Wi-Fi Access point system manager

[ESP]Los estándares de comunicaciones inalámbricas especifican protocolos para asegurar las comunicaciones en el interfaz aéreo pero no indican ningún método para gestionar un sistema de AAT (autenticación,autorización y tarifación) que garantice que los protocolos especificados se activan y funcionancorrectamente. Los fabricantes de equipos de comunicaciones inalámbricos forman consorcios para desarrollar equipos con una serie de funcionalidades, que en muchos casos deriva en un estándar internacional, lo que facilita la interconexión de equipos entre diferentes fabricantes. El principal problema técnico radica en que el cliente final que adquiere esos equipos no puede activar la mayoría decapacidades del equipo a no ser que disponga de un dispositivo externo que lo haga. El dispositivo externo debe ser lo suficientemente flexible para facilitar cualquier tipo de configuración, de forma local o remota. El sistema desarrollado consiste en la implementación de 4 elementos: 1.a) Un sistema de autenticación compatible con el estandard inalámbrico. 1.b) Un sistema de presentación de páginas web dinámicas.1.c) Un sistema de gestión de datos. 1.d) Un sistema de cifrado de la información.[ENG] The standards of wireless communications specify protocols to provide secure communications in the aerial interface but they do not indicate any method to manage a AAA system (authentication, authorization and accounting) that guarantees that the specified protocols are activated and work correctly. The manufacturers of wireless communications equipment form partnerships to develop equipment with a series of functionalities, that in many cases derives in an international standard, which facilitates the interconnection of equipment between different manufacturers. The main technical problem is that the final client acquiring those equipment cannot activate most of capacities of the equipment unless an external device does it. The external device must be flexible enough to facilitate any type of configuration on local or remote. The developed system consists of the implementation of 4 elements: 1.a) An authentication method compatible with the wi-fi standard. 1.b) A system of presentation based on dynamic pages Web. 1.c) A system of data management.1.d) A system of information coding.[ESP]Una universidad española ha desarrollado un sistema que permite la gestión y configuración remota de múltiples Puntos de Acceso de una red wi-fi. Incorpora control de acceso y seguridad basadas en IEEE 802.11i. El sistema está desarrollado sobre Linux y es válido para cualquier tipo de cliente (PDA, PC, etc. Windows o Linux). La universidad está buscando socios para adaptar y comercializar la tecnología en el mercado.[ENG]UPCT, Spain. The system allows remote management and configuration of several wi-fi APs in a wireless network. It incorporates access control a security issues based on IEEE 802.11i. Developed under Linux. Valid for any kind of client. We need help for merchandising.[ESP] Reducción de costes en la ampliación de la red de datos. Aumento de la productividad de la empresa derivado del uso de redes wi-fi.Facilidad para innovar. Servicios de voz y valor añadido sobre wi-fi. [ENG] Cost reductions when deployment the data network. Gain in company productivity thanks to wi-fi networks. Innovation facility. Voice services and other added value services over wi-fi.Arquitecturas de conmutación electrónica y fotónica. Redes Overlay (desarrollo de protocolos multicast y P2P, distribución de contenidos multimedia). Calidad de servicio en redes heterogéneas.Redes inalámbicas.Redes de sensores y actuadores inalámbricos.Integración de sistemas a través de middleware.Desarrollo de aplicaciones y servicios telemáticos avanzados

Proportional bandwidth distribution in IP networks implementing the assured forwarding PHB

Recent demands for new applications are giving rise to an increasing need of Quality of Service (QoS). Nowadays, most IP-based networks tend to use the DiffServ architecture to provide end-to-end QoS. Traffic conditioners are a key element in the deployment of DiffServ. In this paper, we introduce a new approach for traffic conditioning based on feedback signaling among boundary nodes and traffic conditioners. This new approach is intended to provide a poportional distribution of excess bandwidth to endusers. We evaluate through extensive simulations the performance of our proposal in terms of final throughput, considering contracted target rates and distribution of spare bandwidth. Results show a high level of fairness in the excess bandwidth allocation among TCP sources under different network conditions

End-to-end TCP performance of the couple CBM traffic conditioner and RIO buffer management in a three node topology

Despite the abundant literature written about the AF PHB, no solution has been found to efficiently face up its two goals, assuring a minimum rate to the users and offering a fair distribution of the excess bandwidth if available. The Counters Based Modified (CBM) traffic conditioner, presented in a previous work, is able to achieve these objectives in single-node topologies. This paper raises issues with providing bandwidth assurance and spare bandwidth distribution for TCP flows in more complex topologies than usual. Simulation results explore the effect of target rates, round trip times, and efficiency of CBM when up to three network nodes implement service differentiation, including in some cases the coexistence of assured service and best-effort traffics.This work was supported by the Spanish Research Council under projects TEC2004-05622-C04-02/TCM and TIC2001-3339-C02-02

Application of artificial intelligence to refrigeration systems

Refrigeration systems currently use 20% of the total electrical energy, and this consumption is expected to increase by more than 30% between now and 2050. The optimization of these systems makes it possible to minimize CO2 emissions, increase energy efficiency and reduce costs. However, refrigeration system optimization problems are complex and time consuming. This is where sensorization and artificial intelligence come into play. Not many years ago, refrigeration systems were controlled with analog thermostats, and centralized supervision by SCADA systems using the data from sensors. Currently, we are in a completely digitized world thanks to massive sensorization, which is possible due to the development of the IoT (Internet of Things). The fundamental premise of the IoT is to connect the unconnectable by enabling new services and experiences. Complex machines and systems such as refrigeration systems can be measured comprehensively, down to the component level, and their data streams studied in real-time analysis systems. In this case, artificial intelligence can take the data to drive decision-making

