Showing papers in "IEEE Network in 2002"

Scalable routing protocols for mobile ad hoc networks

Abstract: The growing interest in mobile ad hoc network techniques has resulted in many routing protocol proposals. Scalability issues in ad hoc networks are attracting increasing attention these days. We survey the routing protocols that address scalability. The routing protocols included in the survey fall into three categories: flat routing protocols; hierarchical routing approaches; GPS augmented geographical routing schemes. The article compares the scalability properties and operational features of the protocols and discusses challenges in future routing protocol designs.

Traffic grooming in WDM networks: past and future

Abstract: Traffic grooming refers to techniques used to combine low-speed traffic streams onto high-speed wavelengths in order to minimize the networkwide cost in terms of line terminating equipment and/or electronic switching. Such techniques become increasingly important for emerging network technologies, including SONET/WDM rings and MPLS/MP/spl lambda/S backbones, for which traffic grooming is essential. In this article we formally define the traffic grooming problem, and we provide a general formulation that captures the features of a wide range of problem variants. We then present a comprehensive comparative survey of the literature that unveils the significant amount of research on this subject (the traffic grooming past). We also offer a broad set of ambitious research directions (the traffic grooming future) that are motivated by the exciting new challenges arising with the advent of MP/spl lambda/S technology.

Simplifying network administration using policy-based management

Abstract: The management of network infrastructure in an enterprise is a complex and. daunting affair. In an era of increasing technical cornplexity, it is becoming difficult to find trained personnel who can manage the new features introduced into the various servers, routers, and switches. Policy-based network management provides a means by which the administration process can be simplified and largely automated. In this article we look at a general policy-based architecture that can be used to simplify several new technologies emerging in the context of IP networks. We explain how network administration can be simplified by defining two levels of policies, a business level and a technology level. We discuss how business-level policies are validated and transformed into technology-level policies, and present some algorithms that can be used to check for policy conflicts and unreachable policies. We then show how to apply this architecture to two areas: managing performance service level agreements, and supporting enterprise extranets using IPSec communication.

SIP security issues: the SIP authentication procedure and its processing load

Abstract: Session Initiation Protocol (SIP) is currently receiving much attention and seems to be the most promising candidate as a signaling protocol for the current and future IP telephony services, also becoming a real competitor to the plain old telephone service. For the realization of such a scenario, there is an obvious need to provide a certain level of quality and security, comparable to that provided by the traditional telephone systems. While the problem of QoS mostly refers to the network layer, the problem of security is strictly related to the signaling mechanisms and the service provisioning model. For this reason, at present, a very hot topic in the SIP and IP telephony standardization track is security support. In this work, the security model used by SIP is described, and the different open issues are highlighted. We focus, in particular, on the problem of authentication providing a short tutorial on the solution under standardization. The architecture of a possible commercial IP telephony service including user authentication is also described. Finally, we focus on performance issues. By means of a real testbed implementation, we provide an experimental performance analysis of the SIP security mechanisms, based on our open source Java implementation of a SIP proxy server. The performance of the server has been compared with and without security support, under various scenarios.

Security and management policy specification

Abstract: Policies are rules governing the choices in behavior of a system. They are increasingly being used as a means of implementing flexible and adaptive systems for management of Internet services, networks, and security systems. There is also a need for a common specification of security policy for large-scale multi-organizational systems where access control is implemented in a variety of heterogeneous components. In this article we survey both security and management policy specification approaches, concentrating on practical systems in which the policy specification can be directly translated into an implementation.

Internet infrastructure security: a taxonomy

Abstract: The pervasive and ubiquitous nature of the Internet coupled with growing concerns about cyber terrorism demand immediate solutions for securing the Internet infrastructure. So far, the research in Internet security primarily focused on. securing the information rather than securing the infrastructure itself. Given the prevailing threat situation, there is a compelling need to develop architectures, algorithms, and protocols to realize a dependable Internet infrastructure. In order to achieve this goal, the first and foremost step is to develop a comprehensive understanding of the security threats and existing solutions. This article attempts to fulfill this important step by providing a taxonomy of security attacks, which are classified into four main categories: DNS hacking, routing table poisoning, packet mistreatment, and denial-of-service attacks. The article discusses the existing solutions for each of these categories, and also outlines a methodology for developing secure protocols.

