An Architecture for QoS-capable Integrated Security Gateway to Protect Avionic Data Network

International audienceWhile the use of Internet Protocol (IP) in aviation allows new applications and benefits, it opens the doors for security risks and attacks. Many security mechanisms and solutions have evolved to mitigate the ever continuously increasing number of network attacks. Although these conventional solutions have solved some security problems, they also leave some security holes. Securing open and complex systems have become more and more complicated and obviously, the dependence on a single security mechanism gives a false sense of security while opening the doors for attackers. Hence, to ensure secure networks, several security mechanisms must work together in a harmonic multi-layered way. In addition, if we take QoS requirements into account, the problem becomes more complicated and necessitates in-depth reflexions. In this paper, we present the architecture of our QoS-capable integrated security gateway: a gateway that highly integrates well chosen technologies in the area of network security as well as QoS mechanisms to provide the strongest level of security for avionic data network; our main aim is to provide both multi-layered security and stable performances for critical network applications

Coastal sea level monitoring in the Mediterranean and Black seas

Employed for over a century, the traditional way of monitoring sea level variability by tide gauges – in combination with modern observational techniques like satellite altimetry – is an inevitable ingredient in sea level studies over the climate scales and in coastal seas. The development of the instrumentation, remote data acquisition, processing, and archiving in the last decades has allowed the extension of the applications to a variety of users and coastal hazard managers. The Mediterranean and Black seas are examples of such a transition – while having a long tradition of sea level observations with several records spanning over a century, the number of modern tide gauge stations is growing rapidly, with data available both in real time and as a research product at different time resolutions. As no comprehensive survey of the tide gauge networks has been carried out recently in these basins, the aim of this paper is to map the existing coastal sea level monitoring infrastructures and the respective data availability. The survey encompasses a description of major monitoring networks in the Mediterranean and Black seas and their characteristics, including the type of sea level sensors, measuring resolutions, data availability, and existence of ancillary measurements, altogether collecting information about 240 presently operational tide gauge stations. The availability of the Mediterranean and Black seas sea level data in the global and European sea level repositories has been also screened and classified following their sampling interval and level of quality check, pointing to the necessity of harmonization of the data available with different metadata and series in different repositories. Finally, an assessment of the networks' capabilities for their use in different sea level applications has been done, with recommendations that might mitigate the bottlenecks and ensure further development of the networks in a coordinated way, a critical need in the era of human-induced climate changes and sea level rise.En prens

Multi-level Authentication Based Single Sign-On for IMS Services

Part 2: Work in ProgressInternational audienceThe IP multimedia Subsystem (IMS) is the evolution of the 3G mobile networks towards new generation networks (NGN) that are only IP based. This architectural framework is seen as a key element for achieving network convergence defining a new horizontal integrated service offering, based on a common signaling protocol (SIP) for all multimedia services such as Voice over IP, Video call, or instant messaging. However the present deployment of IMS is specified according to a specific model, the so called walled-garden. In this model the applications are only provided to the users within the same operator so that the users will not have to look for applications outside the IMS garden. It is a very restrictive access mode for the users because they remain dependent on services offered by the provider and can consequently not choose freely applications they want to subscribe for. The goal of this paper is to include Single Sign-On (SSO) features in the standing IMS architectures to allow the user accessing all the applications, even the external ones transparently, simulating a walled-garden environment. We also introduce the notion of security level that will be affected to the SPs, and implementing it in what we can call “a Multi-level authentication model”

Reducing Satellite Communication Cost Using Terrestrial Peer-to-Peer for Lost Recovery

A practical solution to implement IP multicast service may consist in using a geostationary satellite. The broadcast nature and the large coverage zone of such systems make it possible for a source to reach a potentially very large number of receivers with only one hop. In the context of reliable multicast communications, a hybrid satellite/terrestrial approach based on communication costs is described. Due to particular data dissemination resulting from the satellite communication phase, ad-hoc lost recovery peer-to-peer mechanisms are specially designed and evaluated through simulations. I