46 research outputs found
Wi-Fi Access point system manager
[ESP]Los estándares de comunicaciones inalámbricas especifican protocolos para asegurar las comunicaciones en el interfaz aéreo pero no indican ningún método para gestionar un sistema de AAT (autenticación,autorización y tarifación) que garantice que los protocolos especificados se activan y funcionancorrectamente. Los fabricantes de equipos de comunicaciones inalámbricos forman consorcios para desarrollar equipos con una serie de funcionalidades, que en muchos casos deriva en un estándar internacional, lo que facilita la interconexión de equipos entre diferentes fabricantes. El principal problema técnico radica en que el cliente final que adquiere esos equipos no puede activar la mayorÃa decapacidades del equipo a no ser que disponga de un dispositivo externo que lo haga. El dispositivo externo debe ser lo suficientemente flexible para facilitar cualquier tipo de configuración, de forma local o remota. El sistema desarrollado consiste en la implementación de 4 elementos: 1.a) Un sistema de autenticación compatible con el estandard inalámbrico. 1.b) Un sistema de presentación de páginas web dinámicas.1.c) Un sistema de gestión de datos. 1.d) Un sistema de cifrado de la información.[ENG] The standards of wireless communications specify protocols to provide secure communications in the aerial interface but they do not indicate any method to manage a AAA system (authentication, authorization and accounting) that guarantees that the specified protocols are activated and work correctly. The manufacturers of wireless communications equipment form partnerships to develop equipment with a series of functionalities, that in many cases derives in an international standard, which facilitates the interconnection of equipment between different manufacturers. The main technical problem is that the final client acquiring those equipment cannot activate most of capacities of the equipment unless an external device does it. The external device must be flexible enough to facilitate any type of configuration on local or remote. The developed system consists of the implementation of 4 elements: 1.a) An authentication method compatible with the wi-fi standard. 1.b) A system of presentation based on dynamic pages Web. 1.c) A system of data management.1.d) A system of information coding.[ESP]Una universidad española ha desarrollado un sistema que permite la gestión y configuración remota de múltiples Puntos de Acceso de una red wi-fi. Incorpora control de acceso y seguridad basadas en IEEE
802.11i. El sistema está desarrollado sobre Linux y es válido para cualquier tipo de cliente (PDA, PC, etc. Windows o Linux). La universidad está buscando socios para adaptar y comercializar la tecnologÃa en el mercado.[ENG]UPCT, Spain. The system allows remote management and configuration of several wi-fi APs in a wireless network. It incorporates access control a security issues based on IEEE 802.11i. Developed under Linux. Valid for any kind of client. We need help for merchandising.[ESP] Reducción de costes en la ampliación de la red de datos. Aumento de la productividad de la empresa derivado del uso de redes wi-fi.Facilidad para innovar. Servicios de voz y valor añadido sobre wi-fi. [ENG] Cost reductions when deployment the data network. Gain in company productivity thanks to wi-fi networks. Innovation facility. Voice services and other added value services over wi-fi.Arquitecturas de conmutación electrónica y fotónica. Redes Overlay (desarrollo de protocolos multicast y P2P, distribución de contenidos multimedia). Calidad de servicio en redes heterogéneas.Redes inalámbicas.Redes de sensores y actuadores inalámbricos.Integración de sistemas a través de middleware.Desarrollo de aplicaciones y servicios telemáticos avanzados
Proportional bandwidth distribution in IP networks implementing the assured forwarding PHB
Recent demands for new applications are giving rise
to an increasing need of Quality of Service (QoS).
Nowadays, most IP-based networks tend to use the
DiffServ architecture to provide end-to-end QoS.
Traffic conditioners are a key element in the
deployment of DiffServ. In this paper, we introduce a
new approach for traffic conditioning based on feedback
signaling among boundary nodes and traffic
conditioners. This new approach is intended to provide
a poportional distribution of excess bandwidth to endusers.
We evaluate through extensive simulations the
performance of our proposal in terms of final
throughput, considering contracted target rates and
distribution of spare bandwidth. Results show a high
level of fairness in the excess bandwidth allocation
among TCP sources under different network
conditions
End-to-end TCP performance of the couple CBM traffic conditioner and RIO buffer management in a three node topology
Despite the abundant literature written about the AF PHB,
no solution has been found to efficiently face up its two
goals, assuring a minimum rate to the users and offering a
fair distribution of the excess bandwidth if available. The
Counters Based Modified (CBM) traffic conditioner,
presented in a previous work, is able to achieve these
objectives in single-node topologies. This paper raises
issues with providing bandwidth assurance and spare
bandwidth distribution for TCP flows in more complex
topologies than usual. Simulation results explore the
effect of target rates, round trip times, and efficiency of
CBM when up to three network nodes implement service
differentiation, including in some cases the coexistence of
assured service and best-effort traffics.This work was supported by the Spanish Research
Council under projects TEC2004-05622-C04-02/TCM
and TIC2001-3339-C02-02
Application of artificial intelligence to refrigeration systems
Refrigeration systems currently use 20% of the total electrical energy, and this consumption
is expected to increase by more than 30% between now and 2050. The optimization
of these systems makes it possible to minimize CO2 emissions, increase energy efficiency
and reduce costs. However, refrigeration system optimization problems are complex and time
consuming. This is where sensorization and artificial intelligence come into play. Not many
years ago, refrigeration systems were controlled with analog thermostats, and centralized
supervision by SCADA systems using the data from sensors. Currently, we are in a completely
digitized world thanks to massive sensorization, which is possible due to the development
of the IoT (Internet of Things). The fundamental premise of the IoT is to connect the unconnectable
by enabling new services and experiences. Complex machines and systems such as
refrigeration systems can be measured comprehensively, down to the component level, and
their data streams studied in real-time analysis systems. In this case, artificial intelligence
can take the data to drive decision-making