The effect of packet reordering in a backbone link on application throughput

Abstract: Packet reordering in the Internet is a well-known phenomenon. As the delay and speed of backbone links continue to increase, what used to be a negligible amount of packet reordering may now, combined with some level of dropped packets, cause multiple invocations of fast recovery within a TCP window. This may result in a significant drop in link utilization and hence in application throughput. What adds to the difficulty is that packet reordering is a silent problem. It may result in significant application throughput degradation while leaving little to no trace. In this article we try to measure and quantify the effect of reordering packets in a backbone link that multiplexes multiple TCP flows on application throughput. Different operating systems and delay values as well as various types of flow mixes were tested in a laboratory setup. The results show that only a small percentage of reordered packets, by at least three packet locations, in a backbone link can cause significant degradation of application throughput. Long flows are affected most. Due to the potential impact of this phenomenon, minimization of packet reordering as well as mitigating the effect algorithmically should be considered.

On the scalability of data synchronization protocols for PDAs and mobile devices

Abstract: Personal digital assistants and other mobile computing devices rely on synchronization protocols in order to maintain data consistency. These protocols operate in environments where network resources such as bandwidth, memory and processing power are limited. We examine a number of popular and representative synchronization protocols, such as Palm's HotSync, Pumatech's Intellisync and the industry-wide SyncML initiative. We investigate the scalability performance of these protocols as a function of data and network sizes and compare them to a novel synchronization approach, CPISync, which addresses some of their scalability concerns. The conclusions of this survey are intended to provide guidance for handling scalability issues in synchronizing data on large, heterogeneous, tetherless networks.

A multi-agent decision support system for stock trading

Abstract: A distributed problem solving system can be characterized as a group of individual cooperating agents running to solve common problems. As dynamic application domains continue to grow in scale and complexity, it becomes more difficult to control the purposeful behavior of agents, especially when unexpected events may occur. This article presents an information and knowledge exchange framework to support distributed problem solving. From the application viewpoint the article concentrates on the stock trading domain; however, many presented solutions can be extended to other dynamic domains. It addresses two important issues: how individual agents should be interconnected so that their resources are efficiently used and their goals accomplished effectively; and how information and knowledge transfer should take place among the agents to allow them to respond successfully to user requests and unexpected external situations. The article introduces an architecture, the MASST system architecture, which supports dynamic information and knowledge exchange among the cooperating agents. The architecture uses a dynamic blackboard as an interagent communication paradigm to facilitate factual data, business rule, and command exchange between cooperating MASST agents. The critical components of the MASST architecture have been implemented and tested in the stock trading domain, and have proven to be a viable solution for distributed problem solving based on cooperating agents.

Intrastream synchronization for continuous media streams: a survey of playout schedulers

Abstract: The transmission of real-time streams over best effort networks has been an interesting research area for over a decade. An important objective of the research community has been to devise methods that cope with the variations of the network delay-also called delay jitter-that are an inherent characteristic of best effort networks. Jitter destroys the temporal relationships between periodically transmitted media units, that constitute a real-time media stream, thus hindering the comprehension of the stream. Playout adaptation algorithms undertake the labor of the temporal reconstruction of the stream, which is sometimes referred to as the restoration of its' intrastream synchronization quality. This article surveys the work in the area of playout adaptation, aiming to concisely organize ideas that have been presented in isolation and identify the main points of differentiation among different schemes. The survey, discusses issues related to timing information, handling of late media units, quality evaluation metrics, and adaptation to changing delay conditions.

