D3M: multicast listener mobility support mechanisms over distributed mobility anchoring architectures

The explosion in mobile data traffic is a driver for future network operator technologies, given its large potential to affect both network performance and generated revenue. The concept of distributed mobility management (DMM) has emerged in order to overcome efficiency-wise limitations in centralized mobility approaches, proposing not only the distribution of anchoring functions but also dynamic mobility activation sensitive to the applications needs. Nevertheless, there is not an acceptable solution for IP multicast in DMM environments, as the first proposals based on MLD Proxy are prone to tunnel replication problem or service disruption. We propose the application of PIM-SM in mobility entities as an alternative solution for multicast support in DMM, and introduce an architecture enabling mobile multicast listeners support over distributed anchoring frameworks in a network-efficient way. The architecture aims at providing operators with flexible options to provide multicast mobility, supporting three modes: the first one introduces basic IP multicast support in DMM; the second improves subscription time through extensions to the mobility protocol, obliterating the dependence on MLD protocol; and the third enables fast listener mobility by avoiding potentially slow multicast tree convergence latency in larger infrastructures, by benefiting from mobility tunnels. The different modes were evaluated by mathematical analysis regarding disruption time and packet loss during handoff against several parameters, total and tunneling packet delivery cost, and regarding packet and signaling overhead.

Decentralizing IP mobility management in future networks

The massive adoption of sophisticated mobile devices and applications led to the increase of mobile data in the last decade, which it is expected to continue. This increase of mobile data negatively impacts the network planning and dimension, since core networks are heavy centralized. Mobile operators are investigating atten network architectures that distribute the responsibility of providing connectivity and mobility, in order to improve the network scalability and performance. Moreover, service providers are moving the content servers closer to the user, in order to ensure high availability and performance of content delivery. Besides the e orts to overcome the explosion of mobile data, current mobility management models are heavy centralized to ensure reachability and session continuity to the users connected to the network. Nowadays, deployed architectures have a small number of centralized mobility anchors managing the mobile data and the mobility context of millions of users, which introduces issues related to performance and scalability that require costly network mechanisms. The mobility management needs to be rethought out-of-the box to cope with atten network architectures and distributed content servers closer to the user, which is the purpose of the work developed in this Thesis. The Thesis starts with a characterization of mobility management into well-de ned functional blocks, their interaction and potential grouping. The decentralized mobility management is studied through analytical models and simulations, in which di erent mobility approaches distinctly distribute the mobility management functionalities through the network. The outcome of this study showed that decentralized mobility management brings advantages. Hence, it was proposed a novel distributed and dynamic mobility management approach, which is exhaustively evaluated through analytical models, simulations and testbed experiments. The proposed approach is also integrated with seamless horizontal handover mechanisms, as well as evaluated in vehicular environments. The mobility mechanisms are also speci ed for multihomed scenarios, in order to provide data o oading with IP mobility from cellular to other access networks. In the pursuing of the optimized mobile routing path, a novel network-based strategy for localized mobility is addressed, in which a replication binding system is deployed in the mobility anchors distributed through the access routers and gateways. Finally, we go further in the mobility anchoring subject, presenting a context-aware adaptive IP mobility anchoring model that dynamically assigns the mobility anchors that provide the optimized routing path to a session, based on the user and network context. The integration of dynamic and distributed concepts in the mobility management, such as context-aware adaptive mobility anchoring and dynamic mobility support, allow the optimization of network resources and the improvement of user experience. The overall outcome demonstrates that decentralized mobility management is a promising direction, hence, its ideas should be taken into account by mobile operators in the deployment of future networks.

Communication between nodes for autonomic and distributed management

Over the last decade, the most widespread approaches for traditional management were based on the Simple Network Management Protocol (SNMP) or Common Management Information Protocol (CMIP). However, they both have several problems in terms of scalability, due to their centralization characteristics. Although the distributed management approaches exhibit better performance in terms of scalability, they still underperform regarding communication costs, autonomy, extensibility, exibility, robustness, and cooperation between network nodes. The cooperation between network nodes normally requires excessive overheads for synchronization and dissemination of management information in the network. For emerging dynamic and large-scale networking environments, as envisioned in Next Generation Networks (NGNs), exponential growth in the number of network devices and mobile communications and application demands is expected. Thus, a high degree of management automation is an important requirement, along with new mechanisms that promote it optimally and e ciently, taking into account the need for high cooperation between the nodes. Current approaches for self and autonomic management allow the network administrator to manage large areas, performing fast reaction and e ciently facing unexpected problems. The management functionalities should be delegated to a self-organized plane operating within the network, that decrease the network complexity and the control information ow, as opposed to centralized or external servers. This Thesis aims to propose and develop a communication framework for distributed network management which integrates a set of mechanisms for initial communication, exchange of management information, network (re) organization and data dissemination, attempting to meet the autonomic and distributed management requirements posed by NGNs. The mechanisms are lightweight and portable, and they can operate in di erent hardware architectures and include all the requirements to maintain the basis for an e cient communication between nodes in order to ensure autonomic network management. Moreover, those mechanisms were explored in diverse network conditions and events, such as device and link errors, di erent tra c/network loads and requirements. The results obtained through simulation and real experimentation show that the proposed mechanisms provide a lower convergence time, smaller overhead impact in the network, faster dissemination of management information, increase stability and quality of the nodes associations, and enable the support for e cient data information delivery in comparison to the base mechanisms analyzed. Finally, all mechanisms for communication between nodes proposed in this Thesis, that support and distribute the management information and network control functionalities, were devised and developed to operate in completely decentralized scenarios.

