Reflections on security options for the real-time transport protocol framework

The Real-time Transport Protocol (RTP) supports a range of video conferencing, telephony, and streaming video ap- plications, but offers few native security features. We discuss the problem of securing RTP, considering the range of applications. We outline why this makes RTP a difficult protocol to secure, and describe the approach we have recently proposed in the IETF to provide security for RTP applications. This approach treats RTP as a framework with a set of extensible security building blocks, and prescribes mandatory-to-implement security at the level of different application classes, rather than at the level of the media transport protocol

Reinterpreting the transport protocol stack to embrace ossification

Ubiquitous deployment of middleboxes has resulted in ossification of the transport layer, with TCP and UDP becoming part of the narrow waist of the Internet. This is a necessary stage in the evolution of the network, caused by its progression from research, to production, to increasingly critical infrastructure. New transport layer protocols will be needed in future, but since we are working with essential infrastructure, we cannot expect to have scope to make wholesale rapid changes. Future development must be done using the existing protocols as substrates, always maintaining on-the-wire compatibility. To advance, we must embrace the ossification of the network, and learn to reinterpret and extend the existing protocols

Raising the Datagram API to Support Transport Protocol Evolution

Some application developers can wield huge resources to build new transport protocols, for these developers the present UDP Socket API is perfectly fine. They have access to large test beds and sophisticated tools. Many developers do not have these resources. This paper presents a new high-level Datagram API that is for everyone else, this has an advantage of offering a clear evolutionary path to support new requirements. This new API is needed to move forward the base of the system, allowing developers with limited resources to evolve their applications while accessing new network services

Post Sockets: Towards an Evolvable Network Transport Interface

The traditional Sockets API is showing its age, and no longer provides effective support for modern networked applications. This has led to a proliferation of non-standard extensions, alternative APIs, and workarounds that enable new features and allow applications to make good use of the network, but are difficult to use, and require expert knowledge that is not widespread. In this paper, we present Post Sockets, a proposed new standard network API, that is designed to support modern network transport protocols and features, while raising the level of abstraction and enhancing usability. Specifically, Post Sockets aims to give portable applications the ability to use a clear, messages based, interface to multi-path and multi-stream transports, rendezvous and connection racing, and fast connection re-establishment

Requirement analysis for building practical accident warning systems based on vehicular ad-hoc networks

An Accident Warning System (AWS) is a safety application that provides collision avoidance notifications for next generation vehicles whilst Vehicular Ad-hoc Networks (VANETs) provide the communication functionality to exchange these notifi- cations. Despite much previous research, there is little agreement on the requirements for accident warning systems. In order to build a practical warning system, it is important to ascertain the system requirements, information to be exchanged, and protocols needed for communication between vehicles. This paper presents a practical model of an accident warning system by stipulating the requirements in a realistic manner and thoroughly reviewing previous proposals with a view to identify gaps in this area

Does Disaggregrated Compute Require a New Programming Paradigm?

No abstract available

Peer-to-Peer Secure Updates for Heterogeneous Edge Devices

We consider the problem of securely distributing software updates to large scale clusters of heterogeneous edge compute nodes. Such nodes are needed to support the Internet of Things and low-latency edge compute scenarios, but are difficult to manage and update because they exist at the edge of the network behind NATs and firewalls that limit connectivity, or because they are mobile and have intermittent network access. We present a prototype secure update architecture for these devices that uses the combination of peer-to-peer protocols and automated NAT traversal techniques. This demonstrates that edge devices can be managed in an environment subject to partial or intermittent network connectivity, where there is not necessarily direct access from a management node to the devices being updated

A two-level Markov model for packet loss in UDP/IP-based real-time video applications targeting residential users

The packet loss characteristics of Internet paths that include residential broadband links are not well understood, and there are no good models for their behaviour. This compli- cates the design of real-time video applications targeting home users, since it is difficult to choose appropriate error correction and concealment algorithms without a good model for the types of loss observed. Using measurements of residential broadband networks in the UK and Finland, we show that existing models for packet loss, such as the Gilbert model and simple hidden Markov models, do not effectively model the loss patterns seen in this environment. We present a new two-level Markov model for packet loss that can more accurately describe the characteristics of these links, and quantify the effectiveness of this model. We demonstrate that our new packet loss model allows for improved application design, by using it to model the performance of forward error correction on such links

Consolidating Streams to Improve DASH Cache Utilisation

Existing HTTP caches interact poorly with multiple Dynamic Adaptive Streaming over HTTP (DASH) streams of the same content: time and quality differences prevent a complete representation from being cached, reducing hit-ratios. We propose to consolidate near-simultaneous streams based on time or quality, where the improved cache performance makes this worthwhile. We estimate that there is a sufficient number of near-simultaneous streams for our proposed techniques to improve cache hit-ratios

Consolidating Streams to Improve DASH Cache Utilisation

Existing HTTP caches interact poorly with multiple Dynamic Adaptive Streaming over HTTP (DASH) streams of the same content: time and quality differences prevent a complete representation from being cached, reducing hit-ratios. We propose to consolidate near-simultaneous streams based on time or quality, where the improved cache performance makes this worthwhile. We estimate that there is a sufficient number of near-simultaneous streams for our proposed techniques to improve cache hit-ratios