By Topic

Integrated Network Management Proceedings, 2001 IEEE/IFIP International Symposium on

Date 14-18 May 2001

Filter Results

Displaying Results 1 - 25 of 69
  • 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No.01EX470)

    Publication Year: 2001
    Save to Project icon | Request Permissions | PDF file iconPDF (135 KB)  
    Freely Available from IEEE
  • Author index

    Publication Year: 2001 , Page(s): 885 - 886
    Save to Project icon | Request Permissions | PDF file iconPDF (51 KB)  
    Freely Available from IEEE
  • Policy division and fusion: examples and a method-or, multiple classifiers considered harmful

    Publication Year: 2001 , Page(s): 545 - 560
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (204 KB) |  | HTML iconHTML  

    Because higher- and lower-level policies do not necessarily correspond one-to-one, a higher-level network policy may have to be translated into two or more lower-level policies, and two or more cooperating higher-level policies may have to be translated into one lower-level policy. The former transformation is called a policy division, and the latter transformation is called a policy fusion. These transformations can be performed mechanically under certain restricted conditions, as described in this paper. In general, however, such transformations are very complicated, and the restrictions cannot be eliminated completely. This is mainly due to the existence of multiple packet classifiers in a set of policies. This paper thus concludes that multiple classifiers should not be introduced, if possible. Policy division and fusion can be avoided in certain cases, but are probably unavoidable in other cases. Given this, these problems should be solved by introducing virtual flow labels to remove harmful classifiers and conducting further studies on policy division and fusion View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Implementation and performance analysis of SNMP on a TLS/TCP base

    Publication Year: 2001 , Page(s): 453 - 466
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (160 KB) |  | HTML iconHTML  

    There is great interest in exploring SNMP/TCP in addition to the current use of SNMP/UDP due to performance benefits for bulk transfer as well as to simplify management applications. If SNMP is implemented over TCP, then TLS is a natural choice for security. However, it must be demonstrated that the additional overhead associated with TLS is not excessive. We show this by implementing SNMP on a TLS/TCP base and measuring its performance experimentally. The results indicate that the overhead is not excessive; consequently SNMP/TLS/TCP appears to be a viable option for network management View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Java API for advanced faults management

    Publication Year: 2001 , Page(s): 483 - 498
    Cited by:  Patents (9)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (364 KB) |  | HTML iconHTML  

    The paper proposes an alternative for modeling managed resources using Java and telecommunication network management standards. It emphasizes functions related to fault management, namely: diagnostic testing and performance monitoring. Based on Java management extension (JMXTM), specific extensions are proposed to facilitate diagnostic testing and performance measurements implementation. The new API also called Java fault management extension (JFMX) consists of managed objects that model real resources being tested or monitored and support objects defined for the need of diagnostic testing and performance measurements. The paper discusses four Java implementations of a 3-tier client/server scenario focusing on the “SystemUnderTest” package of the new API to instrument a minimalist managed system scenario. These implementations are respectively built on top of the following Java based communication infrastructures: JMX/JFMX, RMI, CORBA/Java, and VoyagerTM. The paper extends the Voyager implementation with JMX/JFMX and uses their dynamic and advanced features to provide a highly efficient solution. The later implementation also uses the mobile agent paradigm to overcome well-known limitations of the RPC based implementations View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Semi-active replication of SNMP objects in agent groups applied for fault management

    Publication Year: 2001 , Page(s): 565 - 578
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (152 KB) |  | HTML iconHTML  

    It is often useful to examine management information base (MIB) objects of a faulty agent in order to determine why it is faulty. This paper presents a new framework for semi-active replication of SNMP management objects in local area networks. The framework is based on groups of agents that communicate with each other using reliable multicast. A group of agents provides fault-tolerant object functionality. An SNMP service is proposed that allows replicated MIB objects of a faulty agent of a given group to be accessed through fault-free agents of that group. The presented framework allows the dynamic definition of agent groups, and management objects to be replicated in each group. A practical fault-tolerant tool for local area network fault management was implemented and is presented. The system employs SNMP agents that interact with a group communication tool. As an example, we show how the examination of TCP-related objects of faulty agents have been used in the fault diagnosis process. The impact of replication on network performance is evaluated View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Federated accounting: service charging and billing in a business-to-business environment

