A novel network architecture for train-to-wayside communication with quality of service over heterogeneous wireless networks

In the railway industry, there are nowadays different actors who would like to send or receive data from the wayside to an onboard device or vice versa. These actors are e.g., the Train Operation Company, the Train Constructing Company, a Content Provider, etc. This requires a communication module on each train and at the wayside. These modules interact with each other over heterogeneous wireless links. This system is referred to as the Train-to-Wayside Communication System (TWCS). While there are already a lot of deployments using a TWCS, the implementation of quality of service, performance enhancing proxies (PEP) and the network mobility functions have not yet been fully integrated in TWCS systems. Therefore, we propose a novel and modular IPv6-enabled TWCS architecture in this article. It jointly tackles these functions and considers their mutual dependencies and relationships. DiffServ is used to differentiate between service classes and priorities. Virtual local area networks are used to differentiate between different service level agreements. In the PEP, we propose to use a distributed TCP accelerator to optimize bandwidth usage. Concerning network mobility, we propose to use the SCTP protocol (with Dynamic Address Reconfiguration and PR-SCTP extensions) to create a tunnel per wireless link, in order to support the reliable transmission of data between the accelerators. We have analyzed different design choices, pinpointed the main implementation challenges and identified candidate solutions for the different modules in the TWCS system. As such, we present an elaborated framework that can be used for prototyping a fully featured TWCS

How to deploy security mechanisms online (consistently)

To mitigate a myriad of Web attacks, modern browsers support client-side secu- rity policies shipped through HTTP response headers. To enforce these policies, the operator can set response headers that the server then communicates to the client. We have shown that one of those, namely the Content Security Policy (CSP), re- quires massive engineering effort to be deployed in a non-trivially bypassable way. Thus, many policies deployed on Web sites are misconfigured. Due to the capability of CSP to also defend against framing-based attacks, it has a functionality-wise overlap with the X-Frame-Options header. We have shown that this overlap leads to inconsistent behavior of browsers, but also inconsistent deployment on real-world Web applications. Not only overloaded defense mechanisms are prone to security inconsistencies. We investigated that due to the structure of the Web it- self, misconfigured origin servers or geolocation-based CDN caches can cause unwanted security inconsistencies. To not disregard the high number of misconfigurations of CSP, we also took a closer look at the deployment process of the mechanism. By conducting a semi-structured interview, including a coding task, we were able to shed light on motivations, strategies, and roadblocks of CSP deployment. However, due to the wide usage of CSP, drastic changes are generally considered impractical. Therefore, we also evaluated if one of the newest Web security features, namely Trusted Types, can be improved.Um eine Vielzahl von Angriffen im Web zu entschärfen, unterstützen moderne Browser clientseitige Sicherheitsmechanismen, die über sogenannte HTTP Response- Header übermittelt werden. Um jene Sicherheitsfeatures anzuwenden, setzt der Betreiber einer Web site einen solchen Header, welchen der Server dann an den Client ausliefert. Wir haben gezeigt, dass das konfigurieren eines dieser Mechanismen, der Content Security Policy (CSP), einen enormen technischen Aufwand erfordert, um auf nicht triviale Weise umgangen werden zu können. Daher ist jenes feature auf vielen Webseiten, auch Top Webseiten, falsch konfiguriert. Aufgrund der Fähigkeit von CSP, auch Framing-basierte Angriffe abzuwehren, überschneidet sich seine Funktionalität darüber hinaus mit der des X-Frame-Options Headers. Wir haben gezeigt, dass dies zu inkonsistentem Verhalten von Browsern, aber auch zu inkonsistentem Einsatz in realen Webanwendungen führt. Nicht nur überladene Verteidigungsmechanismen sind anfällig für Sicherheitsinkonsistenzen. Wir haben untersucht, dass aufgrund der Struktur desWebs selbst, falsch konfigurierte Ursprungsserver, oder CDN-Caches, die von der geographischen Lage abhängen, unerwünschte Sicherheitsinkonsistenzen verursachen können. Um die hohe Anzahl an Fehlkonfigurationen von CSP-Headern nicht außer Acht zu lassen, haben wir uns auch den Erstellungsprozess eines CSP-Headers genauer angesehen. Mit Hilfe eines halbstrukturierten Interviews, welches auch eine Programmieraufgabe beinhaltete, konnten wir die Motivationen, Strategien und Hindernisse beim Einsatz von CSP beleuchten. Aufgrund der weiten Verbreitung von CSP werden drastische Änderungen allgemein jedoch als unpraktisch angesehen. Daher haben wir ebenfalls untersucht, ob eine der neuesten und daher wenig genutzten,Web-Sicherheitsmechanismen, namentlich Trusted Types, ebenfalls verbesserungswürdig ist

