Issue 3 • Date Third Quarter 2010
Third Quarter 2010 IEEE Communications Surveys & TutorialsPage(s): 285 - 286| | PDF (90 KB)
Usage of payment cards such as credit cards, debit cards, and prepaid cards, continues to grow. Security breaches related to payment cards have led to billion dollar losses annually. In order to offset this trend, major payment card networks have founded the Payment Card Industry (PCI) Security Standards Council (SSC), which has designed and released the PCI Data Security Standard (DSS). This standard guides service providers and merchants to implement stronger security infrastructures that reduce the risks of security breaches. This article mainly discusses the need for the PCI DSS and the data security requirements defined in the standard to address the ongoing security issues, especially those pertaining to payment card data handling. It also surveys various technical solutions, offered by a few security vendors, for merchant companies and organizations involved in payment card transaction processing to comply with the standard. The compliance of merchants or service providers to the PCI DSS are assessed by PCI Qualified Security Assessors (QSAs). This article thus discusses the requirements to become PCI QSAs. In addition, it introduces the PCI security scanning procedures that guide the scanning of security policies of a merchant or service provider and prepare relevant reports. We believe that this survey sheds light on potential technical research problems pertinent to the PCI DSS and its compliance. View full abstract»
The Transmission Control Protocol (TCP) carries most Internet traffic, so performance of the Internet depends to a great extent on how well TCP works. Performance characteristics of a particular version of TCP are defined by the congestion control algorithm it employs. This paper presents a survey of various congestion control proposals that preserve the original host-to-host idea of TCP-namely, that neither sender nor receiver relies on any explicit notification from the network. The proposed solutions focus on a variety of problems, starting with the basic problem of eliminating the phenomenon of congestion collapse, and also include the problems of effectively using the available network resources in different types of environments (wired, wireless, high-speed, long-delay, etc.). In a shared, highly distributed, and heterogeneous environment such as the Internet, effective network use depends not only on how well a single TCP-based application can utilize the network capacity, but also on how well it cooperates with other applications transmitting data through the same network. Our survey shows that over the last 20 years many host-to-host techniques have been developed that address several problems with different levels of reliability and precision. There have been enhancements allowing senders to detect fast packet losses and route changes. Other techniques have the ability to estimate the loss rate, the bottleneck buffer size, and level of congestion. The survey describes each congestion control alternative, its strengths and its weaknesses. Additionally, techniques that are in common use or available for testing are described. View full abstract»
Intrusion detection is an important area of research. Traditionally, the approach taken to find attacks is to inspect the contents of every packet. However, packet inspection cannot easily be performed at high-speeds. Therefore, researchers and operators started investigating alternative approaches, such as flow-based intrusion detection. In that approach the flow of data through the network is analyzed, instead of the contents of each individual packet. The goal of this paper is to provide a survey of current research in the area of flow-based intrusion detection. The survey starts with a motivation why flow-based intrusion detection is needed. The concept of flows is explained, and relevant standards are identified. The paper provides a classification of attacks and defense techniques and shows how flow-based techniques can be used to detect scans, worms, Botnets and (DoS) attacks. View full abstract»
Pre-congestion notification (PCN) provides feedback about load conditions in a network to its boundary nodes. The PCN working group of the IETF discusses the use of PCN to implement admission control (AC) and flow termination (FT) for prioritized realtime traffic in a DiffServ domain. Admission control (AC) is a well-known flow control function that blocks admission requests of new flows when they need to be carried over a link whose admitted PCN rate already exceeds an admissible rate. Flow termination (FT) is a new flow control function that terminates some already admitted flows when they are carried over a link whose admitted PCN rate exceeds a supportable rate. The latter condition can occur in spite of AC, e.g., when traffic is rerouted due to network failures. This survey gives an introduction to PCN and is a primer for this new technology. It presents and discusses the multitude of architectural design options in an early stage of the standardization process in a comprehensive and streamlined way before only a subset of them is standardized by the IETF. It brings PCN from the IETF to the research community and serves as historical record. View full abstract»
The next-generation Wireless Metropolitan Area Networks, using the Worldwide Interoperability for Microwave Access (WiMAX) as the core technology based on the IEEE 802.16 family of standards, is evolving as a Fourth-Generation (4G) technology. With the recent introduction of mobility management frameworks in the IEEE 802.16e standard, WiMAX is now in competition with the existing and forthcoming generations of wireless technologies for providing ubiquitous computing solutions. However, the success of a good mobility framework largely depends on the capability of performing fast and seamless handovers irrespective of the deployed architectural scenario. Now that the IEEE has defined the Mobile WiMAX (IEEE 802.16e) MAC-layer handover management framework, the Network Working Group (NWG) of the WiMAX Forum is working on the development of the upper layers. However, the path to commercialization of a full-fledged WiMAX mobility framework is full of research challenges. This article focuses on potential handover-related research issues in the existing and future WiMAX mobility framework. A survey of these issues in the MAC, Network and Cross-Layer scenarios is presented along with discussion of the different solutions to those challenges. A comparative study of the proposed solutions, coupled with some insights to the relevant issues, is also included. View full abstract»
RFID technologies have revolutionized the asset tracking industry, with applications ranging from automated checkout to monitoring the medication intakes of elderlies. In all these applications, fast, and in some cases energy efficient, tag reading is desirable, especially with increasing tag numbers. In practice, tag reading protocols face many problems. A key one being tag collision, which occurs when multiple tags reply simultaneously to a reader. As a result, an RFID reader experiences low tag reading performance, and wastes valuable energy. Therefore, it is important that RFID application developers are aware of current tag reading protocols. To this end, this paper surveys, classifies, and compares state-of-the-art tag reading protocols. Moreover, it presents research directions for existing and future tag reading protocols. View full abstract»
Researchers in both academia and industry have accepted OFDMA as the most appropriate air-interface for the emerging broadband wireless access networks and standards. A number of IEEE working groups and various research forums are focusing on developing relay and mesh-enabled networks with cooperative communication features. Among these research efforts are IEEE 802.11s, IEEE 802.16j/m, and 3GPP's advanced long term evolution (LTE-advanced). The combination of OFDMA with relaying techniques provides rich opportunities for cost-effective and high-performance networks. To exploit such opportunities requires intelligent radio resource management (RRM) algorithms. Although a number of publications have highlighted the important and challenging issues involved in designing RRM algorithms for OFDMA networks, only recently a number of papers have investigated relay-enhanced OFDMA-based multicellular networks. By and large, the literature indicates that these issues constitute a hot research topic that will continue to attract interest. This paper provides a survey of the current literature on OFDMA networks enhanced with decode-and-forward relaying and provides their link to earlier literature in non-OFDMA networks. In addition, a rich list of references is provided to direct the readers toward some of the emerging techniques. View full abstract»
Aims & Scope
IEEE Communications Surveys & Tutorials is an online journal published by the IEEE Communications Society for tutorials and surveys covering all aspects of the communications field. Telecommunications technology is progressing at a rapid pace, and the IEEE Communications Society is committed to providing researchers and other professionals the information and tools to stay abreast.
Meet Our Editors
Ekram Hossain, Ph.D., P.Eng.
University of Manitoba