Scheduled System Maintenance:
On Monday, April 27th, IEEE Xplore will undergo scheduled maintenance from 1:00 PM - 3:00 PM ET (17:00 - 19:00 UTC). No interruption in service is anticipated.
By Topic

Date 26-30 Nov. 2007

Filter Results

Displaying Results 1 - 25 of 69
  • Table of contents

    Publication Year: 2007 , Page(s): nil1 - nil5
    Save to Project icon | Request Permissions | PDF file iconPDF (167 KB)  
    Freely Available from IEEE
  • Service-Oriented Management Architecture of Optical Virtual Private Networks

    Publication Year: 2007 , Page(s): 1 - 3
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (141 KB) |  | HTML iconHTML  

    A management architecture is presented for optical virtual private networks (OVPN), where network providers manage physical network infrastructures, service providers compose network resources into OVPNs, end users invoke OVPN management services to configure operational OVPNs. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • 3-Tier Service Level Agreement with automatic class upgrades

    Publication Year: 2007 , Page(s): 1 - 6
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (362 KB) |  | HTML iconHTML  

    Tremendous efforts have been spent on devising mechanisms that would provide quality of service (QoS) needed by various applications, and network operators have spent a lot of resources trying to fit their networks with differentiated services capabilities. One of the service level agreements (SLA) promising to sell these QoS services is the "triple play" SLA, bundling 3 classes of services targeting voice, video, and data. In this paper, we propose a "3-tier SLA with automatic class upgrades", an enhancement to the triple play SLA, in that it automatically upgrades lower classes' packets to fill the unused reserved bandwidths in the expensive, better quality upper classes. The enhancement incorporates a scalable solution to the reordering problem caused by the upgrades, which does not require per flow state information. We provide an analysis of the QoS performance and show that the enhancement maximizes the customer's usage of the reserved and paid-for bandwidths by maximizing the utilization of the most expensive QoS classes. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Characterization and Synthesis of Markovian Workload Models

    Publication Year: 2007 , Page(s): 1 - 5
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (271 KB) |  | HTML iconHTML  

    We consider the general problem of workload model generation using Markovian Arrival Processes (MAPs). MAPs are a large class of analytically tractable processes frequently used in communication and computer network modeling. We show that MAP moment and autocorrelation formulas admit a simple scalar form deriving from spectral properties of the MAP defining matrices. This suggests a new approach for studying MAPs, by which we address challenging characterization and fitting problems as well as the open issue of synthesizing processes with prescribed moments and acf for inter-arrival times. A case study illustrates the impact of spectral-based synthesis on sensitivity analysis of network models. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Brief Survey on Resource Allocation in Service Oriented Grids

    Publication Year: 2007 , Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (160 KB) |  | HTML iconHTML  

    Grids are systems that involve coordinate resource sharing and problem solving in heterogeneous dynamic environments. Resource allocation is central to service provisioning in grids. In this paper, a brief survey of resource allocation of twelve existing systems is presented. Moreover, directions for future research are suggested. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • AAA architectures applied in multi-domain IMS (IP Multimedia Subsystem)

    Publication Year: 2007 , Page(s): 1 - 6
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (227 KB) |  | HTML iconHTML  

    There is a group of communication services that use resources from multiple domains in order to deliver their service. Authorization of the end-user is important for such services, because several domains are involved. There are no current solutions for delivering authentication, authorization and accounting (AAA) to multi-domain services. In our study we present two architectures for the delivery of AAA to such services. The architectures are analyzed on their qualitative aspects. A result of this analysis is that direct interconnection of AAA servers is an effective architectural solution. In current multi-domain IP Multimedia Subsystem (IMS) architectures, direct interconnection of AAA servers, such as the Home Subscriber Servers (HSS), is not yet possible. In this paper we argue and recommend to extend the IMS specification by adding a new interface to HSS in order to support the direct interconnection of HSS/AAA servers located in different IMS administrative domains. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Pseudonym Assignment for the Last Mile Wireless Access to 4G Networks