    Publication Year: 2001 , Page(s): 107 - 121
    Cited by:  Papers (6)  |  Patents (28)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (208 KB) |  | HTML iconHTML  

    The liberalisation of the telecommunications industry has resulted in a proliferation of new services and services providers. This is particularly the case in the rapidly expanding IP-based services market. Providers include ISPs, virtual private network (VPN) and application service providers, and backbone operators. The final service set delivered to the customer will result from the combination of these service offerings. From a service usage accounting perspective, this new environment creates a number of important challenges, which did not apply in the traditional monopolistic telecommunications environment. The first issue is that of multiple administrative domains from the customer and service provider side and the second issue concerns applying customer service level agreements (SLA) and quality of service (QoS). This paper addresses the issue of settlement of usage charges across several service providers when they collectively provide services to customers. The main issue is to develop standardised mechanisms that allow various business and operation support systems operating in various domains to exchange accounting information. The work presented in this paper focuses on the development of a business-to-business (B2B) service provisioning and management architecture to provide guidance to international organisations on the development of a federated accounting management solution. This architecture aims to be both open and adaptable and is based on standardisation work going on in TMForum (TeleManagement Forum), IPDR (IP detail record), IETF and ETSI (European Telecommunication Standardisation Institute) View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An architecture for self-tuning cellular systems

    Publication Year: 2001 , Page(s): 231 - 245
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (336 KB) |  | HTML iconHTML  

    As cellular networks grow in size and complexity, the process of managing them becomes increasingly costly for mobile operators. It is therefore important to focus on simplifying or automating these tasks. This paper describes an architecture that supports automated management of a cellular network. Automation can be done by gathering and processing measurements from the network resources and, based upon the results, feeding back configuration commands. Due to potentially large networks, the large number of measurements needed, and the distributed nature of a cellular system, there is a need for a distributed architecture. This paper proposes such an architecture and describes evaluation results using this architecture in a field trial at the operator SmarTone in Hong Kong. Results from the field trial show that the suggested agent/task pattern is well suited to implementing self-tuning algorithms View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A network management framework for multi-layered network survivability: an overview

    Publication Year: 2001 , Page(s): 293 - 296
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (80 KB) |  | HTML iconHTML  

    We consider an interconnected network environment where one network can act as a `provider' or `service' network to the `user' network or a collection of `user' networks. In such an environment, a major failure in a provider network can affect the user networks. Very often, failure management is addressed in each individual network domain independently. We present an overview of a loosely-coupled network management framework through the development of a multi-layered network manager of managers concept for correlated management, for failure cases that can not be addressed by each component network individually View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An active approach to characterizing dynamic dependencies for problem determination in a distributed environment

    Publication Year: 2001 , Page(s): 377 - 390
    Cited by:  Papers (27)  |  Patents (14)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (612 KB) |  | HTML iconHTML  

    We describe a methodology for identifying and characterizing dynamic dependencies between system components in distributed application environments such as e-commerce systems. The methodology relies on active perturbation of the system to identify dependencies and the use of statistical modeling to compute dependency strengths. Unlike more traditional passive techniques, our active approach requires little initial knowledge of the implementation details of the system and has the potential to provide greater coverage and more direct evidence of causality for the dependencies it identifies. We experimentally demonstrate the efficacy of our approach by applying it to a prototypical e-commerce system based on the TPC-W Web commerce benchmark, for which the active approach correctly identifies and characterizes 41 of 42 true dependencies out of a potential space of 140 dependencies. Finally, we consider how the dependencies computed by our approach can be used to simplify and guide the task of root-cause analysis, an important part of problem determination View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A time-aware fault diagnosis system in LAN

    Publication Year: 2001 , Page(s): 499 - 512
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (700 KB) |  | HTML iconHTML  

