953 resultados para biometrics (access control)
Resumo:
Wireless sensor networks (WSNs) consist of a large number of sensor nodes, characterized by low power constraint, limited transmission range and limited computational capabilities [1][2].The cost of these devices is constantly decreasing, making it possible to use a large number of sensor devices in a wide array of commercial, environmental, military, and healthcare fields. Some of these applications involve placing the sensors evenly spaced on a straight line for example in roads, bridges, tunnels, water catchments and water pipelines, city drainages, oil and gas pipelines etc., making a special class of these networks which we define as a Linear Wireless Network (LWN). In LWNs, data transmission happens hop by hop from the source to the destination, through a route composed of multiple relays. The peculiarity of the topology of LWNs, motivates the design of specialized protocols, taking advantage of the linearity of such networks, in order to increase reliability, communication efficiency, energy savings, network lifetime and to minimize the end-to-end delay [3]. In this thesis a novel contention based Medium Access Control (MAC) protocol called L-CSMA, specifically devised for LWNs is presented. The basic idea of L-CSMA is to assign different priorities to nodes based on their position along the line. The priority is assigned in terms of sensing duration, whereby nodes closer to the destination are assigned shorter sensing time compared to the rest of the nodes and hence higher priority. This mechanism speeds up the transmission of packets which are already in the path, making transmission flow more efficient. Using NS-3 simulator, the performance of L-CSMA in terms of packets success rate, that is, the percentage of packets that reach destination, and throughput are compared with that of IEEE 802.15.4 MAC protocol, de-facto standard for wireless sensor networks. In general, L-CSMA outperforms the IEEE 802.15.4 MAC protocol.
Resumo:
L'obiettivo della tesi è la creazione di un'infrastruttura di tipo RBAC (Role Based Access Control), adibita al controllo degli accessi all'interno del linguaggio di coordinazione TuCSoN. Il punto di partenza si basa sull'analisi del lavoro sviluppato dall'Ing. Galassi: "Modello di sicurezza e controllo di accesso in una infrastruttura di coordinazione: architettura e implementazione". Usando questa come base teorica di partenza, si sono estrapolati i concetti chiave e si è data vita ad un'implementazione funzionante e di semplice utilizzo di RBAC in TuCSoN.
Resumo:
Dall'analisi dei big data si possono trarre degli enormi benefici in svariati ambiti applicativi. Uno dei fattori principali che contribuisce alla ricchezza dei big data, consiste nell'uso non previsto a priori di dati immagazzinati in precedenza, anche in congiunzione con altri dataset eterogenei: questo permette di trovare correlazioni significative e inaspettate tra i dati. Proprio per questo, il Valore, che il dato potenzialmente porta con sè, stimola le organizzazioni a raccogliere e immagazzinare sempre più dati e a ricercare approcci innovativi e originali per effettuare analisi su di essi. L’uso fortemente innovativo che viene fatto dei big data in questo senso e i requisiti tecnologici richiesti per gestirli hanno aperto importanti problematiche in materia di sicurezza e privacy, tali da rendere inadeguati o difficilmente gestibili, gli strumenti di sicurezza utilizzati finora nei sistemi tradizionali. Con questo lavoro di tesi si intende analizzare molteplici aspetti della sicurezza in ambito big data e offrire un possibile approccio alla sicurezza dei dati. In primo luogo, la tesi si occupa di comprendere quali sono le principali minacce introdotte dai big data in ambito di privacy, valutando la fattibilità delle contromisure presenti all’attuale stato dell’arte. Tra queste anche il controllo dell’accesso ha riscontrato notevoli sfide causate dalle necessità richieste dai big data: questo elaborato analizza pregi e difetti del controllo dell’accesso basato su attributi (ABAC), un modello attualmente oggetto di discussione nel dibattito inerente sicurezza e privacy nei big data. Per rendere attuabile ABAC in un contesto big data, risulta necessario l’ausilio di un supporto per assegnare gli attributi di visibilità alle informazioni da proteggere. L’obiettivo di questa tesi consiste nel valutare fattibilità, caratteristiche significative e limiti del machine learning come possibile approccio di utilizzo.