A certification authority for elliptic curve X.509v3. Certificates

Wireless networks are more and more common in current communications networks. Nevertheless, wireless communications entail a big concern: security. The use of X.509v3 certificates to carry out authentication tasks is an approach to improve security. These certificates are usually employed with the RSA algorithm. Elliptic Curve Cryptography (ECC) is a cryptographic technique eminently suited for small devices, like those used in wireless communications, and is gaining momentum. The main advantage of ECC versus RSA is that for the same level of security it requires a much sorter key length. The purpose of this work is to design and implement a free open-source Certification Authority able to issue X.509v3 certificates using ECC. This research is an implementation study on free open-source tools to issue digital certificates using ECC. Moreover, it contributes to the development of free open-source tools for network security based on ECC. The result of this research may assist organizations to increase their security level in wireless devices and networks, in a costless way, by including authentication techniques based on ECC digital certificates

Experimental Tests on SCTP over IPSec

As telecommunication technologies evolve, security in communications becomes a more and more relevant issue. IPSec is a set of protocols aiming to enhance security at the IP layer. Specifically, IPSec and IKE are important security mechanism that provide cryptographic-based protection for IP packets, and consequently for IP services. SCTP is a standardized transport protocol whose main features include multihoming and multistreaming, and is gaining momentum as a general-purpose transport protocol. While the simultaneous use of these two protocols is feasible, it is under study how to make them work efficiently. In this paper, we present a simple method to improve SCTP-IPSec-IKE compatibility by modifying the structure of the Security Associations. Despite the conceptual simplicity of our proposal, it has not been proposed before in related literature.This research has been supported by project grant TEC2007-67966-01/TCM (CON-PARTE-1) and it is also developed in the framework of "Programa de Ayudas a Grupos de Excelencia de la Región de Murcia, de la Fundación Séneca, Agencia de Ciencia y Tecnología de la RM (Plan Regional de Ciencia y Tecnología 2007/2010)

Internet measurements and data study over the regional network Ciez@net

In this paper we present the most signifcant results studying the Internet network traffic measurements obtained in Ciez@net. Ciez@net is a citizen subnet located in the village of Cieza that belongs to the regional network of the Autonomous Community of Murcia in Spain. This subnet is one of the firsts pilot experiences of a Digital City in Europe and the first in the Region of Murcia. The goal is the seamless introduction of the Information Society in a medium-size population. Access to advanced electronic information services is stimulated or subsidized for an effective penetration. These measurements will allow a qualitative and quantitative knowledge of the network trafJic in order to achieve a most effective network resource provisioning and Internet trafic forecasting in a real scenario. A suitable dimensioning of the network as well as an adequate provisioning of Quality of Service to users may depend partially on these results. Measurements were taken from a Frame Relay link connecting Ciez@net’s users to Internet through the main node located in Murcia city. We used a promiscuous network analyzer that avoids intelfering in the network trafic. We report results of traffic load, network pelformance, percentage composition of trafJic by protocol and type of application, and IP packet size distribution in both, up and down communications streams.This work was partly supported by the Spanish Research Council under grant TIC2000- 1734- CO3-03 and by the Fundaci6n Integra under project 01 24

A new proposal for assuring services in internet

In this paper we present a new mechanism to provide an assured service in terms of target rate and fair excess bandwidth, like the Internet Assured Service. Research in Internet Assured Service faced up both questions in separate ways proposing different traffic conditioners to work with the RIO buffer management, and proposing different modifications to this buffer management, among others. In this work, we suggest using a buffer management scheme different from RIO that also treats in-of-profile and out-of-profile packets differently but avoiding interference between them. This scheme is used together with the Counters Based traffic conditioner because of its high accuracy in guaranteeing target rates. We evaluate and compare by simulation the performance of our proposal using TCP RENO sources. One important issue to be considered is that the proposal is a feasible alternative to the standard architecture for Differentiated Services in Internet.This work was supported by the Spanish Research Council under grant TIC2000-1734- C03-03

Análisis de las prestaciones del acondicionador de tráfico CBM en un dominio DiffServ

The Counters-Based Modified (CBM) traffic conditioner was introduced in a previous work as a feasible option to implement the Assured Forwarding (AF) service in DiffServ. In this paper we present an end-to-end performance analysis of TCP Reno sources that employ the CBM in a DiffServ domain. We present simulation results in a three-RIO-node topology under miscellaneous characteristics: different contract rates, heterogeneous RTT, co-existance of best-effort and AF sources, and eficience of CBM when some network node does not implement service differentiation. As shown in simulation results, it is possible to guarantee an AF service that ensures contracted target rates and performs a fair share of the excess bandwidth.Este trabajo se enmarca dentro del proyecto CICYT FAR-IP (TIC2000-1734-C03-03)

Performance evaluation of profiler mechanisms for the internet assured service

As Internet is rapidly growing and receiving traffic from multimedia applications that are sensitive to available bandwidth and delay experienced in the network, there is a strong need for quality of service (QoS) support. The Integrated and Differentiated Service models are two approaches for adding QoS to Internet. The Assured Service is an end-to-end service based on the Differentiated Service architecture. In this paper, we study and compare the performance of three profiler mechanisms to provide the guaranties of an Internet Assured Service. Two of them, TSW and Leaky Bucket are the most commonly used, and the third is a new Counter Based profiler, which is proposed in this paper. The study is done by simulation employing TCP RENO sources.This work was partly supported by the Spanish Research Council under grant TIC2000-1734-C03-03