Acesso banda larga sem fios em ambientes heterogéneos de próxima geração

O acesso ubíquo à Internet é um dos principais desafios para os operadores de telecomunicações na próxima década. O número de utilizadores da Internet está a crescer exponencialmente e o paradigma de acesso "always connected, anytime, anywhere" é um requisito fundamental para as redes móveis de próxima geração. A tecnologia WiMAX, juntamente com o LTE, foi recentemente reconhecida pelo ITU como uma das tecnologias de acesso compatíveis com os requisitos do 4G. Ainda assim, esta tecnologia de acesso não está completamente preparada para ambientes de próxima geração, principalmente devido à falta de mecanismos de cross-layer para integração de QoS e mobilidade. Adicionalmente, para além das tecnologias WiMAX e LTE, as tecnologias de acesso rádio UMTS/HSPA e Wi-Fi continuarão a ter um impacto significativo nas comunicações móveis durante os próximos anos. Deste modo, é fundamental garantir a coexistência das várias tecnologias de acesso rádio em termos de QoS e mobilidade, permitindo assim a entrega de serviços multimédia de tempo real em redes móveis. Para garantir a entrega de serviços multimédia a utilizadores WiMAX, esta Tese propõe um gestor cross-layer WiMAX integrado com uma arquitectura de QoS fim-a-fim. A arquitectura apresentada permite o controlo de QoS e a comunicação bidireccional entre o sistema WiMAX e as entidades das camadas superiores. Para além disso, o gestor de cross-layer proposto é estendido com eventos e comandos genéricos e independentes da tecnologia para optimizar os procedimentos de mobilidade em ambientes WiMAX. Foram realizados testes para avaliar o desempenho dos procedimentos de QoS e mobilidade da arquitectura WiMAX definida, demonstrando que esta é perfeitamente capaz de entregar serviços de tempo real sem introduzir custos excessivos na rede. No seguimento das extensões de QoS e mobilidade apresentadas para a tecnologia WiMAX, o âmbito desta Tese foi alargado para ambientes de acesso sem-fios heterogéneos. Neste sentido, é proposta uma arquitectura de mobilidade transparente com suporte de QoS para redes de acesso multitecnologia. A arquitectura apresentada integra uma versão estendida do IEEE 802.21 com suporte de QoS, bem como um gestor de mobilidade avançado integrado com os protocolos de gestão de mobilidade do nível IP. Finalmente, para completar o trabalho desenvolvido no âmbito desta Tese, é proposta uma extensão aos procedimentos de decisão de mobilidade em ambientes heterogéneos para incorporar a informação de contexto da rede e do terminal. Para validar e avaliar as optimizações propostas, foram desenvolvidos testes de desempenho num demonstrador inter-tecnologia, composta pelas redes de acesso WiMAX, Wi-Fi e UMTS/HSPA.

Communication middleware for the future mobile internet

A evolução constante em novas tecnologias que providenciam suporte à forma como os nossos dispositivos se ligam, bem como a forma como utilizamos diferentes capacidades e serviços on-line, criou um conjunto sem precedentes de novos desafios que motivam o desenvolvimento de uma recente área de investigação, denominada de Internet Futura. Nesta nova área de investigação, novos aspectos arquiteturais estão ser desenvolvidos, os quais, através da re-estruturação de componentes nucleares subjacentesa que compõem a Internet, progride-a de uma forma capaz de não são fazer face a estes novos desafios, mas também de a preparar para os desafios de amanhã. Aspectos chave pertencendo a este conjunto de desafios são os ambientes de rede heterogéneos compostos por diferentes tipos de redes de acesso, a cada vez maior mudança do tráfego peer-to-peer (P2P) como o tipo de tráfego mais utilizado na Internet, a orquestração de cenários da Internet das Coisas (IoT) que exploram mecanismos de interação Maquinaa-Maquina (M2M), e a utilização de mechanismos centrados na informação (ICN). Esta tese apresenta uma nova arquitetura capaz de simultaneamente fazer face a estes desafios, evoluindo os procedimentos de conectividade e entidades envolvidas, através da adição de uma camada de middleware, que age como um mecanismo de gestão de controlo avançado. Este mecanismo de gestão de controlo aproxima as entidades de alto nível (tais como serviços, aplicações, entidades de gestão de mobilidade, operações de encaminhamento, etc.) com as componentes das camadas de baixo nível (por exemplo, camadas de ligação, sensores e atuadores), permitindo uma otimização conjunta dos procedimentos de ligação subjacentes. Os resultados obtidos não só sublinham a flexibilidade dos mecanismos que compoem a arquitetura, mas também a sua capacidade de providenciar aumentos de performance quando comparados com outras soluÇÕes de funcionamento especÍfico, enquanto permite um maior leque de cenáios e aplicações.