    In today's cyber-world, network faults not only bring unexpected damages and misgiving to the enterprises, but also cause the loss of customers without a sign. To promote the quality of network services and the competition of enterprises, plenty of network management activities are funded to develop competent fault management mechanisms. In this paper, we offer a fault diagnosis mechanism for effective and automated network fault isolation. This mechanism uses finite state machine (FSM) to model refined fault propagation behaviors. The concept called fault propagation duration is also incorporated into the mechanism and combined with the FSM-based fault propagation knowledge to realize the mechanism. Based on the diagnosis mechanism, an automated fault diagnosis system called alarm correlation view (ACView) for isolating network faults is built. This diagnosis system can not only provide the automated process of alarm collection, alarm correlation, and fault isolation, but identify the propagation of each fault with a corresponding severity View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A framework for automated unit testing of live network clouds

    Publication Year: 2001 , Page(s): 579 - 592
    Cited by:  Patents (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (232 KB) |  | HTML iconHTML  

    Network testing can be classified into different realms, each with its separate but complementary advantages. Network element-testing deals with the verification of a network node (of a switch, router or a firewall) from some proximity and with some understanding of its specific characteristics. Network cloud-testing, on the other hand, focuses on the aggregates of such nodes, typically from a distance and with some abstraction of the underlying specific technologies as well as topologies. End-to-end testing, the most intuitive of all, probes a complete traversal of a network cloud by sending, as an example a ping message from an end-station to another. Testing a network within the confines of an engineering laboratory enjoys the comfort of avoiding intrusiveness into an enterprise whereas testing a live network enables the diagnosis of some subtle and otherwise unobservable problems. The “Regatta” framework, described in this paper, establishes a network software infrastructure, a framework, supporting all modalities of network testing, and even more interestingly enabling switching back and forth dynamically between them in a fully automated way, following the requirements of the circumstances. Based on the dynamic extensibility of Java, as well as its mobility characteristics, Regatta takes advantage of this software technology, but also encounters its short-comings as a challenge View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Monitoring OSPF routing

    Publication Year: 2001 , Page(s): 825 - 838
    Cited by:  Papers (2)  |  Patents (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (216 KB) |  | HTML iconHTML  

    We present the design and the implementation of an open shortest path first (OSPF) monitoring service hooked up to a managed IP network, enabling the administrator to be aware of the paths currently taken by IP packets throughout the OSPF domain. Such a service represent an advance over tools available today that offer off-line emulations of routing protocols, or that track network routing behavior in a local, semi-static manner. The proposed routing monitoring service has applications to network management functions such as QoS service fulfilment, performance analysis and SLA verification View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • MIB variable based fault classification: the next step towards proactive management

    Publication Year: 2001 , Page(s): 469 - 481
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (588 KB) |  | HTML iconHTML  

    Faults can be classified using information contained in the MIB variables. It is observed that distinct changes in the MIB data characteristics precede different fault types. Previous work has shown that network faults can be predicted using MIB data. Now with the possibility of classifying faults, network alarms can be associated with specific fault types. Associating a network alarm with a specific network fault is an essential pre-requisite for automated recovery. In our current work we describe the classification of four different faults: network access problems, protocol implementation error, runaway process and file server failures. We also show that a simple discriminant function scheme that accounts for spatial correlations in the MIB data performs better than common majority-voting schemes View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • SHAMAN-an environment for distributed management applications

    Publication Year: 2001 , Page(s): 321 - 324
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (64 KB) |  | HTML iconHTML  

    SHAMAN is a framework for hierarchical management of networks with SNMP that provides flexible and dynamic network management by permitting distribution of control and management functions over a hierarchical management structure. We have implemented a prototype software package that contains a SHAMAN intermediate manager (IM), a GUI for controlling the IM and for developing applications for it, and an example application of location management in a mobile tactical battlefield network View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A framework for integrated management of mobile-stations over-the-air

    Publication Year: 2001 , Page(s): 247 - 256
    Cited by:  Papers (1)  |  Patents (7)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (200 KB) |  | HTML iconHTML  

