Pluggable drone imaging analysis framework for mob detection during open-air events

C

Enabling emergency flow prioritization in SDN networks

Emergency services must be able to transfer data with high priority over different networks. With 5G, slicing concepts at mobile network connections are introduced, allowing operators to divide portions of their network for specific use cases. In addition, Software-Defined Networking (SDN) principles allow to assign different Quality-of-Service (QoS) levels to different network slices.This paper proposes an SDN-based solution, executable both offline and online, that guarantees the required bandwidth for the emergency flows and maximizes the best-effort flows over the remaining bandwidth based on their priority. The offline model allows to optimize the problem for a batch of flow requests, but is computationally expensive, especially the variant where flows can be split up over parallel paths. For practical, dynamic situations, an online approach is proposed that periodically recalculates the optimal solution for all requested flows, while using shortest path routing and a greedy heuristic for bandwidth allocation for the intermediate flows.Afterwards, the offline approaches are evaluated through simulations while the online approach is validated through physical experiments with SDN switches, both in a scenario with 500 best-effort and 50 emergency flows. The results show that the offline algorithm is able to guarantee the resource allocation for the emergency flows while optimizing the best-effort flows with a sub-second execution time. As a proof-of-concept, a physical setup with Zodiac switches effectively validates the feasibility of the online approach in a realistic setup

UAVaaS : efficient management of network flows and cloud infrastructures for drone applications

Unmanned Aerial Vehicles (UAV's), of beter bekend als drones, zijn een opkomende technologie met het potentieel om in verschillende industrieën te worden gebruikt om een breed scala aan toepassingen en diensten te bieden. Het aanbod van verschillende drones met verschillende toepassingsmogelijkheden heeft echter geleid tot een langzaam en omslachtig ontwikkelingsproces voor drone-toepassingen. Een oplossing voor dit probleem wordt voorgesteld in dit onderzoek waarbij het gebruik van cloud-technologieën, zoals o.a. containertechnologieën, container orchestraties en monitoring, in de ontwikkeling van dronetoepassingen is onderzocht, geimplementeerd en geëvalueerd. Daarbovenop is een totaaloplossing ontwikkeld die rekening houdt met het netwerk- en applicatiebeheer van drones door middel van containertechnologieën en 5G-netwerken. Hierdoor kan de Quality-of-Service op netwerkniveau worden behouden, kunnen er hoge prioriteiten op netwerkverkeer worden ingesteld, kunnen applicaties eenvoudig geïnstalleerd worden op drones en kan dit geheel geobserveerd worden met een monitoringsysteem

Towards distributed emergency flow prioritization in software-defined networks

Emergency services must be able to transfer data with high priority over different networks. With 5G, slicing concepts at mobile network connections are introduced, allowing operators to divide portions of their network for specific use cases. In addition, Software-Defined Networking (SDN) principles allow to assign different Quality-of-Service (QoS) levels to different network slices. This paper proposes a microservices-based framework, able to run both centralized and distributed, that guarantees the required bandwidth for the emergency flows and maximizes the best-effort flows over the remaining bandwidth based on their priority. The proposed framework consists of an offline linear model, allowing to optimize the problem for a batch of flow requests. For dynamic situations, an online approach is also required in the framework to handle new incoming flows by calculating the path with a shortest path algorithm and utilizing a greedy approach in assigning bandwidth to the intermediate flows. In this article, the linear model is evaluated through simulation, the distributed architecture is evaluated through emulation while the online approach is validated through physical experiments with SDN switches. The results show that the linear model is able to guarantee the resource allocation for the emergency flows while optimizing the best-effort flows with a sub-second execution time. The distributed architecture is able to split up the managed network into different parts, allowing division of work between controllers. As a proof-of-concept, a prototype with Zodiac switches validates the feasibility of the centralized framework

Towards cloud-based unobtrusive monitoring in remote multi-vendor environments

Nowadays, many complex multi-vendor production environments, such as telecom infrastructures in smart cities or on-board passenger information systems in trains, are based on micro-services and deployed in the cloud. From a service integrator viewpoint, building new solutions for these environments, which can host a large number of externally designed and developed micro-services, is often complex and error-prone. This is in part due to undocumented behaviour or undocumented architectural specifications of such systems. Advanced service monitoring can offer a solution to quickly detect anomalies or unexpected service interaction behaviour during on-site integration. However, the monitoring service should not have an impact on the production environment itself. Therefore, this article proposes an agent-based unobtrusive monitoring platform, capable of monitoring both internally developed and externally developed services through the use of sidecar containers. It monitors state, metrics and network traffic at micro-service level and the research was conducted as part of the DynAMo research project, a collaboration with various industry partners. Prototype evaluation proves that our solution has a negligible impact (below 0.02% CPU usage on average) on an existing micro-service environment just as other monitoring systems like Prometheus while offering additional functionality focused on multi-vendor service integration. This makes it suitable to be deployed in complex production domains to further aid on-site integration and quickly find potential new anomalies

Secure key management for multi-party computation in MOZAIK

The immense growth of data from the proliferation of Internet of Things (IoT) devices presents opportunities and challenges for privacy engineering. On the one hand, this data can be harnessed for personalized services, cost savings, and environmental benefits. On the other hand, (new) legislation must be complied with and privacy risks arise from collecting and processing of such data. Distributed privacy-preserving analytics offers a promising solution, providing insights while also protecting privacy. However, this approach has new challenges and risks, such as key management and confidentiality. When designing a data marketplace which offers distributed privacy-preserving analytics, the key management comes with different threats, which require a solution adapted to the distributed architecture. In this context, the paper presents a comprehensive, end-to-end secure system called MOZAIK for privacy-preserving data collection, analysis, and sharing. The article focuses on the key management aspect of the secure multi-party computation (MPC) component in a distributed privacy-preserving analytics architecture and the specific challenges created by introducing MPC. The proposed solution involves temporary storage of (symmetric) key shares and public-key encryption schemes to ensure secure key management for privacy-preserving computation. Our solution has the potential to be applied in other MPC-based setups, making it a valuable addition to the field of privacy engineering. By addressing key management challenges and risks, MOZAIK enhances data protection while enabling valuable insights from IoT data