A policy-based quality of service management system for IP DiffServ networks

Abstract: Policy-based management can guide the behavior of a network or distributed system through high-level declarative directives that are dynamically introduced, checked for consistency, refined, and evaluated, resulting typically in a series of low-level actions. We actually view policies as a means of extending the functionality of management systems dynamically, in conjunction with preexisting hard-wired management logic. We first discuss the policy management aspects of architecture for managing quality of service in IP DiffServ networks as presented by Trimintzios et al. (see IEEE Commun. Mag., Special Issue in IP Operations and Management, vol.39, no.5, p.80-88, 2001), and focus on the functionality of the dimensioning and resource management aspects. We then present an analysis of the policies that can influence the dimensioning behavior as well as the inconsistencies that may be caused by the introduction of such policies. Finally, we describe the design and implementation of the generic policy consumer component and present the current implementation status.

Mobile agents and their use for information retrieval: a brief overview and an elaborate case study

Abstract: Mobile agents emerged in the mid-1990s, and have raised considerable interest in the research community. The proponents associate several benefits with their use. However, there are still very few quantitative measurements to back the claimed benefits. This article is devoted to mobile agents and their use for information retrieval. We provide a brief overview and an elaborate case study. The overview introduces the concept of mobile agent, enumerates the claimed benefits, and reviews the hindrances to widescale deployment. It also discusses the state of the art of mobile-agent-based information retrieval, including the very few quantitative studies that exist. Our case study is on information retrieval from electronic calendars for multiparty event scheduling. Many events require the participation of several parties. Prior knowledge of the date when most (if not all) targeted participants are available is often a prerequisite for scheduling them. However, identifying this date can easily turn into a nightmare, especially when the number of targeted participants is large. Nowadays, electronic agendas (e.g., MS Outlook) are stored on servers. An application can access them, retrieve information on the availability of the targeted participants, and derive the date from the information. In the case study, a mobile agent is dispatched in the network, instead of retrieving the information using the client/server paradigm. The agent visits the servers, accesses the agendas, retrieves the information, and identifies the date. Finding a date suitable for several potential participants may require the rescheduling of some events that have been previously arranged by some participants. We propose the use of agents that act as the personal agents of the participants for the negotiation inherent to this rescheduling. The measurements we have made indicate clearly that the mobile-agent-based approach outperforms its client/server counterpart even when the latter is optimized. These results can easily be transposed to most information retrieval applications, and demonstrate, for this specific application domain, the performance benefit associated with mobile agents. We now dispatch a single agent in the network. In the future, we will dispatch several agents.

QoS control by means of COPS to support SIP-based applications

Abstract: The COPS protocol has been designed to enable communication on the interface between the policy decision administrator and the policy enforcement devices in a policy-based networking environment. It can be recognized that on the same interface there is the need to transfer information related to the request of resource by QoS clients and for the allocation of resources by resource allocation servers (e.g., bandwidth broker) in a DiffServ network. Hence, it is sensible to add this resource allocation functionality in the COPS framework. In particular, there are at least two cases where it is sensible to use COPS. The first case is on the interface between an edge node and a resource control node for handling resource allocation in a network provider domain. The second case is on the interface between a customer (client of a QoS enabled network) and the network provider: here COPS can be used as a protocol to signal dynamic admission control requests. In this article we present the definition of a new COPS client type to support the above-mentioned functionality, then describe an application scenario where SIP-based IP telephony applications can use Diffserv-based QoS networks. Simple backward-compatible enhancements to SIP are needed to interact with COPS/Diffserv QoS. A testbed implementation of the proposed solutions is finally described.

Exploiting agent mobility for large-scale network monitoring

Abstract: As networks become pervasive, the importance of efficient information gathering for purposes such as monitoring, fault diagnosis, and performance evaluation increases. Distributed monitoring systems based on either management protocols such as SNMP or distributed object technologies such as CORBA can cope with scalability problems only to a limited extent. They are not well suited to systems that are both very large and highly dynamic because the monitoring logic, although possibly distributed, is statically predefined at design time. This article presents an active distributed monitoring system based on mobile agents. Agents act as area monitors not bound to any particular network node that can "sense" the network, estimate better locations, and migrate in order to pursue location optimality. Simulations demonstrate the capability of this approach to cope with large-scale systems and changing network conditions.