Resumo:
With today's prevalence of Internet-connected systems storing sensitive data and the omnipresent threat of technically skilled malicious users, computer security remains a critically important field. Because of today's multitude of vulnerable systems and security threats, it is vital that computer science students be taught techniques for programming secure systems, especially since many of them will work on systems with sensitive data after graduation. Teaching computer science students proper design, implementation, and maintenance of secure systems is a challenging task that calls for the use of novel pedagogical tools. This report describes the implementation of a compiler that converts mandatory access control specification Domain-Type Enforcement Language to the Java Security Manager, primarily for pedagogical purposes. The implementation of the Java Security Manager was explored in depth, and various techniques to work around its inherent limitations were explored and partially implemented, although some of these workarounds do not appear in the current version of the compiler because they would have compromised cross-platform compatibility. The current version of the compiler and implementation details of the Java Security Manager are discussed in depth.
Resumo:
File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about “who” can access an object, but also about “how” a subject can access an object. To enforce the security policies, each access request is checked against the specified policies to decide whether it is allowed or rejected. The current protection schemes in UNIX/Linux systems focus on the access control. Besides the basic access control scheme of the system itself, which includes permission bits, setuid and seteuid mechanism and the root, there are other protection models, such as Capabilities, Domain Type Enforcement (DTE) and Role-Based Access Control (RBAC), supported and used in certain organizations. These models protect the confidentiality of the data directly. The integrity of the data is protected indirectly by only allowing trusted users to operate on the objects. The access control decisions of these models depend on either the identity of the user or the attributes of the process the user can execute, and the attributes of the objects. Adoption of these sophisticated models has been slow; this is likely due to the enormous complexity of specifying controls over a large file system and the need for system administrators to learn a new paradigm for file protection. We propose a new security model: file system firewall. It is an adoption of the familiar network firewall protection model, used to control the data that flows between networked computers, toward file system protection. This model can support decisions of access control based on any system generated attributes about the access requests, e.g., time of day. The access control decisions are not on one entity, such as the account in traditional discretionary access control or the domain name in DTE. In file system firewall, the access decisions are made upon situations on multiple entities. A situation is programmable with predicates on the attributes of subject, object and the system. File system firewall specifies the appropriate actions on these situations. We implemented the prototype of file system firewall on SUSE Linux. Preliminary results of performance tests on the prototype indicate that the runtime overhead is acceptable. We compared file system firewall with TE in SELinux to show that firewall model can accommodate many other access control models. Finally, we show the ease of use of firewall model. When firewall system is restricted to specified part of the system, all the other resources are not affected. This enables a relatively smooth adoption. This fact and that it is a familiar model to system administrators will facilitate adoption and correct use. The user study we conducted on traditional UNIX access control, SELinux and file system firewall confirmed that. The beginner users found it easier to use and faster to learn then traditional UNIX access control scheme and SELinux.
Resumo:
The paper presents a link layer stack for wireless sensor networks, which consists of the Burst-aware Energy-efficient Adaptive Medium access control (BEAM) and the Hop-to-Hop Reliability (H2HR) protocol. BEAM can operate with short beacons to announce data transmissions or include data within the beacons. Duty cycles can be adapted by a traffic prediction mechanism indicating pending packets destined for a node and by estimating its wake-up times. H2HR takes advantage of information provided by BEAM such as neighbour information and transmission information to perform per-hop congestion control. We justify the design decisions by measurements in a real-world wireless sensor network testbed and compare the performance with other link layer protocols.