Flexible management of bandwidth and redundancy in fieldbuses

Os sistemas distribuídos embarcados (Distributed Embedded Systems – DES) têm sido usados ao longo dos últimos anos em muitos domínios de aplicação, da robótica, ao controlo de processos industriais passando pela aviónica e pelas aplicações veiculares, esperando-se que esta tendência continue nos próximos anos. A confiança no funcionamento é uma propriedade importante nestes domínios de aplicação, visto que os serviços têm de ser executados em tempo útil e de forma previsível, caso contrário, podem ocorrer danos económicos ou a vida de seres humanos poderá ser posta em causa. Na fase de projecto destes sistemas é impossível prever todos os cenários de falhas devido ao não determinismo do ambiente envolvente, sendo necessária a inclusão de mecanismos de tolerância a falhas. Adicionalmente, algumas destas aplicações requerem muita largura de banda, que também poderá ser usada para a evolução dos sistemas, adicionandolhes novas funcionalidades. A flexibilidade de um sistema é uma propriedade importante, pois permite a sua adaptação às condições e requisitos envolventes, contribuindo também para a simplicidade de manutenção e reparação. Adicionalmente, nos sistemas embarcados, a flexibilidade também é importante por potenciar uma melhor utilização dos, muitas vezes escassos, recursos existentes. Uma forma evidente de aumentar a largura de banda e a tolerância a falhas dos sistemas embarcados distribuídos é a replicação dos barramentos do sistema. Algumas soluções existentes, quer comerciais quer académicas, propõem a replicação dos barramentos para aumento da largura de banda ou para aumento da tolerância a falhas. No entanto e quase invariavelmente, o propósito é apenas um, sendo raras as soluções que disponibilizam uma maior largura de banda e um aumento da tolerância a falhas. Um destes raros exemplos é o FlexRay, com a limitação de apenas ser permitido o uso de dois barramentos. Esta tese apresentada e discute uma proposta para usar a replicação de barramentos de uma forma flexível com o objectivo duplo de aumentar a largura de banda e a tolerância a falhas. A flexibilidade dos protocolos propostos também permite a gestão dinâmica da topologia da rede, sendo o número de barramentos apenas limitado pelo hardware/software. As propostas desta tese foram validadas recorrendo ao barramento de campo CAN – Controller Area Network, escolhido devido à sua grande implantação no mercado. Mais especificamente, as soluções propostas foram implementadas e validadas usando um paradigma que combina flexibilidade com comunicações event-triggered e time-triggered: o FTT – Flexible Time- Triggered. No entanto, uma generalização para CAN nativo é também apresentada e discutida. A inclusão de mecanismos de replicação do barramento impõe a alteração dos antigos protocolos de replicação e substituição do nó mestre, bem como a definição de novos protocolos para esta finalidade. Este trabalho tira partido da arquitectura centralizada e da replicação do nó mestre para suportar de forma eficiente e flexível a replicação de barramentos. Em caso de ocorrência de uma falta num barramento (ou barramentos) que poderia provocar uma falha no sistema, os protocolos e componentes propostos nesta tese fazem com que o sistema reaja, mudando para um modo de funcionamento degradado. As mensagens que estavam a ser transmitidas nos barramentos onde ocorreu a falta são reencaminhadas para os outros barramentos. A replicação do nó mestre baseia-se numa estratégia líder-seguidores (leaderfollowers), onde o líder (leader) controla todo o sistema enquanto os seguidores (followers) servem como nós de reserva. Se um erro ocorrer no nó líder, um dos nós seguidores passará a controlar o sistema de uma forma transparente e mantendo as mesmas funcionalidades. As propostas desta tese foram também generalizadas para CAN nativo, tendo sido para tal propostos dois componentes adicionais. É, desta forma possível ter as mesmas capacidades de tolerância a falhas ao nível dos barramentos juntamente com a gestão dinâmica da topologia de rede. Todas as propostas desta tese foram implementadas e avaliadas. Uma implementação inicial, apenas com um barramento foi avaliada recorrendo a uma aplicação real, uma equipa de futebol robótico onde o protocolo FTT-CAN foi usado no controlo de movimento e da odometria. A avaliação do sistema com múltiplos barramentos foi feita numa plataforma de teste em laboratório. Para tal foi desenvolvido um sistema de injecção de faltas que permite impor faltas nos barramentos e nos nós mestre, e um sistema de medida de atrasos destinado a medir o tempo de resposta após a ocorrência de uma falta.