An all-IP approach for UMTS third-generation mobile networks

Abstract: This article describes the UMTS all-IP approach for third-generation mobile systems, with emphasis on the core network architecture. Following the introduction of the core network nodes, we elaborate on application-level registration, circuit-switched call origination, packet-switched call origination, and packet-switched call termination.

Policy-based management of content distribution networks

Abstract: We present a policy-based architecture for the control and management of content distribution networks that form an overlay of caching proxies over an underlying physical network. The architecture extends the policy framework used for controlling network quality of service (QoS) and security to content distribution networks. The fundamental advantage of a policy-based framework is that it allows a machine-independent scheme for managing multiple devices from a single point of control. In this article we describe this architecture and demonstrate how it enables dynamic updates to content distribution policies. Furthermore, we analyze the impact of such dynamic distribution on the cost of content serving.

AAA: a survey and a policy-based architecture and framework

Abstract: The commercialization of the Internet has led to a large variety of business models based on Internet technology. Therefore, the demand for standardized and efficient solutions in support of reliable, secure, open, and flexible remote and mobile service accesses has increased. Existing authentication, authorization, and accounting systems still consider dedicated cases, but lack a generic approach. More general AAA services can be built by extending existing mechanisms and protocols for access scenarios other than dialup or PPP connections. While this work is performed mainly by the IETF AAA Working Group, another approach proposed by the IRTF AAAArch Research Group is termed AAA Architecture. This article surveys the state of the art in AAA and develops a new generic policy-based approach, A/sup x/, for AAA services and beyond, considering flexible levels of various services in an Internet service model, ranging from connectivity to content services.

A survey of multicasting protocols for broadcast-and-select single-hop networks

Abstract: Multicast communication in single-hop broadcast-and-select wavelength-division multiplexing networks has received considerable attention from researchers. This article presents a comprehensive survey of the multicast scheduling techniques in this environment. It considers different challenges that are faced in the design of the multicasting techniques and presents a classification of such schemes. A survey of specific techniques is then presented and a comparison is drawn between such techniques.

An integrated service architecture for managing capital market systems

Abstract: This article studies current developments and trends in the area of capital market systems. In particular, it defines the trading lifecycle and the activities associated with it. The article then investigates opportunities for the integration of legacy systems and existing communication protocols through distributed integrated services that correspond to established business processes. These integrated services link to basic services such as an exchange, a settlement, or a registry service. Examples of such integrated services include pre-trade services (e.g., analytics) or post-trade services (e.g., surveillance). The article then presents the various levels of integration in capital market systems and discusses the standards in place. It establishes that most interactions occur at a low level of abstraction such as the network (e.g., TCP/IP), data format (e.g., FIX, XML), and middleware levels (e.g., CORBA). Finally, the article discusses a software development methodology based on the use of design patterns. These design patterns address the essential aspects of managing integrated services in a technology-independent fashion. These aspects are service wrapping, service composition, service contracting, service discovery, and service execution. The objective of the methodology is to facilitate the rapid development of new integrated services that correspond to emerging business opportunities.

QoS routing for MPLS networks employing mobile agents

Abstract: The implementation of new networking technologies, such as multiprotocol label switching and differentiated services, will introduce powerful features to the near-future Internet backbone, making a significant contribution to the overall end-to-end provision of quality of service. However, to achieve such an improvement these technologies require not only effective support from current routing algorithms, but also enhanced capabilities, which are currently being developed. To contribute to this development, a novel and powerful scheme is introduced in this article that provides a means of supporting QoS routing through the use of mobile software agents. Specifically, we describe the use of mobile agents to efficiently realize multipoint-to-point routing trees by means of the Wave paradigm, while satisfying the QoS requirements of the set of traffic streams involved in the process. Both benefits and important issues to be considered when using mobile agent schemes in QoS routing are further stressed.

