Implementación y pruebas de REsource LOcation And Discovery (RELOAD) Parser and Encoder

El ampliamente utilizado paradigma cliente/servidor está siendo complementado e incluso reemplazado por otros planteamientos de tipo Peer-to-Peer (P2P). Las redes P2P ofrecen un sistema descentralizado de distribución de la información, son más estables, y representan una solución al problema de la escalabilidad. Al mismo tiempo, el Session Initiation Protocol (SIP), un protocolo de señalización diseñado inicialmente para arquitecturas de tipo ciente/servidor, ha sido ampliamente adoptado para servicios de comunicación tipo Voice-over-IP (VoIP). El actual proceso de estandarización llevado a cabo por el Peer-to-Peer Session Initiation Protocol (P2PSIP) Working Group del IETF se está acercando al desarrollo de aplicaciones que puedan utilizar tecnologías P2P junto con SIP. RELOAD es un protocolo P2P de señalización, que está todavía en desarrollo. RELOAD trabaja en entornos en los que existen Network Address Translators (NATs) o firewalls. RELOAD soporta diferentes aplicaciones y proporciona un marco de seguridad, también permite el uso de diversos algoritmos para las Distributed Hash Tables (DHTs) mediante los llamados "topology plugins". Esta tesis tiene como objetivos la implementación de un codificador y decodificador para mensajes de RELOAD, y el análisis de su rendimiento. Para este último punto se implementará un programa de prueba ejecutable en un teléfono móvil y en un servidor para la simulación de una red RELOAD. ________________________________________The widely used classic client/server paradigm is being complemented and sometimes replaced by current Peer-to-Peer (P2P) approaches. P2P networks offer decentralized distribution of information, are more stable, and represent a solution to the problem of scalability. At the same time the Session Initiation Protocol (SIP), a signalling protocol initially designed for client/server architectures, has been widely adopted for Voice-over-IP (VoIP) communication. The current standardization process of the Peer-to-Peer Session Initiation Protocol (P2PSIP) working group of the IETF is moving towards the development of applications that can use both P2P and Session Initiation Protocol (SIP) technologies in conjuntion. RELOAD is a P2P signalling protocol, which is still under development. RELOAD works in environments where there are Network Address Translators (NATs) or firewalls. RELOAD can support various applications and provides a security frameworks. RELOAD also allows the use of various Distributed Hash Table (DHT) algorithms in the form of topology plugins. This thesis aims at implementing a parser and encoder for RELOAD messages, and analyzing its performance by implementing a test program that will run on a mobile phone and on a server simulating a RELOAD overlay network.Ingeniería Técnica en Informática de Gestió

Security for Decentralised Service Location - Exemplified with Real-Time Communication Session Establishment

Decentralised Service Location, i.e. finding an application communication endpoint based on a Distributed Hash Table (DHT), is a fairly new concept. The precise security implications of this approach have not been studied in detail. More importantly, a detailed analysis regarding the applicability of existing security solutions to this concept has not been conducted. In many cases existing client-server approaches to security may not be feasible. In addition, to understand the necessity for such an analysis, it is key to acknowledge that Decentralised Service Location has some unique security requirements compared to other P2P applications such as filesharing or live streaming. This thesis concerns the security challenges for Decentralised Service Location. The goals of our work are on the one hand to precisely understand the security requirements and research challenges for Decentralised Service Location, and on the other hand to develop and evaluate corresponding security mechanisms. The thesis is organised as follows. First, fundamentals are explained and the scope of the thesis is defined. Decentralised Service Location is defined and P2PSIP is explained technically as a prototypical example. Then, a security analysis for P2PSIP is presented. Based on this security analysis, security requirements for Decentralised Service Location and the corresponding research challenges -- i.e. security concerns not suitably mitigated by existing solutions -- are derived. Second, several decentralised solutions are presented and evaluated to tackle the security challenges for Decentralised Service Location. We present decentralised algorithms to enable availability of the DHTs lookup service in the presence of adversary nodes. These algorithms are evaluated via simulation and compared to analytical bounds. Further, a cryptographic approach based on self-certifying identities is illustrated and discussed. This approach enables decentralised integrity protection of location-bindings. Finally, a decentralised approach to assess unknown identities is introduced. The approach is based on a Web-of-Trust model. It is evaluated via prototypical implementation. Finally, the thesis closes with a summary of the main contributions and a discussion of open issues