Committee Member: Chervenak, Ann; Committee Member: Cooper, Brian; Committee Member: Liu, Ling; Committee Member: Schwan, Karste
- …