Evaluation of Anonymized ONS Queries

Electronic Product Code (EPC) is the basis of a pervasive infrastructure for the automatic identification of objects on supply chain applications (e.g., pharmaceutical or military applications). This infrastructure relies on the use of the (1) Radio Frequency Identification (RFID) technology to tag objects in motion and (2) distributed services providing information about objects via the Internet. A lookup service, called the Object Name Service (ONS) and based on the use of the Domain Name System (DNS), can be publicly accessed by EPC applications looking for information associated with tagged objects. Privacy issues may affect corporate infrastructures based on EPC technologies if their lookup service is not properly protected. A possible solution to mitigate these issues is the use of online anonymity. We present an evaluation experiment that compares the of use of Tor (The second generation Onion Router) on a global ONS/DNS setup, with respect to benefits, limitations, and latency.Comment: 14 page

Internet of things for medication control: e-health architecture and service implementation

The use of Radio Frequency Identification technology (RFID) in medical context enables drug identification but also a rapid and, of course, precise identification of patients, physicians, nurses or any other health caregiver. Combining RFID tag identification with structured and secure Internet of Things (IoT) solutions, one can establish a ubiquitous and quick access to any type of medical related records, as long as one can control and adequately secure all the Internet mediated interactions. This paper presents an e-Health service architecture, along with the corresponding Internet of Things prototype implementation, that makes use of RFID tags and Electronic Product Codes (EPC) standards, in order to easily establish in a ubiquitous manner a medication control system. The system, presented and tested, has a web interface and allowed for a first evaluation of the e-health proposed service. As the service is mainly focused on elderly Ambient Assisted Living (AAL) solutions, all these technologies - RFID, EPC, Object Naming Service (ONS) and IoT – have been integrated into a suitable system, able to promote better patient/physician, patient/nurse and, generally, any patient/health caregiver, interactions. The whole prototype service, entitled "RFID-based IoT for Medication Control", and its web interface are presented and evaluated.FEDER Funds through the Programa Operacional Fatores de Competitividade – COMPETE and by National Funds through the FCT - Fundação para a Ciência e a Tecnologia (Portuguese Foundation for Science and Technology) within project FCOMP-01-0124-FEDER-02267

Korkean tavoitettavuuden tarjonta SIP-verkossa

SIP (Session Initiation Protocol) on protokolla, jonka avulla muodostetaan multimediasessiota kohteiden välillä internetin välityksellä. SIP-verkko muodostuu useasta SIP-protokollaa ymmärtävästä laitteesta ja korvaa lankapuhelinverkon. Unsinöörityön tilaajana oli tekniikan alan yritys, ja työn tavoitteena oli suunnitella järjestelmä, joka tarjoaa korkeaa saatavuutta jo olemassa olevan SIP-verkon ympärille. Suunnittelun jälkeen järjestelmä rakennettiin testiympäristöön ja testattiin järjestelmän toiminta esimerkkipuheluilla. Järjestelmän oli tarkoitus myös helpottaa asiakasyhteyksien siirtoa sisäisestä järjestelmästä toiseen ja tarjota mahdollisuus lisätä sisäisiä järjestelmiä tekemättä muutoksia asiakkaiden tai yhteistyökumppaneiden järjestelmiin. Työssä tutkittiin SIP-protokollan ja käytettävien ohjelmistojen ominaisuuksia. Tutkimusten perusteella saatiin yleisnäkemys siitä, miten korkeaa tavoitettavuutta voidaan lähteä tarjoamaan. Tämän jälkeen suunniteltiin muutostyö, joka myöhemmin toteutettiin. Järjestelmän toimivuus todennettiin esimerkkipuheluilla. Kuormitustestissä ajettiin puheluita verkon läpi ennen muutostyötä ja sen jälkeen, ja kuormitustestin tulokset kertoivat suorituskyvyn parantuneen. Korkea tavoitettavuus todennettiin tarkastelemalla SIP-signalointia toisen keskuksen sulkemisen jälkeen. Korkean tavoitettavuuden tarjoaminen välityspalvelimien avulla onnistui hyvin.SIP (Session Initiation Protocol) is a protocol which is used to establish multimedia sessions between endpoints over the internet. A SIP network is a network which includes two or more devices that can understand SIP and the SIP network will replace a landline network. This study was made for an information technology company and the purpose of this study was to plan a system that provides high-availability in the existing SIP-network. After planning, the system was deployed in a testing environment and then tested with testing calls. The system will also provide an easier way to transfer customer connections from an internal system to another and provide the ability to add internal systems without making changes to customers’ or partners’ systems. First, research was carried out about the SIP protocol and software which were used in the implementation. As a result, an overview was done on how to implement high-availability in an existing network. After the research the modifications were designed, implemented and verified. The functionality of the system was verified with example calls. In the load test, calls were made through the network before and after the modifications and the load test results showed that the performance improved. High availability was verified by examining SIP signaling after shutting down the second node of the core proxy. In conclusion, providing high-availability using an edge proxy was successful