    Publication Year: 2007 , Page(s): 1 - 6
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (214 KB) |  | HTML iconHTML  

    The last mile wireless access to 4G networks is inherently vulnerable to various attacks due to broadcasting feature of transmission. Although most wireless communication systems provide the security measures, they focus on the protection of the contents of a message. Therefore, the header part of each message including the source and destination addresses is transmitted in a plain-text format, which can reveal the information that is useful to an attacker. In this paper, we solve the loss of anonymity of the last mile wireless access through a novel pseudonym assignment scheme. Specifically, a master node generates pseudonym sets for slave nodes by using Unique Pair Sequence (UPS) which we first devised, and assigns them to each node. Since every node randomly uses one of pseudonyms in the set as ID whenever it transmits a message, our scheme can prevent an attacker from attempting a traffic analysis attack. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Securing fast handover in WLANs: a ticket based proactive authentication scheme

    Publication Year: 2007 , Page(s): 1 - 6
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1134 KB) |  | HTML iconHTML  

    More and more wireless access networks based on WLANs e.g. IEEE 802.11 are publicly deployed in multiple environments such as airports, depots, shopping centers, etc. Efficient authentication mechanisms are required to ensure a robust control of network access and secure user exchanges. The evolution of mobile devices, wireless access technologies and user behaviors lead to an increasing demand of seamless mobility support. Thus, authentication mechanisms must support seamless handover across network cells. In previous work, we have proposed a fast re-authentication method based on proactive key distribution: PKD with IAPP caching. This method proposes a very interesting handover delay reduction but it does not comply with the IEEE 802.11i security requirements. In this paper, we propose a ticket-based enhancement to go beyond the security weakness of the PKD with IAPP caching re-authentication method. A functional description of the security enhancement is given in addition to a security evaluation. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Adaptable Service Overlay for Wide Area Network Service Discovery

    Publication Year: 2007 , Page(s): 1 - 5
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (252 KB) |  | HTML iconHTML  

    Chameleon is a service-oriented peer-to-peer (P2P) overlay which employs a unique 2-tier maintenance system, adaptable to variations in the available bandwidth of the hosting device. For devices with low available bandwidth, Chameleon uses an opportunistic maintenance technique, and for high bandwidth devices, an active maintenance technique. This allows Chameleon to adapt to environmental changes of mobile device, such as switching between 802.11 and GPRS depending on network availability. Chameleon's suitability for use in mobile networks is further augmented by its support for Meta Service Discovery, our technique for discovering multiple service discovery mechanisms in P2P networks, hi this paper we show how Chameleon can be used with this service discovery technique in a wide area network. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using Selective Sampling for the Support of Scalable and Efficient Network Anomaly Detection

    Publication Year: 2007 , Page(s): 1 - 5
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (334 KB) |  | HTML iconHTML  

    Sampling has become an essential component of scalable Internet traffic monitoring and anomaly detection. In this paper we consider the problem of studying and evaluating the impact of selective sampling on anomaly detection. Selective sampling focuses on the selection of small flows that are usually the source of many network attacks (DDoS, portscans, worm propagation). One of the key objectives of our study is to gain some insight about the feasibility and scalability of the anomaly detection process, by analyzing and understanding the tradeoff of reducing the volume of collected data while still maintaining the accuracy and effectiveness in the anomaly detection. The performance evaluation study is achieved through the adoption and application of an anomaly detection method based on principal component analysis (PCA) using realistic data that have been collected from a real operational university campus network. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • QoSMap: QoS aware Mapping of Virtual Networks for Resiliency and Efficiency

    Publication Year: 2007 , Page(s): 1 - 6
    Cited by:  Papers (4)  |  Patents (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (295 KB) |  | HTML iconHTML  

