Group Rekeying Schemes for Secure Group Communication in Wireless Sensor Networks

Wireless sensor networks are promising solutions for many applications. However, wireless sensor nodes suffer from many constraints such as low computation capability, small memory, limited energy resources, and so on. Grouping is an important technique to localize computation and reduce communication overhead in wireless sensor networks. In this paper, we use grouping to refer to the process of combining a set of sensor nodes with similar properties. We propose two centralized group rekeying (CGK) schemes for secure group communication in sensor networks. The lifetime of a group is divided into three phases, i.e., group formation, group maintenance, and group dissolution. We demonstrate how to set up the group and establish the group key in each phase. Our analysis shows that the proposed two schemes are computationally efficient and secure

Experiences with Dynamic Circuit Creation in a Regional Network Testbed

In this paper we share our experiences of enabling dynamic circuit creation in the GpENI network. GpENI is a network research testbed in the mid-west USA involving several educational institutions. University of Nebraska-Lincoln is involved in provisioning dynamic circuits across the GpENI network among its participating universities. We discuss several options investigated for deploying dynamic circuits over the GpENI network as well as our demonstration experiments at the GENI engineering conferences. UNL has also collaborated with ProtoGENI project of University of Utah and Mid-Atlantic Crossroads (MAX) facility of Washington DC to create interdomain dynamic circuits

Discontinuous Waveband Switching in WDM Optical Networks

Routing techniques used in wavelength routed optical networks (WRN) do not give an efficient solution with Waveband routed optical networks (WBN) as the objective of routing in WRN is to reduce the blocking probability and that in WBN is to reduce the number of switching ports. Routing in WBN can be divided two parts, finding the route and grouping the wavelength assigned into that route with some existing wavelengths/wavebands. In this paper, we propose a heuristic for waveband routing, which uses a new grouping strategy called discontinuous waveband grouping to group the wavelengths into a waveband. The main objective of our algorithm is to decrease the total number of ports required and reduce the blocking probability of the network. The performance of the heuristic is analyzed using simulation on a WBN with non-uniform wavebands

Approximation Algorithms for Survivable Multicommodity Flow Problems with Applications to Network Design

Multicommodity flow (MF) problems have a wide variety of applications in areas such as VLSI circuit design, network design, etc., and are therefore very well studied. The fractional MF problems are polynomial time solvable while integer versions are NP-complete. However, exact algorithms to solve the fractional MF problems have high computational complexity. Therefore approximation algorithms to solve the fractional MF problems have been explored in the literature to reduce their computational complexity. Using these approximation algorithms and the randomized rounding technique, polynomial time approximation algorithms have been explored in the literature. In the design of high-speed networks, such as optical wavelength division multiplexing (WDM) networks, providing survivability carries great significance. Survivability is the ability of the network to recover from failures. It further increases the complexity of network design and presents network designers with more formidable challenges. In this work we formulate the survivable versions of the MF problems. We build approximation algorithms for the survivable multicommodity flow (SMF) problems based on the framework of the approximation algorithms for the MF problems presented in [1] and [2]. We discuss applications of the SMF problems to solve survivable routing in capacitated networks

DiffServer: Application Level Differentiated Services for Web Servers

Web content hosting, in which a Web server stores and provides Web access to documents for different customers, is becoming increasingly common. For example, a web server can host webpages for several different companies and individuals. Traditionally, Web Service Providers (WSPs) provide all customers with the same level of performance (best-effort service). Most service differentiation has been in the pricing structure (individual vs. business rates) or the connectivity type (dial-up access vs. leased line, etc.). This report presents DiffServer, a program that implements two simple, server-side, application-level mechanisms (server-centric and client-centric) to provide different levels of web service. The results of the experiments show that there is not much overhead due to the addition of this additional layer of abstraction between the client and the Apache web server under light load conditions. Also, the average waiting time for high priority requests decreases significantly after they are assigned priorities as compared to a FIFO approach

Group Rekeying Schemes for Secure Group Communication in Wireless Sensor Networks

Wireless sensor networks are promising solutions for many applications. However, wireless sensor nodes suffer from many constraints such as low computation capability, small memory, limited energy resources, and so on. Grouping is an important technique to localize computation and reduce communication overhead in wireless sensor networks. In this paper, we use grouping to refer to the process of combining a set of sensor nodes with similar properties. We propose two centralized group rekeying (CGK) schemes for secure group communication in sensor networks. The lifetime of a group is divided into three phases, i.e., group formation, group maintenance, and group dissolution. We demonstrate how to set up the group and establish the group key in each phase. Our analysis shows that the proposed two schemes are computationally efficient and secure

Discontinuous Waveband Switching in WDM Optical Networks

Routing techniques used in wavelength routed optical networks (WRN) do not give an efficient solution with Waveband routed optical networks (WBN) as the objective of routing in WRN is to reduce the blocking probability and that in WBN is to reduce the number of switching ports. Routing in WBN can be divided two parts, finding the route and grouping the wavelength assigned into that route with some existing wavelengths/wavebands. In this paper, we propose a heuristic for waveband routing, which uses a new grouping strategy called discontinuous waveband grouping to group the wavelengths into a waveband. The main objective of our algorithm is to decrease the total number of ports required and reduce the blocking probability of the network. The performance of the heuristic is analyzed using simulation on a WBN with non-uniform wavebands

ScienceSDS: A Novel Software Defined Security Framework for Large-scale Data-intensive Science

Experimental science workflows from projects such as Compact Muon Solenoid (CMS) [6] and Laser Interferometer Gravitational Wave Observatory (LIGO) [2] are characterized by data-intensive computational tasks over large datasets transferred over encrypted channels. The Science DMZ [7] approach to network design favors lossless packet forwarding through a separate isolated network over secure lossy forwarding through stateful packet processors (e.g. fire-walls). We propose ScienceSDS, a novel software denied security framework for securely monitoring large-scale science datasets over a software defined networking and network functions virtualization (SDN/NFV) infrastructure

ScienceSDS: A Novel Software Defined Security Framework for Large-scale Data-intensive Science

Experimental science workflows from projects such as Compact Muon Solenoid (CMS) [6] and Laser Interferometer Gravitational Wave Observatory (LIGO) [2] are characterized by data-intensive computational tasks over large datasets transferred over encrypted channels. The Science DMZ [7] approach to network design favors lossless packet forwarding through a separate isolated network over secure lossy forwarding through stateful packet processors (e.g. fire-walls). We propose ScienceSDS, a novel software denied security framework for securely monitoring large-scale science datasets over a software defined networking and network functions virtualization (SDN/NFV) infrastructure

Cross-Atlantic Experiments on EU-US Test-beds

Today, there are a number of real testbeds worldwide among which Fed4Fire testbeds are prominent in the EU, while POWDER and COSMOS are prominent in the US. This paper aims to validate inter-testbed experiments between the EU and the US by connecting a number of Fed4Fire and US testbeds as part of an NGIAtlantic project. The goal is to compare the hop count, the topology formed, the maximum bandwidth permitted, and the loss and jitter that occurred between different testbeds. Additionally, Software Defined Networking (SDN) experiments between EU and US testbeds are conducted, and an edge-computing use case is developed and tested