Towards persistent resource identification with the uniform resource name

The exponential growth of the Internet, and the subsequent reliance on the resources it connects, has exposed a clear need for an Internet identifier which remains accessible over time. Such identifiers have been dubbed persistent identifiers owing to the promise of reliability they imply. Persistent naming systems exist at present, however it is the resolution of these systems into what Kunze, (2003) calls persistent actionable identifiers which is the focus of this work. Actionable identifiers can be thought of as identifiers which are accessible in a simple fashion such as through a web browser or through a specific application. This thesis identifies the Uniform Resource Name (URN) as an appropriate identification scheme for persistent resource naming. Evaluation of current URN systems finds that no practical means of global URN resolution is currently available. Two ,new approaches to URN resolution, unique in their use of the Domain Name System (DNS) are introduced. The proposed designs are assessed according to their Usability, Security and Evolution and an implementation described for an example URN namespace of language identifiers

Privacy Enhanced DNS

インターネット上でのコミュニケーションの手段の多様化に伴い、アプリケーションごとの様々なアドレスや番号を一元管理する仕組みとしてENUMが考え出された。ENUMのような新しい仕組みの中でDNSを用いることによって、これまでにない問題が浮上してきた。プライバシーの問題である。DNSはその構成上、登録されたデータが世界に公開される。ENUMではe-mailアドレスやSIPアドレスといった個人情報になりうるものがDNSに登録されるが、それを隠す技術が存在しない。本論文ではこのようなプライバシーを守る手段として、DNSに登録されるデータである資源レコード情報をDNS管理者が自由に隠せる仕組みを提案する。ENUMで用いられるNAPTR資源レコードだけでなく、任意の資源レコードを隠せるようにすることで、今後DNSのデータを隠したい場面が現れた場合にも有効であるようにした。卒業論

Measurement and Evaluation of ENUM Server Performance

ENUM is a protocol standard developed by the Internet Engineering Task Force (IETF) for translating the E.164 phone numbers into Internet Universal Resource Identifiers (URIs). It plays an increasingly important role as the bridge between Internet and traditional telecommunications services. ENUM is based on the Domain Name System (DNS), but places unique performance requirements on DNS server. In particular, ENUM server needs to host a huge number of records, provide high query throughput for both existing and non-existing records in the server, maintain high query performance under update load, and answer queries within a tight latency budget. In this report, we evaluate and compare performance of serving ENUM queries by three servers, namely BIND, PDNS and Navitas. Our objective is to answer whether and how these servers can meet the unique performance requirements of ENUM. Test results show that the ENUM query response time on our platform has always been on the order of a few milliseconds or less, so this is likely not a concern. Throughput then becomes the key. The throughput of BIND degrades linearly as the record set size grows, so BIND is not suitable for ENUM. PDNS delivers higher performance than BIND in most cases, while the commercial Navitas server presents even better ENUM performance than PDNS. Under our 5M-record set test, Navitas server with its default configuration consumes one tenth to one sixth the memory of PDNS, achieves six times higher throughput for existing records and an order of two magnitudes higher throughput for non-existing records than the bottom line PDNS server without caching. The throughput of Navitas is also the highest among the tested servers when the database is being updated in the background. We investigated ways to improve PDNS performance. For example, doubling CPU processing power by putting PDNS and its backend database in two separate machines can increase PDNS throughput for existing records by 45% and that for nonexisting records by 40%. Since PDNS is open source, we also instrumented the source code to obtain a detailed profile of contributions of various systems components to the overall latency. We found that when the server is within its normal load range, the main component of server processing latency is caused by backend database lookup operations. Excessive number of backend database lookups is the reason that makes PDNS throughput for non-existing records its key weakness. We studied using PDNS caching to reduce the number of database lookups. With a full packet cache and a modified cache maintenance mechanism, the PDNS throughput for existing records can be improved by 100%. This brings the value to one third of its Navitas counterpart. After enabling the PDNS negative query cache, we improved PDNS throughput for non-existing records to the level comparable to its throughput for existing records, but this result is still an order of magnitude lower than the corresponding value in Navitas. Further improvements of PDNS throughput for non-existing records will require optimization of related processing mechanism in its implementation

Performance Evaluation of ENUM Name Servers

ENUM is a protocol for mapping E.164 telephone numbers into Internet URIs. In this paper, we present a performance evaluation of ENUM name servers considering the new requirements and challenges imposed on traditional DNS  servers with the incorporation of ENUM protocol. We defined three performance metrics for this performance evaluation: query throughput, response time, and CPU usage. Using a benchmarking testbed, we eval-uated four name servers implementations (BIND, MyDNS-NG, NSD and PowerDNS) in different scenarios considering distinct size of database and types of records being queried. Moreover, we improved the existing methodology for this kind of evaluation, since we identified the limitations of DNSPerf and proposed a new procedure for the evaluation. Results show that BIND and NSD servers achieved a high query throughput with great scalability features. On the other hand, PowerDNS server had a lower throughput and high sensibil-ity to database size. MyDNS-NG server presented a quite low query throughput and poor scalability and, therefore, it is not suitable for ENUM purposes. These results bring to light a new reality for studies of ENUM servers, since they have not been evaluated in such a extended scenarios and size of the database