Toward the PSTN/Internet Inter-Networking--Pre-PINT Implementations

This document contains the information relevant to the development of the inter-networking interfaces underway in the Public Switched Telephone Network (PSTN)/Internet Inter-Networking (PINT) Working Group. It addresses technologies, architectures, and several (but by no means all) existing pre-PINT implementations of the arrangements through which Internet applications can request and enrich PSTN telecommunications services. The common denominator of the enriched services (a.k.a. PINT services) is that they combine the Internet and PSTN services in such a way that the Internet is used for non-voice interactions, while the voice (and fax) are carried entirely over the PSTN. One key observation is that the pre-PINT implementations, being developed independently, do not inter-operate. It is a task of the PINT Working Group to define the inter-networking interfaces that will support inter-operation of the future implementations of PINT services

Virtual Teaching Assistant: A Web Tool (for C++)

With the advancements in technology and popularity of online education, the need for virtual teaching assistance has suddenly risen. Students prefer to get virtual help from teachers and tutors at their convenience and time. A virtual tutor – web tool is an effective way to meet this requirement, which is convenient for both students and teachers. The students at St. Cloud State University expect to have more one-on-one human tutoring, which is hard in regular classroom settings. Especially, this expectation seems more serious for students who take CSCI 201 – Computer Science I (C++). To solve this problem, a virtual tutor - web tool has been proposed to help the students. The virtual tutor is emotive, which can help distant students enhance their understanding of C++. Although this is a blueprint which is used to learn CSCI 201 at St. Cloud State University, this can be applied to any other classes. The tool allows the user to use speech recognition to ask questions to the tool which returns useful answers; to work online with others; and to interact with teachers. In addition, a screen sharing option is also offered to allow users to share the work with each other. Additional services are offered. This tool introduces an easy and better approach to offer extra help to the students in need instead of relying 100% on the traditional approach. In addition, this might reach wider target audiences including senior students who are ready to offer help to the junior students without setting up any traditional face-to-face meetings. This could be a great tool for students with low self-esteem as well. In this document, overall tool design is explained in details, and the major steps in building the tool are outlined. The steps include motivation, background, problem descriptions, scope, research and analysis, design and implementation and testing carried out to develop the virtual tool – web tool

Study, Analysis and Modeling of IP Multimedia systems on next generation networks providing mobile and fixed multimedia services

Not availabl

Examining Usability, Navigation, and Multimedia Learning Principles in an Intentionally Designed Asynchronous Online College Course: A Usability Study

This qualitative study examines an asynchronous online course from a private university utilizing a template model for all online courses to provide students with consistent navigation and course structure throughout their degree program. The asynchronous online courses are purposely created using three criteria of quality course design: navigation is intuitive, information is chunked, and instructions are written clearly. A two-part usability test was conducted with three internal and three external participants. The two-part usability test focused on course navigation and examined the signaling, segmenting, and coherence principles applied to course content page layouts. Transcripts from the usability tests and observational field notes were coded through an iterative process in Nvivo. Through emic and etic coding, seven main categories were identified: user experience, cognitive load, multimedia learning principles, page design and layout attributes, course navigational attributes, course attributes and information, and participant navigational behavior. The findings for first-day navigation, general navigational behaviors, and perceptions of design elements used to implement the signaling, segmenting, and coherence principle are discussed. Course design recommendations for creating a positive usability experience and suggestions for future research are provided