Managing a peer-to-peer backup system: does imposed fairness socially outperform a revenue-driven monopoly ?

International audienceWe study a peer-to-peer backup system, where users offer some of their storage space to provide service for the others. The economic model for such a system is different from the ones applicable to peer-to-peer file sharing systems, since the storage capacity is a private good here. We study two mechanisms aimed at incentivizing users to offer some of their capacity: a price-based scheme (here a revenue-driven monopoly) and a more classical symmetric scheme (imposing users to contribute to the service at least as much as use it). We compare the outcomes of such mechanisms to the socially optimal situation that could be attained if users were not selfish, and show that depending on user heterogeneity, a revenue maximizing monopoly can be a worse or a better (in terms of social welfare) way to manage the system than a symmetric scheme

Adaptive Redundancy Management for Durable P2P Backup

We design and analyze the performance of a redundancy management mechanism for Peer-to-Peer backup applications. Armed with the realization that a backup system has peculiar requirements -- namely, data is read over the network only during restore processes caused by data loss -- redundancy management targets data durability rather than attempting to make each piece of information availabile at any time. In our approach each peer determines, in an on-line manner, an amount of redundancy sufficient to counter the effects of peer deaths, while preserving acceptable data restore times. Our experiments, based on trace-driven simulations, indicate that our mechanism can reduce the redundancy by a factor between two and three with respect to redundancy policies aiming for data availability. These results imply an according increase in storage capacity and decrease in time to complete backups, at the expense of longer times required to restore data. We believe this is a very reasonable price to pay, given the nature of the application. We complete our work with a discussion on practical issues, and their solutions, related to which encoding technique is more suitable to support our scheme

A Resource-Aware and Time-Critical IoT Framework

Internet of Things (IoT) systems produce great amount of data, but usually have insufficient resources to process them in the edge. Several time-critical IoT scenarios have emerged and created a challenge of supporting low latency applications. At the same time cloud computing became a success in delivering computing as a service at affordable price with great scalability and high reliability. We propose an intelligent resource allocation system that optimally selects the important IoT data streams to transfer to the cloud for processing. The optimization runs on utility functions computed by predictor algorithms that forecast future events with some probabilistic confidence based on a dynamically recalculated data model. We investigate ways of reducing specifically the upload bandwidth of IoT video streams and propose techniques to compute the corresponding utility functions. We built a prototype for a smart squash court and simulated multiple courts to measure the efficiency of dynamic allocation of network and cloud resources for event detection during squash games. By continuously adapting to the observed system state and maximizing the expected quality of detection within the resource constraints our system can save up to 70% of the resources compared to the naive solution

Policy Injection: a Cloud Dataplane DoS Attack

Enterprises continue to migrate their services to the cloud on a massive scale, but the increasing attack surface has become a natural target for malevolent actors. We show policy injection, a novel algorithmic complexity attack that enables a tenant to add specially tailored ACLs into the data center fabric to mount a denial-of-service attack through exploiting the built-in security mechanisms of the cloud management systems (CMS) . Our insight is that certain ACLs, when fed with special covert packets by an attacker, may be very difficult to evaluate, leading to an exhaustion of cloud resources. We show how a tenant can inject seemingly harmless ACLs into the cloud data plane to abuse an algorithmic deficiency in the most popular cloud hypervisor switch, Open vSwitch, and reduce its effective peak performance by 80-90%, and, in certain cases, denying network access altogether

Orchestration of Network Services Across Multiple Operators: The 5G Exchange Prototype

Future 5G networks will rely on the coordinated allocation of compute, storage, and networking resources in order to meet the functional requirements of 5G services as well as guaranteeing efficient usage of the network infrastructure. However, the 5G service provisioning paradigm will also require a unified infrastructure service market that integrates multiple operators and technologies. The 5G Exchange (5GEx) project, building heavily on the Software-Defined Network (SDN) and the Network Function Virtualization (NFV) functionalities, tries to overcome this market and technology fragmentation by designing, implementing, and testing a multi-domain orchestrator (MdO) prototype for fast and automated Network Service (NS) provisioning over multiple-technologies and spanning across multiple operators. This paper presents a first implementation of the 5GEx MdO prototype obtained by extending existing open source software tools at the disposal of the 5GEx partners. The main functions of the 5GEx MdO prototype are showcased by demonstrating how it is possible to create and deploy NSs in the context of a Slice as a Service (SlaaS) use-case, based on a multi-operator scenario. The 5GEx MdO prototype performance is experimentally evaluated running validation tests within the 5GEx sandbox. The overall time required for the NS deployment has been evaluated considering NSs deployed across two operators

Analysis of end-to-end multi-domain management and orchestration frameworks for software defined infrastructures: an architectural survey

Over the last couple of years, industry operators' associations issued requirements towards an end-to-end management and orchestration plane for 5G networks. Consequently, standard organisations started their activities in this domain. This article provides an analysis and an architectural survey of these initiatives and of the main requirements, proposes descriptions for the key concepts of domain, resource and service slicing, end-to-end orchestration and a reference architecture for the end-to-end orchestration plane. Then, a set of currently available or under development domain orchestration frameworks are mapped to this reference architecture. These frameworks, meant to provide coordination and automated management of cloud and networking resources, network functions and services, fulfil multi-domain (i.e. multi-technology and multi-operator) orchestration requirements, thus enabling the realisation of an end-to-end orchestration plane. Finally, based on the analysis of existing single-domain and multi-domain orchestration components and requirements, this paper presents a functional architecture for the end-to-end management and orchestration plane, paving the way to its full realisation.This work was partially supported by the ICT14 5GExchange (5GEx) innovation project (grant agreement no.671636) co-funded by the European Union under the Horizon 2020 EU Framework Programme.Publicad