Incast mitigation in a data center storage cluster through a dynamic fair-share buffer policy

Incast is a phenomenon when multiple devices interact with only one device at a given time. Multiple storage senders overflow either the switch buffer or the single-receiver memory. This pattern causes all concurrent-senders to stop and wait for buffer/memory availability, and leads to a packet loss and retransmission—resulting in a huge latency. We present a software-defined technique tackling the many-to-one communication pattern—Incast—in a data center storage cluster. Our proposed method decouples the default TCP windowing mechanism from all storage servers, and delegates it to the software-defined storage controller. The proposed method removes the TCP saw-tooth behavior, provides a global flow awareness, and implements the dynamic fair-share buffer policy for end-to-end I/O path. It considers all I/O stages (applications, device drivers, NICs, switches/routers, file systems, I/O schedulers, main memory, and physical disks) while achieving the maximum I/O throughput. The policy, which is part of the proposed method, allocates fair-share bandwidth utilization for all storage servers. Priority queues are incorporated to handle the most important data flows. In addition, the proposed method provides better manageability and maintainability compared with traditional storage networks, where data plane and control plane reside in the same device

Security and blockchain convergence with internet of multimedia things : current trends, research challenges and future directions

The Internet of Multimedia Things (IoMT) orchestration enables the integration of systems, software, cloud, and smart sensors into a single platform. The IoMT deals with scalar as well as multimedia data. In these networks, sensor-embedded devices and their data face numerous challenges when it comes to security. In this paper, a comprehensive review of the existing literature for IoMT is presented in the context of security and blockchain. The latest literature on all three aspects of security, i.e., authentication, privacy, and trust is provided to explore the challenges experienced by multimedia data. The convergence of blockchain and IoMT along with multimedia-enabled blockchain platforms are discussed for emerging applications. To highlight the significance of this survey, large-scale commercial projects focused on security and blockchain for multimedia applications are reviewed. The shortcomings of these projects are explored and suggestions for further improvement are provided. Based on the aforementioned discussion, we present our own case study for healthcare industry: a theoretical framework having security and blockchain as key enablers. The case study reflects the importance of security and blockchain in multimedia applications of healthcare sector. Finally, we discuss the convergence of emerging technologies with security, blockchain and IoMT to visualize the future of tomorrow's applications. © 2020 Elsevier Lt

A patient agent controlled customized blockchain based framework for internet of things

Although Blockchain implementations have emerged as revolutionary technologies for various industrial applications including cryptocurrencies, they have not been widely deployed to store data streaming from sensors to remote servers in architectures known as Internet of Things. New Blockchain for the Internet of Things models promise secure solutions for eHealth, smart cities, and other applications. These models pave the way for continuous monitoring of patient’s physiological signs with wearable sensors to augment traditional medical practice without recourse to storing data with a trusted authority. However, existing Blockchain algorithms cannot accommodate the huge volumes, security, and privacy requirements of health data. In this thesis, our first contribution is an End-to-End secure eHealth architecture that introduces an intelligent Patient Centric Agent. The Patient Centric Agent executing on dedicated hardware manages the storage and access of streams of sensors generated health data, into a customized Blockchain and other less secure repositories. As IoT devices cannot host Blockchain technology due to their limited memory, power, and computational resources, the Patient Centric Agent coordinates and communicates with a private customized Blockchain on behalf of the wearable devices. While the adoption of a Patient Centric Agent offers solutions for addressing continuous monitoring of patients’ health, dealing with storage, data privacy and network security issues, the architecture is vulnerable to Denial of Services(DoS) and single point of failure attacks. To address this issue, we advance a second contribution; a decentralised eHealth system in which the Patient Centric Agent is replicated at three levels: Sensing Layer, NEAR Processing Layer and FAR Processing Layer. The functionalities of the Patient Centric Agent are customized to manage the tasks of the three levels. Simulations confirm protection of the architecture against DoS attacks. Few patients require all their health data to be stored in Blockchain repositories but instead need to select an appropriate storage medium for each chunk of data by matching their personal needs and preferences with features of candidate storage mediums. Motivated by this context, we advance third contribution; a recommendation model for health data storage that can accommodate patient preferences and make storage decisions rapidly, in real-time, even with streamed data. The mapping between health data features and characteristics of each repository is learned using machine learning. The Blockchain’s capacity to make transactions and store records without central oversight enables its application for IoT networks outside health such as underwater IoT networks where the unattended nature of the nodes threatens their security and privacy. However, underwater IoT differs from ground IoT as acoustics signals are the communication media leading to high propagation delays, high error rates exacerbated by turbulent water currents. Our fourth contribution is a customized Blockchain leveraged framework with the model of Patient-Centric Agent renamed as Smart Agent for securely monitoring underwater IoT. Finally, the smart Agent has been investigated in developing an IoT smart home or cities monitoring framework. The key algorithms underpinning to each contribution have been implemented and analysed using simulators.Doctor of Philosoph