Resumo:
In this paper we follow a theory-based approach to study the assimilation of compliance software in highly regulated multinational enterprises. These relatively new software products support the automation of controls which are associated with mandatory compliance requirements. We use institutional and success factor theories to explain the assimilation of compliance software. A framework for analyzing the assimilation of Access Control Systems (ACS), a special type of compliance software, is developed and used to reflect the experiences obtained in four in-depth case studies. One result is that coercive, mimetic, and normative pressures significantly effect ACS assimilation. On the other hand, quality aspects have only a moderate impact at the beginning of the assimilation process, in later phases the impact may increase if performance and improvement objectives become more relevant. In addition, it turns out that position of the enterprises and compatibility heavily influence the assimilation process.
Resumo:
Introduction: Video‐Supported Learning is particularly effective when it comes to skills and behaviors. Video registration of patient‐physician interviews, class room instruction or practical skills allow it to learners themselves, their peers, and their tutors to assess the quality of the learner's performance, to give specific feedback, and to make suggestions for improvement. Methods: In Switzerland, four pedagogical universities and two medical faculties joined to initiate the development of a national infrastructure for Video Supported Learning. The goal was to have a system that is simple to use, has most steps automated, provides the videos over the Internet, and has a sophisticated access control. Together with SWITCH, the national IT‐Support‐Organisation for Swiss Universities, the program iVT (Individual Video Training) was developed by integrating two preexisting technologies. The first technology is SWITCHcast, a podcast system. With SWITCHcast, videos are automatically uploaded to a server as soon as the registration is over. There the videos are processed and converted to different formats. The second technology is the national Single Logon System AAI (Authentification and Authorization Infrastructure) that enables iVT to link each video with the corresponding learner. The learner starts the registration with his Single Logon. Thus, the video can unambiguously be assigned. Via his institution's Learning Management System (LMS), the learner can access his video and give access to his video to peers and tutors. Results: iVT is now used at all involved institutions. The system works flawlessly. In Bern, we use iVT for the communications skills training in the forth and sixth year. Since students meet with patient actors alone, iVT is also used to certify attendance. Students are encouraged to watch the videos of the interview and the feedback of the patient actor. The offer to discuss a video with a tutor was not used by the students. Discussion: We plan to expand the use of iVT by making peer assessment compulsory. To support this, annotation capabilities are currently added to iVT. We also want to use iVT in training of practical skills, again for self as well as for peer assessment. At present, we use iVT for quality control of patient actor's performance.
Resumo:
Location prediction has attracted a significant amount of research effort. Being able to predict users’ movement benefits a wide range of communication systems, including location-based service/applications, mobile access control, mobile QoS provision, and resource management for mobile computation and storage management. In this demo, we present MOBaaS, which is a cloudified Mobility and Bandwidth prediction services that can be instantiated, deployed, and disposed on-demand. Mobility prediction of MOBaaS provides location predictions of a single/group user equipments (UEs) in a future moment. This information can be used for self-adaptation procedures and optimal network function configuration during run-time operations. We demonstrate an example of real-time mobility prediction service deployment running on OpenStack platform, and the potential benefits it bring to other invoking services.