    We describe QoSMap, an efficient and flexible mechanism for constructing virtual networks on a shared Internet substrate for applications having stringent QoS and resiliency requirements. Applications specify desired overlay topology and weighted network characteristics which serve as resource constraints desired by the application in meeting the QoS expectations. QoSMap uses these constraints to select an overlay consisting of high quality direct paths between nodes from a pool of candidate nodes and paths. In addition to the required overlay topology constructed from direct paths between nodes, QoSMap provides path resiliency by constructing alternate one-hop overlay routes via intermediary nodes having paths that meet or exceed the resource constraints. As a case study, we utilized QoSMap to form an overlay for an application requiring constraints on message delay and loss rates. We describe the design of QoSMap and show that it leads to higher quality and more resilient overlays than does a mechanism which addresses only the minimum QoS requirements of the application. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Threats and Vulnerabilities of Next Generation Satellite Personal Communications Systems: A Defence Perspective

    Publication Year: 2007 , Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (88 KB) |  | HTML iconHTML  

    The Fourth Generation (4G) of wireless communications systems is coming, combining voice and data on a single packet-based all-IP core network, with bandwidth providing data rates in the range of a few to hundreds of MB/s. This new high-speed data network, combined with the latest technology developments, should enable the advent of a multitude of new multimedia applications, which will be available to the user on his own handset. Following the wireless Personal Communications Systems (PCS) trend, Satellite Personal Communications Systems (SPCS) are also expected to provide multimedia applications on this integrated network. However, as this new technology is rolled-out, it is also expected that it will come with its own set of vulnerabilities that could potentially constitute a threat to network reliability and secure communications. Because of its numerous advantages, SPCS is known to be used for security and defence applications by military and paramilitary forces around the world. From a defence perspective, it is therefore imperative to address this potential emerging threat. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Pricing and Measurement-based Optimal Resource Allocation in Next Generation Network Services

    Publication Year: 2007 , Page(s): 1 - 6
    Cited by:  Papers (3)  |  Patents (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (384 KB) |  | HTML iconHTML  

    In this paper, we enhance our previous work regarding optimal resource allocation of next generation network services under a flat pricing scheme and quality of service policies. We present a complete framework that makes our model to dynamically allocate the resources whenever required. In order to do that, we apply an online traffic estimator and we monitor traffic changes using an Exponentially Weighted Moving Average control chart. Hence, the profit maximization of the provider is done efficiently. Finally, the performance of our framework is investigated through various simulation scenarios. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Introducing Smart Cards for WiMAX-based Networking Architecture

    Publication Year: 2007 , Page(s): 1 - 6
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (401 KB) |  | HTML iconHTML  

    Security is a critical issue for the deployment of trustworthy and profitable IEEE 802.16e networks. This paper attempts to define architecture compatible with existing standards. It introduces security APIs dealing with the privacy sublayer, and demonstrates that this proposal is compatible with computing performances of today smart cards. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Cooperative Method for Prefix Hijack Detection in the Internet

    Publication Year: 2007 , Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (270 KB) |  | HTML iconHTML  

    The problem of detecting prefix hijacks in the Internet remains a challenging problem, when considering no single completely accurate source of truth about which organizations have the authority to advertise which prefixes. This paper proposes a method, called Co-Monitor, for prefix hijack detection based on cooperation. In the Co-Monitor overlay network, participating ASes exchange prefix-to-origin mappings defined by them. Through cooperative monitoring, such an event that the prefix origin of a route is inconsistent with the requested mapping can be detected in a comprehensive monitoring scope. To ensure the accuracy, the method adopts source verifying mechanism to confirm prefix hijacks because an announcer answers for its prefixes. We conduct experiments to evaluate the capabilities of the cooperative monitoring method, and results show that ASes have much incentive to join the co-monitor architecture. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Empowerment: Enabler for Personalized Security and Privacy

    Publication Year: 2007 , Page(s): 1 - 6
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (247 KB) |  | HTML iconHTML  

