Adaptive trust and reputation system as a security service in group communications

Group communications has been facilitating many emerging applications which require packet delivery from one or more sender(s) to multiple receivers. Owing to the multicasting and broadcasting nature, group communications are susceptible to various kinds of attacks. Though a number of proposals have been reported to secure group communications, provisioning security in group communications remains a critical and challenging issue. This work first presents a survey on recent advances in security requirements and services in group communications in wireless and wired networks, and discusses challenges in designing secure group communications in these networks. Effective security services to secure group communications are then proposed. This dissertation also introduces the taxonomy of security services, which can be applied to secure group communications, and evaluates existing secure group communications schemes. This dissertation work analyzes a number of vulnerabilities against trust and reputation systems, and proposes a threat model to predict attack behaviors. This work also considers scenarios in which multiple attacking agents actively and collaboratively attack the whole network as well as a specific individual node. The behaviors may be related to both performance issues and security issues. Finally, this work extensively examines and substantiates the security of the proposed trust and reputation system. This work next discusses the proposed trust and reputation system for an anonymous network, referred to as the Adaptive Trust-based Anonymous Network (ATAN). The distributed and decentralized network management in ATAN does not require a central authority so that ATAN alleviates the problem of a single point of failure. In ATAN, the trust and reputation system aims to enhance anonymity by establishing a trust and reputation relationship between the source and the forwarding members. The trust and reputation relationship of any two nodes is adaptive to new information learned by these two nodes or recommended from other trust nodes. Therefore, packets are anonymously routed from the \u27trusted\u27 source to the destination through \u27trusted\u27 intermediate nodes, thereby improving anonymity of communications. In the performance analysis, the ratio of the ATAN header and data payload is around 0.1, which is relatively small. This dissertation offers analysis on security services on group communications. It illustrates that these security services are needed to incorporate with each other such that group communications can be secure. Furthermore, the adaptive trust and reputation system is proposed to integrate the concept of trust and reputation into communications. Although deploying the trust and reputation system incurs some overheads in terms of storage spaces, bandwidth and computation cycles, it shows a very promising performance that enhance users\u27 confidence in using group communications, and concludes that the trust and reputation system should be deployed as another layer of security services to protect group communications against malicious adversaries and attacks

Protection and restoration algorithms for WDM optical networks

Currently, Wavelength Division Multiplexing (WDM) optical networks play a major role in supporting the outbreak in demand for high bandwidth networks driven by the Internet. It can be a catastrophe to millions of users if a single optical fiber is somehow cut off from the network, and there is no protection in the design of the logical topology for a restorative mechanism. Many protection and restoration algorithms are needed to prevent, reroute, and/or reconfigure the network from damages in such a situation. In the past few years, many works dealing with these issues have been reported. Those algorithms can be implemented in many ways with several different objective functions such as a minimization of protection path lengths, a minimization of restoration times, a maximization of restored bandwidths, etc. This thesis investigates, analyzes and compares the algorithms that are mainly aimed to guarantee or maximize the amount of remaining bandwidth still working over a damaged network. The parameters considered in this thesis are the routing computation and implementation mechanism, routing characteristics, recovering computation timing, network capacity assignment, and implementing layer. Performance analysis in terms of the restoration efficiency, the hop length, the percentage of bandwidth guaranteed, the network capacity utilization, and the blocking probability is conducted and evaluated