Visible to the public Biblio

Filters: Keyword is Unicast  [Clear All Filters]
Chen, Lin, William Atwood, J..  2018.  Performance Evaluation for Secure Internet Group Management Protocol and Group Security Association Management Protocol. 2018 IEEE Canadian Conference on Electrical Computer Engineering (CCECE). :1—5.

Multicast distribution employs the model of many-to-many so that it is a more efficient way of data delivery compared to traditional one-to-one unicast distribution, which can benefit many applications such as media streaming. However, the lack of security features in its nature makes multicast technology much less popular in an open environment such as the Internet. Internet Service Providers (ISPs) take advantage of IP multicast technology's high efficiency of data delivery to provide Internet Protocol Television (IPTV) to their users. But without the full control on their networks, ISPs cannot collect revenue for the services they provide. Secure Internet Group Management Protocol (SIGMP), an extension of Internet Group Management Protocol (IGMP), and Group Security Association Management Protocol (GSAM), have been proposed to enforce receiver access control at the network level of IP multicast. In this paper, we analyze operational details and issues of both SIGMP and GSAM. An examination of the performance of both protocols is also conducted.

Benmalek, Mourad, Challal, Yacine, Derhab, Abdelouahid.  2019.  An Improved Key Graph Based Key Management Scheme for Smart Grid AMI Systems. 2019 IEEE Wireless Communications and Networking Conference (WCNC). :1–6.

In this paper, we focus on versatile and scalable key management for Advanced Metering Infrastructure (AMI) in Smart Grid (SG). We show that a recently proposed key graph based scheme for AMI systems (VerSAMI) suffers from efficiency flaws in its broadcast key management protocol. Then, we propose a new key management scheme (iVerSAMI) by modifying VerSAMI's key graph structure and proposing a new broadcast key update process. We analyze security and performance of the proposed broadcast key management in details to show that iVerSAMI is secure and efficient in terms of storage and communication overheads.

Melnikov, D. A., Durakovsky, A. P., Dvoryankin, S. V., Gorbatov, V. S..  2017.  Concept for Increasing Security of National Information Technology Infrastructure and Private Clouds. 2017 IEEE 5th International Conference on Future Internet of Things and Cloud (FiCloud). :155–160.

This paper suggests a conceptual mechanism for increasing the security level of the global information community, national information technology infrastructures (e-governments) and private cloud structures, which uses the logical characteristic of IPv6-protocol. The mechanism is based on the properties of the IPv6-header and, in particular, rules of coding IPv6-addresses.

Douros, V. G., Riihijärvi, J., Mähönen, P..  2017.  Network economics of SDN-based infrastructures: Can we unlock value through ICN multicast? 2017 IEEE 28th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC). :1–5.

Software-defined networking (SDN) is enabling radically easier deployment of new routing infrastructures in enterprise and operator networks. However, it is not clear how to best exploit this flexibility, when also considering the migration costs. In this paper, we use tools from network economics to study a recent proposal of using information-centric networking (ICN) principles on an SDN infrastructure for improving the delivery of Internet Protocol (IP) services. The key value proposition of this IP-over-ICN approach is to use the native and lightweight multicast service delivery enabled by the ICN technology to reduce network load by removing redundant data. Our analysis shows that for services where IP multicast delivery is technically feasible, IP-over-ICN deployments are economically sensible if only few users will access the given service simultaneously. However, for services where native IP multicast is not a technically feasible option, such as for dynamically generated or personalized content, IP-over-ICN significantly outperforms IP.

Tsilopoulos, C., Xylomenos, G., Thomas, Y..  2014.  Reducing forwarding state in content-centric networks with semi-stateless forwarding. INFOCOM, 2014 Proceedings IEEE. :2067-2075.

Routers in the Content-Centric Networking (CCN) architecture maintain state for all pending content requests, so as to be able to later return the corresponding content. By employing stateful forwarding, CCN supports native multicast, enhances security and enables adaptive forwarding, at the cost of excessive forwarding state that raises scalability concerns. We propose a semi-stateless forwarding scheme in which, instead of tracking each request at every on-path router, requests are tracked at every d hops. At intermediate hops, requests gather reverse path information, which is later used to deliver responses between routers using Bloom filter-based stateless forwarding. Our approach effectively reduces forwarding state, while preserving the advantages of CCN forwarding. Evaluation results over realistic ISP topologies show that our approach reduces forwarding state by 54%-70% in unicast delivery, without any bandwidth penalties, while in multicast delivery it reduces forwarding state by 34%-55% at the expense of 6%-13% in bandwidth overhead.

Oberle, A., Larbig, P., Kuntze, N., Rudolph, C..  2014.  Integrity based relationships and trustworthy communication between network participants. Communications (ICC), 2014 IEEE International Conference on. :610-615.

Establishing trust relationships between network participants by having them prove their operating system's integrity via a Trusted Platform Module (TPM) provides interesting approaches for securing local networks at a higher level. In the introduced approach on OSI layer 2, attacks carried out by already authenticated and participating nodes (insider threats) can be detected and prevented. Forbidden activities and manipulations in hard- and software, such as executing unknown binaries, loading additional kernel modules or even inserting unauthorized USB devices, are detected and result in an autonomous reaction of each network participant. The provided trust establishment and authentication protocol operates independently from upper protocol layers and is optimized for resource constrained machines. Well known concepts of backbone architectures can maintain the chain of trust between different kinds of network types. Each endpoint, forwarding and processing unit monitors the internal network independently and reports misbehaviours autonomously to a central instance in or outside of the trusted network.