Edmo Lopes Filho, Gilberto Tadayoshi Hashimoto, P. F. Rosa
The growth and proliferation of computer networks allow businesses to efficiently communicate with their own components as well as with their business partners, customers, and suppliers. However, the flexibility and efficiency provided by such systems come with increasing risks, including disruption of services. To address the security issues, network and security managers, among other options, often turn to network policy management services such as firewall and intrusion prevention system (IPS) protection. This paper addresses "availability," one of the basic requirements of security management programs and proposes a model to support firewall redundancy based on the SCTP protocol.
{"title":"A High Availability Firewall Model Based on SCTP Protocol","authors":"Edmo Lopes Filho, Gilberto Tadayoshi Hashimoto, P. F. Rosa","doi":"10.1109/ICSNC.2008.63","DOIUrl":"https://doi.org/10.1109/ICSNC.2008.63","url":null,"abstract":"The growth and proliferation of computer networks allow businesses to efficiently communicate with their own components as well as with their business partners, customers, and suppliers. However, the flexibility and efficiency provided by such systems come with increasing risks, including disruption of services. To address the security issues, network and security managers, among other options, often turn to network policy management services such as firewall and intrusion prevention system (IPS) protection. This paper addresses \"availability,\" one of the basic requirements of security management programs and proposes a model to support firewall redundancy based on the SCTP protocol.","PeriodicalId":105399,"journal":{"name":"2008 Third International Conference on Systems and Networks Communications","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132169043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Web service technology and the Service-oriented Architecture (SOA) paradigm have become state of the art for the integration of systems across enterprise boundaries. Here, a strong need for policies exists, which describe the Quality of Service delivered by third parties.Current policy languages in the area of Web services and SOAs allow the specification of requirements with respect to the Quality of Service as well as the parameters, which should be monitored. They do not cover the countermeasures needed and accepted in case of requirement violations. Especially, in distributed scenarios it is helpful to provide the monitoring units with information about possible reactions to violations in order to enforce policies at the monitoring units. Therefore, we developed the Web service requirements and reactions policy language (WS-Re2Policy), which overcomes those issues by specifying requirements and reactions in a single policy to be distributed to independent monitoring units.
{"title":"WS-Re2Policy: A Policy Language for Distributed SLA Monitoring and Enforcement","authors":"N. Repp, André Miede, M. Niemann, R. Steinmetz","doi":"10.1109/ICSNC.2008.17","DOIUrl":"https://doi.org/10.1109/ICSNC.2008.17","url":null,"abstract":"Web service technology and the Service-oriented Architecture (SOA) paradigm have become state of the art for the integration of systems across enterprise boundaries. Here, a strong need for policies exists, which describe the Quality of Service delivered by third parties.Current policy languages in the area of Web services and SOAs allow the specification of requirements with respect to the Quality of Service as well as the parameters, which should be monitored. They do not cover the countermeasures needed and accepted in case of requirement violations. Especially, in distributed scenarios it is helpful to provide the monitoring units with information about possible reactions to violations in order to enforce policies at the monitoring units. Therefore, we developed the Web service requirements and reactions policy language (WS-Re2Policy), which overcomes those issues by specifying requirements and reactions in a single policy to be distributed to independent monitoring units.","PeriodicalId":105399,"journal":{"name":"2008 Third International Conference on Systems and Networks Communications","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123401115","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Multimedia communication services over multi-domain heterogeneous network infrastructure need end to end (E2E) guarantees for quality of services (QoS). In this context, the proper network dimensioning and traffic engineering of each network domain are significantly dependent on the accuracy of the of traffic demand estimation. The aim of this paper is to propose an algorithm, which estimates the future traffic demand based on current subscriptions, traffic projections and historical data provided by network monitoring. This algorithm is currently evaluated and implemented in the framework of the FP6 European research project named ENTHRONE II.