A certification authority for elliptic curve X.509v3. Certificates
Wireless networks are more and more common in current communications networks. Nevertheless, wireless communications entail a big concern: security. The use of X.509v3 certificates to carry out authentication tasks is an approach to improve security. These certificates are usually employed with the RSA algorithm. Elliptic Curve Cryptography (ECC) is a cryptographic technique eminently suited for small devices, like those used in wireless communications, and is gaining momentum. The main advantage of ECC versus RSA is that for the same level of security it requires a much sorter key length. The purpose of this work is to design and implement a free open-source Certification Authority able to issue X.509v3 certificates using ECC. This research is an implementation study on free open-source tools to issue digital certificates using ECC. Moreover, it contributes to the development of free open-source tools for network security based on ECC. The result of this research may assist organizations to increase their security level in wireless devices and networks, in a costless way, by including authentication techniques based on ECC digital certificates
Experimental Tests on SCTP over IPSec
As telecommunication technologies evolve, security in communications becomes a more and more relevant issue. IPSec is a set of protocols aiming to enhance security at the IP layer. Specifically, IPSec and IKE are important security mechanism that provide cryptographic-based protection for IP packets, and consequently for IP services. SCTP is a standardized transport protocol whose main features include multihoming and multistreaming, and is gaining momentum as a general-purpose transport protocol. While the simultaneous use of these two protocols is feasible, it is under study how to make them work efficiently. In this paper, we present a simple method to improve SCTP-IPSec-IKE compatibility by modifying the structure of the Security Associations. Despite the conceptual simplicity of our proposal, it has not been proposed before in related literature.This research has been supported by project grant TEC2007-67966-01/TCM (CON-PARTE-1) and it is also developed in the framework of "Programa de Ayudas a Grupos de Excelencia de la Región de Murcia, de la Fundación Séneca, Agencia de Ciencia y TecnologÃa de la RM (Plan Regional de Ciencia y TecnologÃa 2007/2010)
Internet measurements and data study over the regional network Ciez@net
In this paper we present the most signifcant results studying the Internet network traffic measurements
obtained in Ciez@net. Ciez@net is a citizen subnet located in the village of Cieza that belongs to the
regional network of the Autonomous Community of Murcia in Spain. This subnet is one of the firsts pilot
experiences of a Digital City in Europe and the first in the Region of Murcia. The goal is the seamless
introduction of the Information Society in a medium-size population. Access to advanced electronic
information services is stimulated or subsidized for an effective penetration. These measurements will
allow a qualitative and quantitative knowledge of the network trafJic in order to achieve a most effective
network resource provisioning and Internet trafic forecasting in a real scenario. A suitable dimensioning
of the network as well as an adequate provisioning of Quality of Service to users may depend partially on
these results. Measurements were taken from a Frame Relay link connecting Ciez@net’s users to Internet
through the main node located in Murcia city. We used a promiscuous network analyzer that avoids
intelfering in the network trafic. We report results of traffic load, network pelformance, percentage
composition of trafJic by protocol and type of application, and IP packet size distribution in both, up and
down communications streams.This work was partly supported by the Spanish
Research Council under grant TIC2000- 1734-
CO3-03 and by the Fundaci6n Integra under
project 01 24
A new proposal for assuring services in internet
In this paper we present a new mechanism
to provide an assured service in terms of target rate
and fair excess bandwidth, like the Internet Assured
Service. Research in Internet Assured Service faced
up both questions in separate ways proposing
different traffic conditioners to work with the RIO
buffer management, and proposing different
modifications to this buffer management, among
others. In this work, we suggest using a buffer
management scheme different from RIO that also
treats in-of-profile and out-of-profile packets
differently but avoiding interference between them.
This scheme is used together with the Counters Based
traffic conditioner because of its high accuracy in
guaranteeing target rates. We evaluate and compare
by simulation the performance of our proposal using
TCP RENO sources. One important issue to be
considered is that the proposal is a feasible
alternative to the standard architecture for
Differentiated Services in Internet.This work was supported by the Spanish
Research Council under grant TIC2000-1734-
C03-03
Análisis de las prestaciones del acondicionador de tráfico CBM en un dominio DiffServ
The Counters-Based Modified (CBM) traffic conditioner was introduced in a previous work
as a feasible option to implement the Assured Forwarding (AF) service in DiffServ. In this paper we
present an end-to-end performance analysis of TCP Reno sources that employ the CBM in a DiffServ
domain. We present simulation results in a three-RIO-node topology under miscellaneous
characteristics: different contract rates, heterogeneous RTT, co-existance of best-effort and AF
sources, and eficience of CBM when some network node does not implement service differentiation. As
shown in simulation results, it is possible to guarantee an AF service that ensures contracted target
rates and performs a fair share of the excess bandwidth.Este trabajo se enmarca dentro del proyecto CICYT
FAR-IP (TIC2000-1734-C03-03)
Performance evaluation of profiler mechanisms for the internet assured service
As Internet is rapidly growing and receiving traffic from multimedia applications that are sensitive to available
bandwidth and delay experienced in the network, there is a strong need for quality of service (QoS) support. The
Integrated and Differentiated Service models are two approaches for adding QoS to Internet. The Assured Service is an
end-to-end service based on the Differentiated Service architecture. In this paper, we study and compare the
performance of three profiler mechanisms to provide the guaranties of an Internet Assured Service. Two of them, TSW
and Leaky Bucket are the most commonly used, and the third is a new Counter Based profiler, which is proposed in this
paper. The study is done by simulation employing TCP RENO sources.This work was partly supported by the Spanish Research Council under grant TIC2000-1734-C03-03