Resumo:
En el presente trabajo se busca introducir el debate alrededor de los conceptos de espacio, territorio, territorialidad, lugar y sus posibles incumbencias para el análisis de sujetos políticos, centrado en un caso de movimiento de desocupados en Argentina: la CTD Aníbal Verón. En primer lugar, se aborda la discusión acerca de si el espacio puede ser pensado como dimensión constitutiva de lo político o si basta pensarlo como manifestación del conflicto, demarcación de un límite y control del acceso, entendiendo el espacio construido en tanto territorio. En segundo lugar, se desarrolla el análisis de la relación de los sujetos con el espacio, su apropiación y dotación de sentido, involucrando relaciones identitarias que a menudo son analizadas a través de la categoría de lugar. Se prestará atención a dos de las diversas prácticas que construyen lugares (en términos de identidad) en los territorios construidos/ apropiados por la organización: el barrio y el piquete
Resumo:
En el presente trabajo se busca introducir el debate alrededor de los conceptos de espacio, territorio, territorialidad, lugar y sus posibles incumbencias para el análisis de sujetos políticos, centrado en un caso de movimiento de desocupados en Argentina: la CTD Aníbal Verón. En primer lugar, se aborda la discusión acerca de si el espacio puede ser pensado como dimensión constitutiva de lo político o si basta pensarlo como manifestación del conflicto, demarcación de un límite y control del acceso, entendiendo el espacio construido en tanto territorio. En segundo lugar, se desarrolla el análisis de la relación de los sujetos con el espacio, su apropiación y dotación de sentido, involucrando relaciones identitarias que a menudo son analizadas a través de la categoría de lugar. Se prestará atención a dos de las diversas prácticas que construyen lugares (en términos de identidad) en los territorios construidos/ apropiados por la organización: el barrio y el piquete
Resumo:
En el presente trabajo se busca introducir el debate alrededor de los conceptos de espacio, territorio, territorialidad, lugar y sus posibles incumbencias para el análisis de sujetos políticos, centrado en un caso de movimiento de desocupados en Argentina: la CTD Aníbal Verón. En primer lugar, se aborda la discusión acerca de si el espacio puede ser pensado como dimensión constitutiva de lo político o si basta pensarlo como manifestación del conflicto, demarcación de un límite y control del acceso, entendiendo el espacio construido en tanto territorio. En segundo lugar, se desarrolla el análisis de la relación de los sujetos con el espacio, su apropiación y dotación de sentido, involucrando relaciones identitarias que a menudo son analizadas a través de la categoría de lugar. Se prestará atención a dos de las diversas prácticas que construyen lugares (en términos de identidad) en los territorios construidos/ apropiados por la organización: el barrio y el piquete
Resumo:
As a common reference for many in-development standards and execution frameworks, special attention is being paid to Service-Oriented Architectures. SOAs modeling, however, is an area in which a consensus has not being achieved. Currently, standardization organizations are defining proposals to offer a solution to this problem. Nevertheless, until very recently, non-functional aspects of services have not been considered for standardization processes. In particular, there exists a lack of a design solution that permits an independent development of the functional and non-functional concerns of SOAs, allowing that each concern be addressed in a convenient manner in early stages of the development, in a way that could guarantee the quality of this type of systems. This paper, leveraging on previous work, presents an approach to integrate security-related non-functional aspects (such as confidentiality, integrity, and access control) in the development of services.
Resumo:
Las redes son la esencia de comunidades y sociedades humanas; constituyen el entramado en el que nos relacionamos y determinan cómo lo hacemos, cómo se disemina la información o incluso cómo las cosas se llevan a cabo. Pero el protagonismo de las redes va más allá del que adquiere en las redes sociales. Se encuentran en el seno de múltiples estructuras que conocemos, desde las interaciones entre las proteínas dentro de una célula hasta la interconexión de los routers de internet. Las redes sociales están presentes en internet desde sus principios, en el correo electrónico por tomar un ejemplo. Dentro de cada cliente de correo se manejan listas contactos que agregadas constituyen una red social. Sin embargo, ha sido con la aparición de los sitios web de redes sociales cuando este tipo de aplicaciones web han llegado a la conciencia general. Las redes sociales se han situado entre los sitios más populares y con más tráfico de la web. Páginas como Facebook o Twitter manejan