    Personal Networks - is prominent network architecture in realization of the next generation wireless communication systems due its built-in user-centriness. As end-users most often desire control, having strong privacy constrains and technology-oriented approaches are not often usable. The engineers should think their solutions as a white box, not as a black-box solution, of which the end-user sees only the input and the output. This paper highlights the empowerment as an essential tool-box in building end-user trust for personalized security and privacy solution and thus speeding up the use of the 4G networks. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • ADHOCSYS: Robust and Service-Oriented Wireless Mesh Networks to Bridge the Digital Divide

    Publication Year: 2007 , Page(s): 1 - 5
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (565 KB) |  | HTML iconHTML  

    While various wireless mesh networks are being deployed in urban areas and university campuses for diverse purposes, less effort has been devoted to use such networks for broadband access in rural and mountain areas. In this paper, we present a broadband Internet access paradigm using multi-hop wireless mesh networks which is currently being validated using a real-life pilot network deployed in a small village in Northern Italy. This solution is developed by the ADHOCSYS project, which is financed by the European Commission under the FP6 IST strategic objective "broadband for all". Challenges exist in various aspects in order to develop a robust and service-oriented network, including for example network architecture, application scenarios, auto-configuration, routing, QoS, security and authentication, power supply, hardware selection and software development, business model etc. Following a general vision of the project, two key aspects, i. e. routing and QoS, are presented in more details in this paper. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The European Network of Excellence CRUISE Application Framework and Network Architecture for Wireless Sensor Networks

    Publication Year: 2007 , Page(s): 1 - 6
    Cited by:  Papers (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (293 KB) |  | HTML iconHTML  

    This paper presents the main application scenarios under investigation within the network of excellence CRUISE, which is funded in the 1ST 6th framework programme. First an application scenario framework is presented being used for the design process of wireless sensor networks (WSN). Using the framework WSN applications can be compared and contrasted in terms of user, systems requirements, and object interaction. Following the applications are mapped to the sensor network architecture applied in CRUISE and described in the paper. Finally the application scenarios are mapped into the network architecture to demonstrate its generic structure and applicability across multiple application domains. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On Energy-efficient Self-organizing Routing for Wireless Mobile Networks

    Publication Year: 2007 , Page(s): 1 - 6
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (276 KB) |  | HTML iconHTML  

    The instant deployment without relying on an existing infrastructure makes the mobile ad hoc networks (MANET) a striking choice for many dynamic situations. An efficient MANET protocol may be applied to other important emerging wireless technologies such as wireless mesh and sensor networks. This paper proposes a hierarchical routing scheme that is scalable, energy efficient, and self-organizing. The new algorithm is called dynamic leader set generation (DLSG). It dynamically selects leader nodes based on traffic demand, locality, and residual energy level, and de-selects them based on residual energy. Energy consumption and traffic load are therefore balanced throughout the network, and the network reorganizes itself around the dynamically selected leader nodes. Time, space, and message complexities are formally analyzed; implementation issues are addressed. Incorporating the IEEE 802.11 medium access control mechanism including the power saving mode, performance evaluation is carried out by simulating DLSG and four existing hierarchical routing algorithms, which shows that DLSG successfully extends network lifetime by 20-50% while achieves a comparable level of network performance. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Distributed Autonomous Intrusion Detection Framework

    Publication Year: 2007 , Page(s): 1 - 5
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (722 KB) |  | HTML iconHTML  

    In this paper, we present a highly-configurable distributed autonomous intrusion detection framework. It supports a hybrid, integrated and flexible intrusion detection model which consists of a family of intrusion detection agents. Agents can dynamically download and install appropriate modules, signatures and policy files from the central server based on operational requirements. A group key management system is used to provide secure and scalable group communication and group management in A2D2. Flexible intrusion response mechanisms are designed. A data fusion and event analysis engine (mEngine) and an object-based intrusion modeling language (mLanguage) are also designed. Both mEngine and mLanguage are domain-independent. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using the Policy Control system as an auxiliary tool to improve the Service Assurance Process in Telecommunication Networks

    Publication Year: 2007 , Page(s): 1 - 5
    Cited by:  Patents (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (222 KB) |  | HTML iconHTML  