Virtual network function development for NG-PON Access Network Architecture

Dissertação de mestrado em Engenharia de Redes e Serviços TelemáticosThe access to Internet services on a large scale, high throughput and low latency has grown at a very high pace over time, with a growing demand for media content and applications increasingly oriented towards data consumption. This fact about the use of data at the edge of the network requires the Central Offices (CO) of telecommunication providers, to be pre pared to absorb these demands. COs generally offer data from various access methods, such as Passive Optical Network (PON) technologies, mobile networks, copper wired and oth ers. For each of these technologies there may be different manufacturers that support only their respective hardware and software solutions, although they all share different network resources and have management, configuration and monitoring tools (Fault, Configuration, Accounting, Performance, and Security management - FCAPS) similar, but being distinct and isolated from each other, which produces huge investment in Capital Expenditure (CAPEX) and Operational Expenditure (OPEX) and can cause barriers to innovation. Such panora mas forced the development of more flexible, scalable solutions that share platforms and net work architectures that can meet this need and enable the evolution of networks. It is then proposed the architecture of Software-Defined Network (SDN) which has in its proposal to abstract the control plane from the data plane, in addition to the virtualization of several Net work Function Virtualization (NFV). The SDN architecture allows APIs and protocols such as Openflow, NETCONF / YANG, RESTCONF, gRPC and others to be used so that there is communication between the various hardware and software elements that compose the net work and consume network resources, such as services AAA, DHCP, routing, orchestration, management or various applications that may exist in this context. This work then aims at the development of a virtualized network function, namely a VNF in the context of network security to be integrated as a component of an architecture guided by the SDN paradigm applied to broadband networks, and also adherent to the architecture OB-BAA promoted by the Broadband Forum. Such OB-BAA architecture fits into the initia tive to modernize the Information Technology (IT) components of broadband networks, more specifically the Central Offices. With such development, it was intended to explore the con cepts of network security, such as the IEEE 802.1X protocol applied in NG-PON networks for authentication and authorization of new network equipment. To achieve this goal, the development of the applications was based on the Golang language combined with gRPC programmable interfaces for communication between the various elements of the architec ture. Network emulators were initially used, and then the components were ”containerized” and inserted in the Docker and Kubernetes virtualization frameworks. Finally, performance metrics were analyzed in the usage tests, namely computational resource usage metrics (CPU, memory and network I/O), in addition to the execution time of several processes performed by the developed applications.O acesso aos serviços de Internet em larga escala, alto débito e baixa latência têm crescido em um ritmo bastante elevado ao longo dos tempos, com uma demanda crescente por conteúdos de media e aplicações cada vez mais orientadas ao consumo de dados. Tal fato acerca da uti lização de dados na periferia da rede, obriga a que os Central Offices (CO) dos provedores de telecomunicações estejam preparados para absorver estas demandas. Os CO geralmente re cebem dados de diversos métodos de acesso, como tecnologias Passive Optical Network (PON), redes móveis, cabladas em cobre, entre outros. Para cada uma destas tecnologias pode haver diferentes fabricantes que suportam somente suas respetivas soluções de hardware e software, apesar de todas compartilharem diversos recursos de rede e possuírem ferramentas de gestão, configuração e monitoração (Fault-management, Configuration, Accounting, Performance e Segurança - FCAPS) similares, mas serem distintas e isoladas entre si, o que se traduz em um enorme investimento em Capital Expenditure (CAPEX) e Operational Expenditure (OPEX) e pode causar barreiras à inovação. Tais panoramas forçaram o desenvolvimento de soluções mais flexíveis, escaláveis e que compartilhem plataformas e arquiteturas de redes que pos sam suprir tal necessidade e possibilitar a evolução das redes. Propõe-se então a arquitetura de redes definidas por software (Software-Defined Network - SDN) que tem em sua proposta abstrair o plano de controle do plano de dados, além da virtualização de diversas funções de rede (Network Function Virtualization - NFV). A arquitetura SDN possibilita que API’s e pro tocolos como Openflow, NETCONF/YANG, RESTCONF, gRPC e outros, sejam utilizados para que haja comunicação entre os diversos elementos de hardware e software que estejam a compor a rede e a consumir recursos de redes, como serviços de AAA, DHCP, roteamento, orquestração, gestão ou diversas outras aplicações que possam existir neste contexto. Este trabalho visa então o desenvolvimento de uma função de rede virtualizada nomeada mente uma (Virtual Network Function - VNF) no âmbito de segurança de redes a ser integrada como um componente de uma arquitetura orientada pelo paradigma de SDN aplicado a re des de banda larga, e aderente também à arquitetura OB-BAA promovida pelo Broadband Fo rum. Tal arquitetura OB-BAA se enquadra na iniciativa de modernização dos componentes de Tecnologia da Informação (TI) das redes de banda larga, mais especificamente dos Cen tral Offices. Com tal desenvolvimento pretende-se explorar conceitos de segurança de redes, como o protocolo IEEE 802.1X aplicado em redes NG-PON para autenticação e autorização de novos equipamentos de rede. Para atingir tal objetivo, utilizou-se desenvolvimento de aplicações baseadas na linguagem Golang aliado com interfaces programáveis gRPC para comunicação entre os diversos elementos da arquitetura. Para emular tais componentes, utilizou-se inicialmente emuladores de rede, e em um segundo momento os componentes foram ”containerizados” e inseridos nos frameworks de virtualização Docker e Kubernetes.Por fim, foram analisadas métricas de desempenho nos testes executados, nomeadamente métricas de utilização de recursos computacionais (CPU, memória e tráfego de rede), além do tempo de execução de diversos processos desempenhados pelas aplicações desenvolvidas