Context-based wireless mesh networks

In the modern society, new devices, applications and technologies, with sophisticated capabilities, are converging in the same network infrastructure. Users are also increasingly demanding in personal preferences and expectations, desiring Internet connectivity anytime and everywhere. These aspects have triggered many research efforts, since the current Internet is reaching a breaking point trying to provide enough flexibility for users and profits for operators, while dealing with the complex requirements raised by the recent evolution. Fully aligned with the future Internet research, many solutions have been proposed to enhance the current Internet-based architectures and protocols, in order to become context-aware, that is, to be dynamically adapted to the change of the information characterizing any network entity. In this sense, the presented Thesis proposes a new architecture that allows to create several networks with different characteristics according to their context, on the top of a single Wireless Mesh Network (WMN), which infrastructure and protocols are very flexible and self-adaptable. More specifically, this Thesis models the context of users, which can span from their security, cost and mobility preferences, devices’ capabilities or services’ quality requirements, in order to turn a WMN into a set of logical networks. Each logical network is configured to meet a set of user context needs (for instance, support of high mobility and low security). To implement this user-centric architecture, this Thesis uses the network virtualization, which has often been advocated as a mean to deploy independent network architectures and services towards the future Internet, while allowing a dynamic resource management. This way, network virtualization can allow a flexible and programmable configuration of a WMN, in order to be shared by multiple logical networks (or virtual networks - VNs). Moreover, the high level of isolation introduced by network virtualization can be used to differentiate the protocols and mechanisms of each context-aware VN. This architecture raises several challenges to control and manage the VNs on-demand, in response to user and WMN dynamics. In this context, we target the mechanisms to: (i) discover and select the VN to assign to an user; (ii) create, adapt and remove the VN topologies and routes. We also explore how the rate of variation of the user context requirements can be considered to improve the performance and reduce the complexity of the VN control and management. Finally, due to the scalability limitations of centralized control solutions, we propose a mechanism to distribute the control functionalities along the architectural entities, which can cooperate to control and manage the VNs in a distributed way.

Mobility in vehicular networks with multiple access points to the infrastructure

Nowadays there is a huge evolution in the technological world and in the wireless networks. The electronic devices have more capabilities and resources over the years, which makes the users more and more demanding. The necessity of being connected to the global world leads to the arising of wireless access points in the cities to provide internet access to the people in order to keep the constant interaction with the world. Vehicular networks arise to support safety related applications and to improve the traffic flow in the roads; however, nowadays they are also used to provide entertainment to the users present in the vehicles. The best way to increase the utilization of the vehicular networks is to give to the users what they want: a constant connection to the internet. Despite of all the advances in the vehicular networks, there were several issues to be solved. The presence of dedicated infrastructure to vehicular networks is not wide yet, which leads to the need of using the available Wi-Fi hotspots and the cellular networks as access networks. In order to make all the management of the mobility process and to keep the user’s connection and session active, a mobility protocol is needed. Taking into account the huge number of access points present at the range of a vehicle for example in a city, it will be beneficial to take advantage of all available resources in order to improve all the vehicular network, either to the users and to the operators. The concept of multihoming allows to take advantage of all available resources with multiple simultaneous connections. This dissertation has as objectives the integration of a mobility protocol, the Network-Proxy Mobile IPv6 protocol, with a host-multihoming per packet solution in order to increase the performance of the network by using more resources simultaneously, the support of multi-hop communications, either in IPv6 or IPv4, the capability of providing internet access to the users of the network, and the integration of the developed protocol in the vehicular environment, with the WAVE, Wi-Fi and cellular technologies. The performed tests focused on the multihoming features implemented on this dissertation, and on the IPv4 network access for the normal users. The obtained results show that the multihoming addition to the mobility protocol improves the network performance and provides a better resource management. Also, the results show the correct operation of the developed protocol in a vehicular environment.

Secure, dynamic and distributed access control stack for database applications

In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: 1) if policies are complex, their enforcement can lead to performance decay of database servers; 2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.

Secure, dynamic and distributed access control stack for database applications

In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: (1) if policies are complex, their enforcement can lead to performance decay of database servers; (2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.