    Telecommunication networks are shifting their role from networks optimized for circuit switched voice into IP-based multi service networks. Doing so enables the delivery of more feature-rich services, such as voice over IP (VoIP), streaming, push to talk (PoC) and mobile TV. Along with this change in network utilization, the infrastructure is also changing, to be able to deliver new and emerging services, as well as existing services, over different access technologies. These access technologies and services will require new tools and methods that are capable of monitoring operation in an efficient and automated manner. Service Assurance is especially important in this context and can be defined as a guarantee that services will be provided according to the expectations of the end-user. This paper shows how the policy control system can be used to enhance and automate the service assurance process without any major impacts on existing network architectures or functionalities. Information dynamically created in the policy control system is used to derive Key Performance Indicators for each media component in a service which are used to monitor and ensure the quality of the service. The benefits of using the policy control system compared to other methods (briefly described) are also explained. The process described in this paper follows the enhanced Telecom operations map (eTom) [1] guidelines for providing service assurance. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Dependable Actuation in Wireless Sensor Networks

    Publication Year: 2007 , Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (140 KB) |  | HTML iconHTML  

    Our protocol uses a publish/subscribe approach to perform reliable actuation on a sensor network with changing topology. Selective actuation on a group of devices can be performed by publishing a message on a topic, and having the group subscribe to that topic. The message contains the data needed to perform the actuation. Our design reduces costly transmissions and uses a soft-state approach to cope with frequent topology changes. Its features and robustness are compared with those of epidemic protocols by means of simulation. Our protocol exhibits more efficient behavior when the actuation targets a selected group of devices within the sensor network; efficiency is similar in other cases. Furthermore, we provide feedback to the external actuating application. The robustness of our proposal is close to that of an epidemic model for moderate bit error rates. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Packet aggregation at access points for concurrent real-time interactions over wireless relay networks

    Publication Year: 2007 , Page(s): 1 - 5
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (438 KB) |  | HTML iconHTML  

    We propose and demonstrate a method for improving capacity for real-time interactive communications over multi-hop wireless networks using WiFi wireless devices. The proposed method uses aggregation of packets at access points designed to avoid bottlenecks in relay traffic and maintain low end-to-end latency. We present experimental results which demonstrate that a relay node can support seven concurrent voice-over-IP (VoIP) sessions using a single 802.11 channel. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • RTRG: Reschedule Trigger to optimize rescheduling frequency for schedule based MAC schemes

    Publication Year: 2007 , Page(s): 1 - 6
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (226 KB) |  | HTML iconHTML  

    Schedule based MAC schemes are not flexible to dynamic network and traffic scenarios. Thus, these schemes can not be applied to real life applications which operate under dynamic conditions. The inflexibility is due to inherent characteristics of schedule based approach and depends mainly on the rescheduling and slot allocation strategies employed. Most schedule based schemes carry out slot allocation only once during the set up phase, or periodically after fixed time interval. Both of these approaches are not optimal. In this paper we propose a mechanism to determine the optimal periodicity of slot re-allocation based on traffic pattern. In our knowledge no other such mechanism exists. Through simulations we show that the proposed mechanism incurs lower overheads compared to both one-time and periodic (fixed period) slot allocation. The performance is improved substantially, by up to 40%. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using Trust in Key Distribution in Wireless Sensor Networks

    Publication Year: 2007 , Page(s): 1 - 5
    Cited by:  Papers (7)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (213 KB) |  | HTML iconHTML  

    This paper presents a new approach of dynamic symmetric key distribution for encrypting the communication between two nodes in a wireless sensor network (WSN). The distribution of a shared key can be performed by any sensor node and does not always require that it is performed by the base station (BS). Each node can be selected by one of its neighbor nodes in order to distribute a pair-wise key for a communication between two nodes. The selection is based on the local computation of a trust value granted by the requesting nodes. This scheme considerably reduces the cost of communication between the BS and the nodes when setting up pair-wise keys between neighboring nodes. Trust is also used to discard keys that were allocated by untrustworthy nodes. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.