cifras asombrosas en cuanto a número de usuarios activos, de tráfico o de tiempo invertido en el sitio. Pero las funcionalidades de red social no están restringidas a las redes sociales orientadas a contactos, aquellas enfocadas a construir tu lista de contactos e interactuar con ellos. Existen otros ejemplos de sitios que aprovechan las redes sociales para aumentar la actividad de los usuarios y su involucración alrededor de algún tipo de contenido. Estos ejemplos van desde una de las redes sociales más antiguas, Flickr, orientada al intercambio de fotografías, hasta Github, la red social de código libre más popular hoy en día. No es una casualidad que la popularidad de estos sitios web venga de la mano de sus funcionalidades de red social. El escenario es más rico aún, ya que los sitios de redes sociales interaccionan entre ellos, compartiendo y exportando listas de contactos, servicios de autenticación y proporcionando un valioso canal para publicitar la actividad de los usuarios en otros sitios web. Esta funcionalidad es reciente y aún les queda un paso hasta que las redes sociales superen su condición de bunkers y lleguen a un estado de verdadera interoperabilidad entre ellas, tal como funcionan hoy en día el correo electrónico o la mensajería instantánea. Este trabajo muestra una tecnología que permite construir sitios web con características de red social distribuída. En primer lugar, se presenta una tecnología para la construcción de un componente intermedio que permite proporcionar cualquier característica de gestión de contenidos al popular marco de desarrollo web modelo-vista-controlador (MVC) Ruby on Rails. Esta técnica constituye una herramienta para desarrolladores que les permita abstraerse de las complejidades de la gestión de contenidos y enfocarse en las particularidades de los propios contenidos. Esta técnica se usará también para proporcionar las características de red social. Se describe una nueva métrica de reusabilidad de código para demostrar la validez del componente intermedio en marcos MVC. En segundo lugar, se analizan las características de los sitios web de redes sociales más populares, con el objetivo de encontrar los patrones comunes que aparecen en ellos. Este análisis servirá como base para definir los requisitos que debe cumplir un marco para construir redes sociales. A continuación se propone una arquitectura de referencia que proporcione este tipo de características. Dicha arquitectura ha sido implementada en un componente, Social Stream, y probada en varias redes sociales, tanto orientadas a contactos como a contenido, en el contexto de una asociación vecinal tanto como en proyectos de investigación financiados por la UE. Ha sido la base de varios proyectos fin de carrera. Además, ha sido publicado como código libre, obteniendo una comunidad creciente y está siendo usado más allá del ámbito de este trabajo. Dicha arquitectura ha permitido la definición de un nuevo modelo de control de acceso social que supera varias limitaciones presentes en los modelos de control de acceso para redes sociales. Más aún, se han analizado casos de estudio de sitios de red social distribuídos, reuniendo un conjunto de caraterísticas que debe cumplir un marco para construir redes sociales distribuídas. Por último, se ha extendido la arquitectura del marco para dar cabida a las características de redes sociales distribuídas. Su implementación ha sido validada en proyectos de investigación financiados por la UE. Abstract Networks are the substance of human communities and societies; they constitute the structural framework on which we relate to each other and determine the way we do it, the way information is diseminated or even the way people get things done. But network prominence goes beyond the importance it acquires in social networks. Networks are found within numerous known structures, from protein interactions inside a cell to router connections on the internet. Social networks are present on the internet since its beginnings, in emails for example. Inside every email client, there are contact lists that added together constitute a social network. However, it has been with the emergence of social network sites (SNS) when these kinds of web applications have reached general awareness. SNS are now among the most popular sites in the web and with the higher traffic. Sites such as Facebook and Twitter hold astonishing figures of active users, traffic and time invested into the sites. Nevertheless, SNS functionalities are not restricted to contact-oriented social networks, those that are focused on building your own list of contacts and interacting with them. There are other examples of sites that leverage social networking to foster user activity and engagement around other types of content. Examples go from early SNS such as Flickr, the photography related networking site, to Github, the most popular social network repository