Impact of regulatory aspects on 5G mobile communication systems

The fifth generation of mobile communication networks generally known as 5G is a technology that, if we read anything about it we can arrive to the conclusion that it can be a revolution in many aspects. Starting with the great change that the telephone introduced, followed by the great improvements that the mobile phones carried along with them and finally internet and broadband access from any part of the world with a pocket device, we arrive to a time where 5G not only will it improve the existing technologies but it will allow the development of new inventions such as Internet of Things (IoT) that up to the date is reduced to various experiments and trials. The fifth generation of mobile communication systems will allow the development of applications, data models, data analysis at very high speeds, sensor measurements, and data transmissions instantly and a very long list of other things that will result in a revolution in one hand for the people’s lives and in the other to the markets and the way the companies carry out their business models and their internal and external general management. People’s quality of life will be affected substantially thanks to the establishment of 5G. This will be achieved thanks to the high speeds and the characteristics that 5G includes, and it will allow, for example, that a refrigerator can inform its owner about what products are needed or about what food is about to expire. This simple example is only one of many others that we can find when talking about 5G. Nonetheless, in order to be able to enjoy these advantages that 5G incorporates, it is necessary to conduct a development and deployment in an agreed upon way between all the different organisms and bearing in mind the regulatory aspects and the legislation valid and that needs to be developed in order to have a correct deployment. To do this, the regulatory organisms, and the commissions of the different countries have to agree between them and investigate what is the best way to provide the best standards, and to ease and speed up the deployments and start-ups of this new technology. After developing a detail study of the current requirements, objectives and the legislation and standardization, as well as the state of art of the technologies that provide us with the services that we enjoy nowadays, I have studied the barriers and drivers for the deployment of 5G. Finally, and after this previous study, I have analysed the possible deployments for this technology and how will it affect to the economic and social environment the use of these types of mobile communications. At the same time I have arrived to the final conclusions that 5G will be a complete revolution and anything that enables and eases the implementation has to be welcome.La quinta generación de redes de telecomunicaciones móviles comúnmente conocida como 5G es una tecnología de la que, si leemos cualquier información, llegaremos a la conclusión de que puede suponer una revolución en muchos aspectos. Comenzando por el gran cambio que supuso la invención del teléfono, seguida por la evidente y alta mejora que introdujo el teléfono móvil y finalmente la conexión a internet y el acceso de banda ancha desde cualquier parte del mundo con un dispositivo de bolsillo, llegamos a un momento en el que el 5G no solo mejorará las tecnologías ya existentes sino que permitirá desarrollar ideas tales como el internet de las cosas que, a día de hoy, se reducen a, varios experimentos y pruebas. El 5G permitirá el desarrollo de aplicaciones, modelos de datos, análisis de datos a altas velocidades, lecturas de sensores y transmisión de datos de forma instantánea y una larga lista de mejoras más que resultará en una revolución por una parte de la vida de las personas y por otra de los mercados y de la forma en la que las empresas llevarán a cabo sus modelos de negocio y en general su gestión externa e interna. La calidad de vida de las personas se verá afectada de forma sustancial gracias a la implantación del 5G. Esto se conseguirá debido a que las altas velocidades y las características que incorpora el 5G permitirán que, por ejemplo, una nevera avise a su dueño de aquello que falte en su interior, o que le informe de aquellos productos que están a punto de caducar. Este simple ejemplo solo es uno de todos los posibles que se pueden encontrar a la hora de hablar del 5G. Sin embargo, para poder llegar a disfrutar de todas las ventajas que el 5G aporta, es necesario llevar a cabo un desarrollo y un despliegue de forma conjunta entre los diferentes organismos, y teniendo en cuenta la normativa y legislación vigente y que se necesita desarrollar, para que este despliegue sea correcto. Para ello, los organismos regulatorios y las comisiones de diferentes países, deben ponerse de acuerdo e investigar cuál será la mejor forma de proporcionar los mejores estándares y facilitar y acelerar los despliegues y puestas en marcha de esta nueva tecnología. Después de llevar a cabo un estudio detallado sobre los requisitos, objetivos y la normativa y estandarización actual, así como el estado del arte de las tecnologías que hoy nos proporcionan los servicios de los que disfrutamos, se han estudiado las barreras y los aspectos favorecedores para la implantación del 5G. Finalmente, y tras este previo estudio, se han detallado los posibles despliegues para esta tecnología y se ha estudiado como afectará al entorno económico y social la utilización de este tipo de redes de comunicaciones móviles. A su vez, se han llegado a las conclusiones finales de que el 5G supondrá toda una revolución, y que todo aquello que favorezca su despliegue e implantación, debe ser bienvenido.Ingeniería Telemátic