    Mobile devices are in the process of evolution. The capabilities that 3G promises open up a number of new possibilities for mobile communications. Future mobile devices will be communication devices with computational capabilities supporting a wide variety of applications that require high data rates, capacity and multimedia capabilities. To support high quality services and improve the satisfaction of the users, over-the-air management of parameters and resources in a mobile station (MS) would be useful. There are emerging standards and technologies to bring manageability to a mobile hand-held device. This paper discusses the issues in over-the-air management and introduces a framework for over the air management of CDMA MSs leveraging the wireless application protocol (WAP) View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Models and analysis of trade-offs in distributed network management approaches

    Publication Year: 2001 , Page(s): 391 - 404
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (216 KB) |  | HTML iconHTML  

    This paper develops an analytical framework to model and compare different distributed approaches for network monitoring. The performance of each scheme is evaluated in terms of traffic, completion time, and processing and memory resources. It is shown that distributed approaches have considerable advantages over traditional centralized network management, but a single distributed approach may not be best for all applications. Analytical results suggest that the weak mobility approach performs well for routine monitoring, and the mobile agent approach is well suited for searching types of applications. However, the best approach for a given application will depend on many parameters requiring careful quantification View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Management of end-to-end security in collaborative IP network environments

    Publication Year: 2001 , Page(s): 639 - 655
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (252 KB) |  | HTML iconHTML  

    Growth in popularity of the Internet has spawned a great interest in collaborative IP networks that support collaborative meetings between individuals or groups located at remote stations. The emphasis on security of information transfer during these meetings has made the management of end-to-end security in collaborative IP network environments, that may involve the creation of ad hoc communication networks that contain the Internet as an intermediate network, an important research issue. Addition of security features through standard methods gives rise to complex incompatibility problems resulting from the specific routing and address translation schemes that may be in place in these networks. The development of enhanced protocols that remove this incompatibility and ensure interoperability between security functions and address translation functions is discussed in this paper. Detailed steps in ensuring end-to-end security in various cases involving change of IP address, change of both IP address and the port, and the use of encapsulation security payload implemented in transport mode are described. The enhanced protocols presented here support generic implementation in the sense that the implementation of the security-related protocol is transparent to the use or not of the address translation scheme. For providing a proof of concept demonstration of the proposed solutions, the structure of a prototype collaborative network, which employs the Internet as an intermediate communication medium for supporting videoconferencing between remote stations, is outlined View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Managing a differentiated quality of service in a World Wide Web server

    Publication Year: 2001 , Page(s): 309 - 312
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (236 KB) |  | HTML iconHTML  

    This paper discusses issues related to managing a Web sever that supports differentiated QoS. An architecture and a prototype based on that architecture are presented View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A dynamic group management framework for large-scale distributed event monitoring

    Publication Year: 2001 , Page(s): 361 - 374
    Cited by:  Papers (2)  |  Patents (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (804 KB) |  | HTML iconHTML  

    Distributed event monitoring is an important service for fault, performance and security management. Next generation event monitoring services are highly distributed and involve a large number of monitoring agents. In order to support scalable event monitoring, the monitoring agents use IP multicasting for disseminating events and control information. However, due to the dynamic nature of event detection and correlation in distributed monitoring, devising an efficient group management for agents organization and coordination becomes a challenging issue. This paper presents an adaptive group management framework that dynamically re-configures the group structures and membership assignments at run-time according to the event correlation requirements and allows for optimal delivery of multicast messages between the management entities. This framework provides techniques for solving agents' state synchronization, collision-free group allocation and agents bootstrap problems in distributed event monitoring. The presented framework has been implemented within a HiFi system which is a distributed hierarchical monitoring system View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • MPLS management using policies

    Publication Year: 2001 , Page(s): 515 - 528
    Cited by:  Papers (6)  |  Patents (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (172 KB) |  | HTML iconHTML  

    Multi-protocol label switching (MPLS) is in the process of standardization by the Internet Engineering Task Force (IETF). It is regarded as a technology for traffic engineering and QoS in IP-networks. In this paper, we address the management of MPLS networks, which is crucial for large networks. We decided to follow the IETF Policy Framework approach and extended the common information model (CIM) for policies with MPLS specific classes. MPLS introduces the notion of a label switched path (LSP), possibly covering an entire network, which calls for an extension of the IETF Policy Framework into the direction of network and service management issues. We address this by preparing a three-level policy architecture including managing on device, network, and service level using policies. However, the main focus of the paper is the management of MPLS with network-level policies. We describe a prototypical implementation of a policy-based management system for MPLS, operating on network elements represented in a network simulator View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Proactive detection of distributed denial of service attacks using MIB traffic variables-a feasibility study