Projecting advanced enterprise network and service management to active networks

Abstract: Active networks is a promising technology that allows us to control the behavior of network nodes by programming them to perform advanced operations and computations. Active networks are changing considerably the scenery of computer networks and, consequently, affect the way network management is conducted. Current management techniques can be enhanced and their efficiency can be improved, while novel techniques can be deployed. This article discusses the impact of active networks on current network management practice by examining network management through the functional areas of fault, configuration, accounting, performance and security management. For each one of these functional areas, the limitations of the current applications and tools are presented, as well as how these limitations can be overcome by exploiting active networks. To illustrate the presented framework, several applications are examined. The contribution of this work is to analyze, classify, and assess the various models proposed in this area, and to outline new research directions.

Web Caching and Content Delivery [Book Review]

Abstract: It is interested with the integration of services requiring different quality of service abilities from the underlying packet-switched network. Hence, the problem does not become only that of, effectively using the bandwidth available but also that of differentiating the received quality for different classes of traffic. To this end, the book is a composition of original research as well as of material that provides an extensive review of the research carried out in WDM local and metropolitan networks during roughly the last decade. Due to the single-hop nature of the topics covered, the underlying topology is well defined, namely star or ring. In particular, the scope is passive-star topologies with wavelength-tunable transceivers (passive s tar couplers and arrayed waveguide grating multiplexers, AWGMs) and slotted WDM metro rings. Included is also a review of traffic models, but the analysis technique is quickly narrowed to the use of semiMarkov processes. Since many books already exist on WDM technology, the distinguishing feature of this book is its emphasis on QoS support, and a unifying quantitative approach and comparative study of the presented protocols. For passive star protocols attention is focused on Earliest Available Time Scheduling (EATS), Distributed Queue (DO) protocols, and AWGMbased protocols. The novel protocol introduced is Convergence of RealTime and Data Services (CONRAD), which is a distributed reservation-based online scheduling algorithm. For WDM rings, the emphasis is placed directly on slotted version with multiple transceivers per node, effectively becoming a multichannel slotted ring, and subsequently refined to include QoS support. ,

Internet service monitoring with mobile agents

Abstract: The Internet Engineering Task Force standardizes new IP technologies such as Differentiated Services and IP security that allow Internet service providers to offer new and enhanced network-level services. There is a need for a measurement infrastructure to monitor services, especially for support of end-to-end services across the Internet. The infrastructure should provide a safe way for customers to monitor the enhanced properties of the services they use. Also, providers should be able to use the infrastructure to ensure provider collaboration. We implemented a mobile-agent-based monitoring infrastructure for new and enhanced IP services.

Revisiting the fair queuing paradigm for end-to-end congestion control

Abstract: Today, the dominant paradigm for congestion control in the Internet is based on the notion of TCP friendliness. To be TCP-friendly, a source must behave in such a way as to achieve a bandwidth that is similar to the bandwidth obtained by a TCP flow that would observe the same round-trip time (RTT) and the same loss rate. However, with the success of the Internet comes the deployment of an increasing number of applications that do not use TCP as a transport protocol. These applications can often improve their own performance by not being TCP-friendly, which severely penalizes TCP flows. To design new applications to be TCP-friendly is often a difficult task. The idea of the fair queuing (FQ) paradigm as a means to improve congestion control was first introduced by Keshav (1991). While Keshav made a fundamental step toward a new paradigm for the design of congestion control protocols, he did not formalize his results so that his findings could be extended for the design of new congestion control protocols. We make this step and formally define the FQ paradigm as a paradigm for the design of new end-to-end congestion control protocols. This paradigm relies on FQ scheduling with per-flow scheduling and longest queue drop buffer management in each router. We assume only selfish and noncollaborative end users. Our main contribution is the formal statement of the congestion control problem as a whole, which enables us to demonstrate the validity of the FQ paradigm. We also demonstrate that the FQ paradigm does not adversely impact the throughput of TCP flows and explain how to apply the FQ paradigm for the design of new congestion control protocols. As a pragmatic validation of the FQ paradigm, we discuss a new multicast congestion control protocol called packet pair receiver-driven layered multicast (PLM).