nowadays. It is not an accident that the popularity of these websites comes hand-in-hand with their social network capabilities The scenario is even richer, due to the fact that SNS interact with each other, sharing and exporting contact lists and authentication as well as providing a valuable channel to publize user activity in other sites. These interactions are very recent and they are still finding their way to the point where SNS overcome their condition of data silos to a stage of full interoperability between sites, in the same way email and instant messaging networks work today. This work introduces a technology that allows to rapidly build any kind of distributed social network website. It first introduces a new technique to create middleware that can provide any kind of content management feature to a popular model-view-controller (MVC) web development framework, Ruby on Rails. It provides developers with tools that allow them to abstract from the complexities related with content management and focus on the development of specific content. This same technique is also used to provide the framework with social network features. Additionally, it describes a new metric of code reuse to assert the validity of the kind of middleware that is emerging in MVC frameworks. Secondly, the characteristics of top popular SNS are analysed in order to find the common patterns shown in them. This analysis is the ground for defining the requirements of a framework for building social network websites. Next, a reference architecture for supporting the features found in the analysis is proposed. This architecture has been implemented in a software component, called Social Stream, and tested in several social networks, both contact- and content-oriented, in local neighbourhood associations and EU-founded research projects. It has also been the ground for several Master’s theses. It has been released as a free and open source software that has obtained a growing community and that is now being used beyond the scope of this work. The social architecture has enabled the definition of a new social-based access control model that overcomes some of the limitations currenly present in access control models for social networks. Furthermore, paradigms and case studies in distributed SNS have been analysed, gathering a set of features for distributed social networking. Finally the architecture of the framework has been extended to support distributed SNS capabilities. Its implementation has also been validated in EU-founded research projects.
Resumo:
Digital services and communications in vehicular scenarios provide the essential assets to improve road transport in several ways like reducing accidents, improving traffic efficiency and optimizing the transport of goods and people. Vehicular communications typically rely on VANET (Vehicular Ad hoc Networks). In these networks vehicles communicate with each other without the need of infrastructure. VANET are mainly oriented to disseminate information to the vehicles in certain geographic area for time critical services like safety warnings but present very challenging requirements that have not been successfully fulfilled nowadays. Some of these challenges are; channel saturation due to simultaneous radio access of many vehicles, routing protocols in topologies that vary rapidly, minimum quality of service assurance and security mechanisms to efficiently detect and neutralize malicious attacks. Vehicular services can be classified in four important groups: Safety, Efficiency, Sustainability and Infotainment. The benefits of these services for the transport sector are clear but many technological and business challenges need to be faced before a real mass market deployment. Service delivery platforms are not prepared for fulfilling the needs of this complex environment with restrictive requirements due to the criticism of some services To overcome this situation, we propose a solution called VISIONS “Vehicular communication Improvement: Solution based on IMS Operational Nodes and Services”. VISIONS leverages on IMS subsystem and NGN enablers, and follows the CALM reference Architecture standardized by ISO. It also avoids the use of Road Side Units (RSUs), reducing complexity and high costs in terms of deployment and maintenance. We demonstrate the benefits in the following areas: 1. VANET networks efficiency. VISIONS provide a mechanism for the vehicles to access valuable information from IMS and its capabilities through a cellular channel. This efficiency improvement will occur in two relevant areas: a. Routing mechanisms. These protocols are responsible of carrying information from a vehicle to another (or a group of vehicles) using multihop mechanisms. We do not propose a new algorithm but the use of VANET topology information provided through our solution to enrich the performance of these protocols. b. Security. Many aspects of security (privacy, key, authentication, access control, revocation mechanisms, etc) are not resolved in vehicular communications. Our solution efficiently disseminates revocation information to neutralize malicious nodes in the VANET. 