A REVIEW STUDY OF EUROPEAN R&D PROJECTS FOR SATELLITE COMMUNICATIONS IN 5G/6G ERA

Κατά τις τελευταίες δεκαετίες τα δορυφορικά συστήματα τηλεπικοινωνιών έχουν προσφέρει μια γκάμα από πολυμεσικές υπηρεσίες όπως δορυφορική τηλεόραση, δορυφορική τηλεφωνία και ευρυζωνική πρόσβαση στο διαδίκτυο. Οι μακροπρόθεσμες τεχνολογικές αναβαθμίσεις σε συνδυασμό με την προσθήκη νέων δορυφορικών συστημάτων γεωστατικής και ελλειπτικής τροχιάς και με την ενσωμάτωση τεχνολογιών πληροφορικής έχουν ωθήσει την αύξηση του μέγιστου εύρους των δορυφόρων στο 1Gbps σε μεμονωμένους δορυφόρους ενώ σε διάταξη αστερισμού μπορούν να ξεπεράσουν το 1 Tbps. Σε συνδυασμό με την μείωση του χρόνου απόκρισης σε ρυθμούς ανταγωνιστικούς με τις χερσαίες υποδομές ανοίγουν νέες ευκαιρίες και νέους ρόλους εντός ενός οικοσυστήματος ετερογενούς δικτύων 5ης γενιάς. Σε αυτήν την διατριβή, αξιολογούμε επιδοτούμενα επιστημονικά προγράμματα έρευνας και ανάπτυξης της Ευρωπαϊκής Επιτροπής Διαστήματος (ESA) και του προγράμματος επιδότησης Horizon 2020 της Ευρωπαϊκής Ένωσης, προκειμένου να εξηγήσουμε τις δυνατότητες των δορυφόρων εντός ενός ετερογενούς δικτύου 5ης γενιάς, αναφέρουμε συγκεκριμένα αυτά που αφορούν την εξέλιξη των δορυφορικών ψηφιακών συστημάτων και την ικανότητα ενσωμάτωσης τους σε τωρινές αλλά και μελλοντικές υποδομές χερσαίων τηλεπικοινωνιακών δικτύων μέσω της εμφάνισης νέων τεχνολογιών στις ηλεκτρονικές και οπτικές επικοινωνίες αέρος μαζί με την εμφάνιση τεχνολογιών πληροφορικής όπως της δικτύωσης βασισμένης στο λογισμικό και της εικονικοποίησης λειτουργιών δικτύου. Αναφερόμαστε στους στόχους του κάθε project ξεχωριστά και κατηγοριοποιημένα στους ακόλουθους τομείς έρευνας: -Συσσωμάτωση των δορυφόρων με τα επίγεια δίκτυα 5ης γενιάς με οργανωμένες μελέτες και στρατηγικές -Ενσωμάτωση των τεχνολογιών δικτύωσης βασισμένης στο λογισμικό και εικονικοποίησης λειτουργιών δικτύου στο δορυφορικών τμήμα των δικτύων 5ης γενιάς -Ο ρόλος των δορυφόρων σε εφαρμογές του διαδικτύου των πραγμάτων σε συνάφεια με τα χερσαία δίκτυα 5ης γενιάς -Ο ρόλος των δορυφόρων στην δίκτυα διανομής πολυμεσικού περιεχομένου & η επιρροή των πρωτοκόλλων διαδικτύου στην ποιότητα υπηρεσίας χρήστη κατά την διάρκεια μιας δορυφορικής σύνδεσης. -Μελλοντικές βελτιώσεις και εφαρμογές στα δορυφορικά συστήματα με έμφαση στα μελλοντικά πρότυπα του φυσικό επιπέδου Στο τέλος διαθέτουμε ένα παράρτημα που αφορά τεχνικές αναλύσεις στην εξέλιξη του φυσικού επιπέδου των δορυφορικών συστημάτων, συνοδευόμενο με την συσχετιζόμενη βιβλιογραφία για περαιτέρω μελέτη.Over the last decades satellite telecommunication systems offer many types of multimedia services like Satellite TV, telephony and broadband internet access. The long-term technological evolutions occurred into state-of-the-art satellite systems altogether with the addition of new high throughput geostatic and non-geostatic systems, individual satellites can now achieve a peak bandwidth of up to Gbps, and with possible extension into satellite constellation systems the total capacity can reach up to Tbps. Supplementary, with systems latency being comparable to terrestrial infrastructures and with integration of several computer science technologies, satellite systems can achieve new & more advanced roles inside a heterogeneous 5G network’s ecosystem. In this thesis, we have studied European Space Agency (ESA’s) and European Union’s (EU) Horizon 2020 Research and Development (R&D) funded projects in order to describe the satellite capabilities within a 5G heterogeneous network, mentioning the impact of the evolution of digital satellite communications and furthermore the integration with the state-of the art & future terrain telecommunication systems by new technologies occurred through the evolution of electronic & free space optical communications alongside with the integration of computer science’s technologies like Software Defined Networking (SDN) and Network Function Virtualization (NFV). In order to describe this evolution we have studied the concepts of each individual project, categorized chronically and individual by its scientific field of research. Our main scientific trends for this thesis are: -Satellite Integration studies & strategies into the 5G terrestrial networks -Integration of SDN and NFV technologies on 5G satellite component -Satellite’s role in the Internet of Things applications over 5G terrestrial networks -Satellite’s role in Content Distribution Networks & internet protocols impact over user’s Quality of Experience (QoE) over a satellite link -The future proposals upon the evolution of Satellite systems by upcoming improvements and corresponding standards Finally, we have created an Annex for technical details upon the evolution of physical layer of the satellite systems with the corresponding bibliography of this thesis for future study