{"title":"Traffic Demand Derivation in IP-Based Multi Service Class Environment","authors":"L. Ioan, Grazziela Niculescu, E. Borcoci","doi":"10.1109/ICSNC.2008.31","DOIUrl":"https://doi.org/10.1109/ICSNC.2008.31","url":null,"abstract":"Multimedia communication services over multi-domain heterogeneous network infrastructure need end to end (E2E) guarantees for quality of services (QoS). In this context, the proper network dimensioning and traffic engineering of each network domain are significantly dependent on the accuracy of the of traffic demand estimation. The aim of this paper is to propose an algorithm, which estimates the future traffic demand based on current subscriptions, traffic projections and historical data provided by network monitoring. This algorithm is currently evaluated and implemented in the framework of the FP6 European research project named ENTHRONE II.","PeriodicalId":105399,"journal":{"name":"2008 Third International Conference on Systems and Networks Communications","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124871937","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the mobile IPv6 (MIPv6), a mobile node (MN) directly manages its signaling related mobility because the MIPv6 is a host based mobility protocol. On the other hands, the proxy mobile IPv6 (PMIPv6) provides a network based mobility in where special network entities manage all gnaling related mobility for supporting mobility service of MN. The route optimization (RO) mechanism for PMIPv6 is proposed while the specification of PMIPv6 is still focusing on basic operations. The RO mechanism establishes the enhanced communication path between MNs so that it can reduce transmission delay and network burden. In this paper, we analyze the performance of RO mechanism compared with the basic PMIPv6. The presented results confirm that the RO mechanism provide the improved performance during the MN communicates with the CN, due to the established communication path.
在移动IPv6 (MIPv6)中,由于MIPv6是一种基于主机的移动协议,因此移动节点(MN)直接管理与信令相关的移动。另一方面,代理移动IPv6 (proxy mobile IPv6, PMIPv6)提供了一种基于网络的移动性,由特定的网络实体来管理所有与信令相关的移动性,以支持MN的移动性业务。在PMIPv6规范还停留在基本操作阶段的时候,提出了路由优化机制。RO机制在MNs之间建立了增强的通信路径,从而减少了传输延迟和网络负担。在本文中,我们分析了RO机制与基本PMIPv6的性能。研究结果证实,由于建立了通信路径,RO机制在MN与CN通信期间提供了更好的性能。
{"title":"Performance Analysis of Route Optimization on Proxy Mobile IPv6","authors":"Jae-Min Lee, Jong‐Hyouk Lee, Tai-Myung Chung","doi":"10.1109/ICSNC.2008.20","DOIUrl":"https://doi.org/10.1109/ICSNC.2008.20","url":null,"abstract":"In the mobile IPv6 (MIPv6), a mobile node (MN) directly manages its signaling related mobility because the MIPv6 is a host based mobility protocol. On the other hands, the proxy mobile IPv6 (PMIPv6) provides a network based mobility in where special network entities manage all gnaling related mobility for supporting mobility service of MN. The route optimization (RO) mechanism for PMIPv6 is proposed while the specification of PMIPv6 is still focusing on basic operations. The RO mechanism establishes the enhanced communication path between MNs so that it can reduce transmission delay and network burden. In this paper, we analyze the performance of RO mechanism compared with the basic PMIPv6. The presented results confirm that the RO mechanism provide the improved performance during the MN communicates with the CN, due to the established communication path.","PeriodicalId":105399,"journal":{"name":"2008 Third International Conference on Systems and Networks Communications","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129448653","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In recent decades, researchers try to construct high performance interconnection networks with emphasis on fault tolerance. Their studies are based on this fact that, a network can be a major performance bottleneck in parallel processors. This paper proposes an analytical model to predict message latency in wormhole-switched mesh as an instance of a fault tolerant routing. The mesh topology has desirable properties such as modularity, regularity in structure, partitioning to smaller one, simplicity in implementation. To achieve our purpose we modeled an algorithm suggested by Linder-Harden, then performance of this model was evaluated by using XMulator.