2. Service delivery platform. It is based on extended enablers, reference architectures, standard protocols and open APIs. By following this approach, we reduce costs and resources for service development, deployment and maintenance. To quantify these benefits in VANET networks, we provide an analytical model of the system and simulate our solution in realistic scenarios. The simulations results demonstrate how VISIONS improves the performance of relevant routing protocols and is more efficient neutralizing security attacks than the widely proposed solutions based on RSUs. Finally, we design an innovative Social Network service based in our platform, explaining how VISIONS facilitate the deployment and usage of complex capabilities. RESUMEN Los servicios digitales y comunicaciones en entornos vehiculares proporcionan herramientas esenciales para mejorar el transporte por carretera; reduciendo el número de accidentes, mejorando la eficiencia del tráfico y optimizando el transporte de mercancías y personas. Las comunicaciones vehiculares generalmente están basadas en redes VANET (Vehicular Ad hoc Networks). En dichas redes, los vehículos se comunican entre sí sin necesidad de infraestructura. Las redes VANET están principalmente orientadas a difundir información (por ejemplo advertencias de seguridad) a los vehículos en determinadas zonas geográficas, pero presentan unos requisitos muy exigentes que no se han resuelto con éxito hasta la fecha. Algunos de estos retos son; saturación del canal de acceso de radio debido al acceso simultáneo de múltiples vehículos, la eficiencia de protocolos de encaminamiento en topologías que varían rápidamente, la calidad de servicio (QoS) y los mecanismos de seguridad para detectar y neutralizar los ataques maliciosos de manera eficiente. Los servicios vehiculares pueden clasificarse en cuatro grupos: Seguridad, Eficiencia del tráfico, Sostenibilidad, e Infotainment (información y entretenimiento). Los beneficios de estos servicios para el sector son claros, pero es necesario resolver muchos desafíos tecnológicos y de negocio antes de una implementación real. Las actuales plataformas de despliegue de servicios no están preparadas para satisfacer las necesidades de este complejo entorno con requisitos muy restrictivos debido a la criticidad de algunas aplicaciones. Con el objetivo de mejorar esta situación, proponemos una solución llamada VISIONS “Vehicular communication Improvement: Solution based on IMS Operational Nodes and Services”. VISIONS se basa en el subsistema IMS, las capacidades NGN y es compatible con la arquitectura de referencia CALM estandarizado por ISO para sistemas de transporte. También evita el uso de elementos en las carreteras, conocidos como Road Side Units (RSU), reduciendo la complejidad y los altos costes de despliegue y mantenimiento. A lo largo de la tesis, demostramos los beneficios en las siguientes áreas: 1. Eficiencia en redes VANET. VISIONS proporciona un mecanismo para que los vehículos accedan a información valiosa proporcionada por IMS y sus capacidades a través de un canal de celular. Dicho mecanismo contribuye a la mejora de dos áreas importantes: a. Mecanismos de encaminamiento. Estos protocolos son responsables de llevar información de un vehículo a otro (o a un grupo de vehículos) utilizando múltiples saltos. No proponemos un nuevo algoritmo de encaminamiento, sino el uso de información topológica de la red VANET a través de nuestra solución para enriquecer el funcionamiento de los protocolos más relevantes. b. Seguridad. Muchos aspectos de la seguridad (privacidad, gestión de claves, autenticación, control de acceso, mecanismos de revocación, etc) no están resueltos en las comunicaciones vehiculares. Nuestra solución difunde de manera eficiente la información de revocación para neutralizar los nodos maliciosos en la red. 2. Plataforma de despliegue de servicios. Está basada en capacidades NGN, arquitecturas de referencia, protocolos estándar y APIs abiertos. Siguiendo este enfoque, reducimos costes y optimizamos procesos para el desarrollo, despliegue y mantenimiento de servicios vehiculares. Para cuantificar estos beneficios en las redes VANET, ofrecemos un modelo de analítico del sistema y simulamos nuestra solución en escenarios realistas. Los resultados de las simulaciones muestran cómo VISIONS mejora el rendimiento de los protocolos de encaminamiento relevantes y neutraliza los ataques a la seguridad de forma más eficientes que las soluciones basadas en RSU. Por último, diseñamos un innovador servicio de red social basado en nuestra plataforma, explicando cómo VISIONS facilita el despliegue y el uso de las capacidades NGN.