Perspective Chapter: Cloud Lock-in Parameters – Service Adoption and Migration

ICT has been lauded as being revolutionised by cloud computing, which relieves businesses of having to make significant capital investments in ICT while allowing them to connect to incredibly potent computing capabilities over the network. Organisations adopt cloud computing as a way to solve business problems, not technical problems. As such, organisations across Europe are eagerly embracing cloud computing in their operating environments. Understanding cloud lock-in parameters is essential for supporting inter-cloud cooperation and seamless information and data exchange. Achieving vendor-neutral cloud services is a fundamental requirement and a necessary strategy to be fulfilled in order to enable portability. This chapter highlights technical advancements that contribute to the interoperable migration of services in the heterogeneous cloud environment. A set of guidelines and good practices were also collected and discussed, thus providing strategies on how lock-in can be mitigated. Moreover, this chapter provides some recommendations for moving forward with cloud computing adoption. To make sure the migration and integration between on-premise and cloud happen with minimal disruption to business and results in maximum sustainable cost benefit, the chapter’s contribution is also designed to provide new knowledge and greater depth to support organisations around the world to make informed decisions

An Approach to Guide Users Towards Less Revealing Internet Browsers

When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Previous research has shown that there are numerous privacy and security risks result from exposing sensitive information in the User-Agent string. For example, it enables device and browser fingerprinting and user tracking and identification. Our large analysis of thousands of User-Agent strings shows that browsers differ tremendously in the amount of information they include in their User-Agent strings. As such, our work aims at guiding users towards using less exposing browsers. In doing so, we propose to assign an exposure score to browsers based on the information they expose and vulnerability records. Thus, our contribution in this work is as follows: first, provide a full implementation that is ready to be deployed and used by users. Second, conduct a user study to identify the effectiveness and limitations of our proposed approach. Our implementation is based on using more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available and the solution has been deployed