A framework of scalable optical metropolitan networks for improving survivability and class of service

Abstract: The issues of scalability and class of service have been among the most important research focuses in design of the control plane for wavelength-routed WDM networks. We introduce a framework for achieving a scalable design in metropolitan area networks with WDM as the core technology (called optical metropolitan networks). The framework is summarized with the topics of survivability, scalability and class of service. A novel design concept, called interarrival planning, which aims to achieve scalable control and management in optical metropolitan networks, is addressed.

Application of 3G PCS technologies to rapidly deployable mobile networks

Abstract: In this article, a rapidly deployable PCS architecture based on our novel resource management scheme, namely, virtual cell layout (VCL), is introduced. VCL is used to develop new self-organization and routing procedures that mitigate the scalability problem of infrastructureless routing and resource management. In VCL, the communication area is tessellated with regularly shaped fixed-size virtual cells. Radio resources such as frequency carriers and CDMA codes are assigned to the fixed cells of this layout. The real cells, which do not need to be the some size as the virtual cells, can move over the VCL cells. Simulation results show that the VCL-based architecture satisfies the requirement for rapid deployment and can provide an acceptable grade of service.

On demand network-wide VPN deployment in GPRS

Abstract: Mobile Internet requires enhanced security services available to all mobile subscribers in a dynamic fashion. A network-wide virtual private network deployment scenario over the General Packet Radio Service is proposed and analyzed from a security viewpoint. The proposed security scheme improves the level of protection that is currently supported in GPRS and facilitates the realization of mobile Internet. It secures data transmission over the entire network route from a mobile user to a remote server by utilizing the default GPRS ciphering over the radio interface, and by deploying an IP VPN over the GPRS core, as well as on the public Internet. Thus, on-demand VPN services are made available for all GPRS network subscribers and roaming users. The VPN functionality, which is based on the IPsec framework, is outsourced to the network infrastructure to eliminate the potential computational overhead on the mobile device. The VPN initialization and key agreement procedures are based on an Internet Key Exchange protocol proxy scheme, which enables the mobile station to initiate VPN establishment, while shifting the complex key negotiation to the network infrastructure. The deployed VPN operates transparently to the mobile subscribers' movement. The required enhancements for security service provision can be integrated in the existing network infrastructure; therefore, the propose security scheme can be employed as an add-on feature to the GPRS standard.

Stream control transmission protocol, a reference guide [Book Review]

Abstract: The New Books and Multimedia column contains brief reviews of new books in the computer communications field. Each review includes a highly abstracted description of the contents, relying on the publisher’s descriptive materials, minus advertising superlatives, and checked for accuracy against a copy of the book. The reviews also comment on the structure and the target audience of each book. Publishers wishing to have their books listed in this manner should send copies and appropriate advertising materials to Ioanis Nikolaidis at the address below, with an indication that books are intended for the IEEE Network New Books and Multimedia column. Appropriate books will be reviewed in the column. Ioanis Nikolaidis Computing Science Department, University of Alberta, Edmonton, Alberta, Canada T6G 2E8

The meta-policy information base

Abstract: The growth of computer networks has revealed significant scalability and efficiency limitations to the traditional management techniques. Policy-based networking (PBN) has emerged as a promising paradigm for configuration management and service provisioning. The common open policy service (COPS) and its extension for policy provisioning (COPS-PR) are currently being developed as the protocols to implement PBN. COPS-PR has received significant attention and seems efficient for several management areas. However, the rigidity of its policy-enforcing mechanisms constrains the intelligence that can be pushed toward the managed devices. This work aims at relaxing this limitation by using meta-policies, rules that enforce the appropriate policies on the devices. Meta-policies are stored and processed by the devices, independent of their semantics, thus making the model more efficient, scalable, distributed, and robust. The additional functionality is implemented through a novel policy information base we have defined, the meta-policy PIB.