    Publication Year: 2001 , Page(s): 609 - 622
    Cited by:  Papers (18)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (184 KB) |  | HTML iconHTML  

    We propose a methodology for utilizing network management systems for the early detection of distributed denial of service (DDoS) attacks. Although there are quite a large number of events that are prior to an attack (e.g. suspicious log-ons, start of processes, addition of new files, sudden shifts in traffic, etc.), in this work we depend solely on information from MIB (management information base) traffic variables collected from the systems participating in the attack. Three types of DDoS attacks were effected on a research test bed, and MIB variables were recorded. Using these datasets, we show how there are indeed MIB-based precursors of DDoS attacks that render it possible to detect them before the target is shut down. Most importantly, we describe how the relevant MIB variables at the attacker can be extracted automatically using statistical tests for causality. It is shown that statistical tests applied in the time series of MIB traffic at the target and the attacker are effective in extracting the correct variables for monitoring in the attacker machine. Following the extraction of these key variables at the attacker, it is shown that an anomaly detection scheme, based on a simple model of the normal rate of change of the key MIBs can be used to determine statistical signatures of attacking behavior. These observations suggest the possibility of an entirely automated procedure centered on network management systems for detecting precursors of distributed denial of service attacks, and responding to them View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A development framework for network management systems based on reconfigurable components

    Publication Year: 2001 , Page(s): 301 - 304
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (112 KB) |  | HTML iconHTML  

    This contribution presents a prototype of network management framework based on distributed plug-in component technology. The main innovative aspect is the exhibited capacity to facilitate network management applications to be reconfigured at runtime by changing the communication channels used by the constituent components to communicate. This adds great flexibility because the system functionality is not “closed” at the system design time. The ensemble constitutes a development framework for component-based management applications. A scenario is presented to demonstrate the system in action View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Open source components for Internet management by delegation

    Publication Year: 2001 , Page(s): 185 - 198
    Cited by:  Patents (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (176 KB) |  | HTML iconHTML  

    The joint Jasmin project of the Technical University of Braunschweig and NEC C&C Research Laboratories is concerned with the development, implementation and practical evaluation of the management by delegation architecture standardized by the Distributed Management (DISMAN) working group of the IETF. This paper presents the open source software components that have been developed over two years within the Jasmin project, namely the Jasmin DISMAN-SCRIPT-MIB SNMP agent with its Java and Tcl runtime engines, a Java package for higher level operations on the DISMAN-SCRIPT-MIB and DISMAN-SCHEDULE-MIB agents, a Java GUI application for interacting with DISMAN-SCRIPT-MIB agents, a Java AgentX sub-agent toolkit that simplifies the development of scripts exporting new MIB objects, a package that facilitates the development of monitoring scripts, and a DISMAN-SCHEDULE-MIB sub-agent. Besides describing the software components and their relations, we also present some project history and experiences specific to open source software development View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Managing application service dependencies with XML and the resource description framework

    Publication Year: 2001 , Page(s): 661 - 674
    Cited by:  Papers (5)  |  Patents (10)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (228 KB) |  | HTML iconHTML  

    This paper describes a novel approach for applying XML, XPath and RDF to the problem of describing, querying and computing the dependencies among services in a distributed computing system. This becomes increasingly important in today's networked environments where applications and services rely on both local and outsourced sub-services. However, service dependencies are not made explicit in today's systems, thus making the task of problem determination particularly difficult. A key contribution of the paper is a Web-based architecture for retrieving and handling dependency information from various managed resources. Its core component is a dependency query facility allowing the application of queries and filters to dependency models; its output is a consolidated dependency graph that can then be used by fault management applications to perform additional problem determination tasks or event correlation. The definition of an XML based notation for specifying dependencies facilitates information sharing between the components involved in the process View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.