{"title":"Performance Modeling of Fault Tolerant Fully Adaptive Wormhole Switching 2-D Meshes in Presence of Virtual Channels","authors":"S. Nickmanesh, A. Movaghar, F. Rookhosh","doi":"10.1109/ICSNC.2008.26","DOIUrl":"https://doi.org/10.1109/ICSNC.2008.26","url":null,"abstract":"In recent decades, researchers try to construct high performance interconnection networks with emphasis on fault tolerance. Their studies are based on this fact that, a network can be a major performance bottleneck in parallel processors. This paper proposes an analytical model to predict message latency in wormhole-switched mesh as an instance of a fault tolerant routing. The mesh topology has desirable properties such as modularity, regularity in structure, partitioning to smaller one, simplicity in implementation. To achieve our purpose we modeled an algorithm suggested by Linder-Harden, then performance of this model was evaluated by using XMulator.","PeriodicalId":105399,"journal":{"name":"2008 Third International Conference on Systems and Networks Communications","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130809025","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
S. K. Dhurandher, S. Misra, D. Agrawal, Avanish Rayankula
The advent of wireless networks has brought a new set of security issues with it. The most feared of these is a jamming based attack. This is because with the existing network architecture, there is very little that can be done to overcome a jamming attack. In this paper we propose a pre-emptive detection strategy using honeynodes and a response mechanism based on the existing channel surfing algorithm to protect wireless nodes from a jammer. Honeynodes generate dummy communication at a frequency close to the actual frequency of operation, so that the authentic nodes can jump to another frequency even before a jammer starts scanning that frequency. We have implemented the proposed method using ns2. Experimental results show a marked improvement in the performance in our proposed system over the existing channel surfing algorithm.
{"title":"Using Honeynodes along with Channel Surfing for Defense against Jamming Attacks in Wireless Networks","authors":"S. K. Dhurandher, S. Misra, D. Agrawal, Avanish Rayankula","doi":"10.1109/ICSNC.2008.62","DOIUrl":"https://doi.org/10.1109/ICSNC.2008.62","url":null,"abstract":"The advent of wireless networks has brought a new set of security issues with it. The most feared of these is a jamming based attack. This is because with the existing network architecture, there is very little that can be done to overcome a jamming attack. In this paper we propose a pre-emptive detection strategy using honeynodes and a response mechanism based on the existing channel surfing algorithm to protect wireless nodes from a jammer. Honeynodes generate dummy communication at a frequency close to the actual frequency of operation, so that the authentic nodes can jump to another frequency even before a jammer starts scanning that frequency. We have implemented the proposed method using ns2. Experimental results show a marked improvement in the performance in our proposed system over the existing channel surfing algorithm.","PeriodicalId":105399,"journal":{"name":"2008 Third International Conference on Systems and Networks Communications","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130088105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Radio frequency identification (RFID) is one of the automatic identification technologies more in vogue nowadays. There is a wide research and development in this area trying to take maximum advantage of this technology, and in coming years many new applications and research areas will continue to appear. This sudden interest in RFID also brings about some concerns, mainly the security and privacy of those who work with or use tags in their everyday life. RFID has, for some time, been used to access control in many different areas, from asset tracking to limiting access to restricted areas. In this paper we propose an architecture and a prototype of a system that uses distributed RFID over Ethernet and we demonstrate how to automate an entire students' attendance registration system by using RFID in an educational institution environment. Although the use of RFID systems in educational institutions is not new, it is intended to show how the use of it came to solve daily problems in our university.
{"title":"Automatic Control of Students' Attendance in Classrooms Using RFID","authors":"Francisco Silva, V. Filipe, António Pereira","doi":"10.1109/ICSNC.2008.70","DOIUrl":"https://doi.org/10.1109/ICSNC.2008.70","url":null,"abstract":"Radio frequency identification (RFID) is one of the automatic identification technologies more in vogue nowadays. There is a wide research and development in this area trying to take maximum advantage of this technology, and in coming years many new applications and research areas will continue to appear. This sudden interest in RFID also brings about some concerns, mainly the security and privacy of those who work with or use tags in their everyday life. RFID has, for some time, been used to access control in many different areas, from asset tracking to limiting access to restricted areas. In this paper we propose an architecture and a prototype of a system that uses distributed RFID over Ethernet and we demonstrate how to automate an entire students' attendance registration system by using RFID in an educational institution environment. Although the use of RFID systems in educational institutions is not new, it is intended to show how the use of it came to solve daily problems in our university.","PeriodicalId":105399,"journal":{"name":"2008 Third International Conference on Systems and Networks Communications","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125946232","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: