An Enhanced WLAN Security System With FPGA Implementation for Multimedia Applications

Maintaining a high level of data security with a low impact on system performance is more challenging in wireless multimedia applications. Protocols that are used for wireless local area network (WLAN) security are known to significantly degrade performance. In this paper, we propose an enhanced security system for a WLAN. Our new design aims to decrease the processing delay and increase both the speed and throughput of the system, thereby making it more efficient for multimedia applications. Our design is based on the idea of offloading computationally intensive encryption and authentication services to the end systems’ CPUs. The security operations are performed by the hosts’ central processor (which is usually a powerful processor) before delivering the data to a wireless card (which usually has a low-performance processor). By adopting this design, we show that both the delay and the jitter are significantly reduced. At the access point, we improve the performance of network processing hardware for real-time cryptographic processing by using a specialized processor implemented with field-programmable gate array technology. Furthermore, we use enhanced techniques to implement the Counter (CTR) Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) and the CTR protocol. Our experiments show that it requires timing in the range of 20–40 μs to perform data encryption and authentication on different end-host CPUs (e.g., Intel Core i5, i7, and AMD 6-Core) as compared with 10–50 ms when performed using the wireless card. Furthermore, when compared with the standard WiFi protected access II (WPA2), results show that our proposed security system improved the speed to up to 3.7 times.

Allocation of Parallel Real-Time Tasks in Distributed Multi-core Architectures supported by an FTT-SE Network

Distributed real-time systems such as automotive applications are becoming larger and more complex, thus, requiring the use of more powerful hardware and software architectures. Furthermore, those distributed applications commonly have stringent real-time constraints. This implies that such applications would gain in flexibility if they were parallelized and distributed over the system. In this paper, we consider the problem of allocating fixed-priority fork-join Parallel/Distributed real-time tasks onto distributed multi-core nodes connected through a Flexible Time Triggered Switched Ethernet network. We analyze the system requirements and present a set of formulations based on a constraint programming approach. Constraint programming allows us to express the relations between variables in the form of constraints. Our approach is guaranteed to find a feasible solution, if one exists, in contrast to other approaches based on heuristics. Furthermore, approaches based on constraint programming have shown to obtain solutions for these type of formulations in reasonable time.

Towards effective control of P2P traffic aggregates in network infrastructures

Nowadays, many P2P applications proliferate in the Internet. The attractiveness of many of these systems relies on the collaborative approach used to exchange large resources without the dependence and associated constraints of centralized approaches where a single server is responsible to handle all the requests from the clients. As consequence, some P2P systems are also interesting and cost-effective approaches to be adopted by content-providers and other Internet players. However, there are several coexistence problems between P2P applications and In- ternet Service Providers (ISPs) due to the unforeseeable behavior of P2P traffic aggregates in ISP infrastructures. In this context, this work proposes a collaborative P2P/ISP system able to underpin the development of novel Traffic Engi- neering (TE) mechanisms contributing for a better coexistence between P2P applications and ISPs. Using the devised system, two TE methods are described being able to estimate and control the impact of P2P traffic aggregates on the ISP network links. One of the TE methods allows that ISP administrators are able to foresee the expected impact that a given P2P swarm will have in the underlying network infrastructure. The other TE method enables the definition of ISP friendly P2P topologies, where specific network links are protected from P2P traffic. As result, the proposed system and associated mechanisms will contribute for improved ISP resource management tasks and to foster the deployment of innovative ISP-friendly systems.

Wealth constraints, skill prices or networks: what determines emigrant selection?

The productive characteristics of migrating individuals, emigrant selection, affect welfare. The empirical estimation of the degree of selection suffers from a lack of complete and nationally representative data. This paper uses a new and better dataset to address both issues: the ENET (Mexican Labor Survey), which identifies emigrants right before they leave and allows a direct comparison to non-migrants. This dataset presents a relevant dichotomy: it shows on average negative selection for Mexican emigrants to the United States for the period 2000-2004 together with positive selection in Mexican emigration out of rural Mexico to the United States in the same period. Three theories that could explain this dichotomy are tested. Whereas higher skill prices in Mexico than in the US are enough to explain negative selection in urban Mexico, its combination with network effects and wealth constraints is required to account for positive selection in rural Mexico.

Traffic forecasts under uncertainty and capacity constraints

Traffic forecasts provide essential input for the appraisal of transport investment projects. However, according to recent empirical evidence, long-term predictions are subject to high levels of uncertainty. This paper quantifies uncertainty in traffic forecasts for the tolled motorway network in Spain. Uncertainty is quantified in the form of a confidence interval for the traffic forecast that includes both model uncertainty and input uncertainty. We apply a stochastic simulation process based on bootstrapping techniques. Furthermore, the paper proposes a new methodology to account for capacity constraints in long-term traffic forecasts. Specifically, we suggest a dynamic model in which the speed of adjustment is related to the ratio between the actual traffic flow and the maximum capacity of the motorway. This methodology is applied to a specific public policy that consists of suppressing the toll on a certain motorway section before the concession expires.

Implementation of IPM programs on European greenhouse tomato production areas: Tools and constraints

Whiteflies and whitefly-transmitted viruses are some of the major constraints on European tomato production. The main objectives of this study were to: identify where and why whiteflies are a major limitation on tomato crops; collect information about whiteflies and associated viruses; determine the available management tools; and identify key knowledge gaps and research priorities. This study was conducted within the framework of ENDURE (European Network for Durable Exploitation of Crop Protection Strategies). Two whitefly species are the main pests of tomato in Europe: Bemisia tabaci and Trialeurodes vaporariorum. Trialeurodes vaporariorum is widespread to all areas where greenhouse industry is present, and B. tabaci has invaded, since the early 1990’s, all the subtropical and tropical areas. Biotypes B and Q of B. tabaci are widespread and especially problematic. Other key tomato pests are Aculops lycopersici, Helicoverpa armigera, Frankliniella occidentalis, and leaf miners. Tomato crops are particularly susceptible to viruses causingTomato yellow leaf curl disease (TYLCD). High incidences of this disease are associated to high pressure of its vector, B. tabaci. The ranked importance of B. tabaci established in this study correlates with the levels of insecticide use, showing B. tabaci as one of the principal drivers behind chemical control. Confirmed cases of resistance to almost all insecticides have been reported. Integrated Pest Management based on biological control (IPM-BC) is applied in all the surveyed regions and identified as the strategy using fewer insecticides. Other IPM components include greenhouse netting and TYLCD-tolerant tomato cultivars. Sampling techniques differ between regions, where decisions are generally based upon whitefly densities and do not relate to control strategies or growing cycles. For population monitoring and control, whitefly species are always identified. In Europe IPM-BC is the recommended strategy for a sustainable tomato production. The IPM-BC approach is mainly based on inoculative releases of the parasitoids Eretmocerus mundus and Encarsia formosa and/or the polyphagous predators Macrolophus caliginosus and Nesidiocoris tenuis. However, some limitations for a wider implementation have been identified: lack of biological solutions for some pests, costs of beneficials, low farmer confidence, costs of technical advice, and low pest injury thresholds. Research priorities to promote and improve IPM-BC are proposed on the following domains: (i) emergence and invasion of new whitefly-transmitted viruses; (ii) relevance of B. tabaci biotypes regarding insecticide resistance; (iii) biochemistry and genetics of plant resistance; (iv) economic thresholds and sampling techniques of whiteflies for decision making; and (v) conservation and management of native whitefly natural enemies and improvement of biological control of other tomato pests.

Relaxation of selective constraints causes independent selenoprotein extinction in insect genomes

BACKGROUND: Selenoproteins are a diverse family of proteins notable for the presence of the 21st amino acid, selenocysteine. Until very recently, all metazoan genomes investigated encoded selenoproteins, and these proteins had therefore been believed to be essential for animal life. Challenging this assumption, recent comparative analyses of insect genomes have revealed that some insect genomes appear to have lost selenoprotein genes. METHODOLOGY/PRINCIPAL FINDINGS: In this paper we investigate in detail the fate of selenoproteins, and that of selenoprotein factors, in all available arthropod genomes. We use a variety of in silico comparative genomics approaches to look for known selenoprotein genes and factors involved in selenoprotein biosynthesis. We have found that five insect species have completely lost the ability to encode selenoproteins and that selenoprotein loss in these species, although so far confined to the Endopterygota infraclass, cannot be attributed to a single evolutionary event, but rather to multiple, independent events. Loss of selenoproteins and selenoprotein factors is usually coupled to the deletion of the entire no-longer functional genomic region, rather than to sequence degradation and consequent pseudogenisation. Such dynamics of gene extinction are consistent with the high rate of genome rearrangements observed in Drosophila. We have also found that, while many selenoprotein factors are concomitantly lost with the selenoproteins, others are present and conserved in all investigated genomes, irrespective of whether they code for selenoproteins or not, suggesting that they are involved in additional, non-selenoprotein related functions. CONCLUSIONS/SIGNIFICANCE: Selenoproteins have been independently lost in several insect species, possibly as a consequence of the relaxation in insects of the selective constraints acting across metazoans to maintain selenoproteins. The dispensability of selenoproteins in insects may be related to the fundamental differences in antioxidant defense between these animals and other metazoans.

Equivalence of piecewise-linear approximation and Lagrangian relaxation for network revenue management

The network revenue management (RM) problem arises in airline, hotel, media,and other industries where the sale products use multiple resources. It can be formulatedas a stochastic dynamic program but the dynamic program is computationallyintractable because of an exponentially large state space, and a number of heuristicshave been proposed to approximate it. Notable amongst these -both for their revenueperformance, as well as their theoretically sound basis- are approximate dynamic programmingmethods that approximate the value function by basis functions (both affinefunctions as well as piecewise-linear functions have been proposed for network RM)and decomposition methods that relax the constraints of the dynamic program to solvesimpler dynamic programs (such as the Lagrangian relaxation methods). In this paperwe show that these two seemingly distinct approaches coincide for the network RMdynamic program, i.e., the piecewise-linear approximation method and the Lagrangianrelaxation method are one and the same.

An enhanced concave program relaxation for choice network revenue management

The network choice revenue management problem models customers as choosing from an offer-set, andthe firm decides the best subset to offer at any given moment to maximize expected revenue. The resultingdynamic program for the firm is intractable and approximated by a deterministic linear programcalled the CDLP which has an exponential number of columns. However, under the choice-set paradigmwhen the segment consideration sets overlap, the CDLP is difficult to solve. Column generation has beenproposed but finding an entering column has been shown to be NP-hard. In this paper, starting with aconcave program formulation based on segment-level consideration sets called SDCP, we add a class ofconstraints called product constraints, that project onto subsets of intersections. In addition we proposea natural direct tightening of the SDCP called ?SDCP, and compare the performance of both methodson the benchmark data sets in the literature. Both the product constraints and the ?SDCP method arevery simple and easy to implement and are applicable to the case of overlapping segment considerationsets. In our computational testing on the benchmark data sets in the literature, SDCP with productconstraints achieves the CDLP value at a fraction of the CPU time taken by column generation and webelieve is a very promising approach for quickly approximating CDLP when segment consideration setsoverlap and the consideration sets themselves are relatively small.

Comparative genomics of the vertebrate insulin/TOR signal transduction pathway: A network-level analysis of selective pressures

Complexity of biological function relies on large networks of interacting molecules. However, the evolutionary properties of these networks are not fully understood. It has been shown that selective pressures depend on the position of genes in the network. We have previously shown that in the Drosophila insulin/target of rapamycin (TOR) signal transduction pathway there is a correlation between the pathway position and the strength of purifying selection, with the downstream genes being most constrained. In this study, we investigated the evolutionary dynamics of this well-characterized pathway in vertebrates. More specifically, we determined the impact of natural selection on the evolution of 72 genes of this pathway. We found that in vertebrates there is a similar gradient of selective constraint in the insulin/TOR pathway to that found in Drosophila. This feature is neither the result of a polarity in the impact of positive selection nor of a series of factors affecting selective constraint levels (gene expression level and breadth, codon bias, protein length, and connectivity). We also found that pathway genes encoding physically interacting proteins tend to evolve under similar selective constraints. The results indicate that the architecture of the vertebrate insulin/TOR pathway constrains the molecular evolution of its components. Therefore, the polarity detected in Drosophila is neither specific nor incidental of this genus. Hence, although the underlying biological mechanisms remain unclear, these may be similar in both vertebrates and Drosophila.

Transparent and secure remote network storage system using an untrusted server

Työssä kehitettin läpinäkyvä Internet Small Computer Systems Interface-verkkolevyä (iSCSI) käyttävä varmistusjärjestelmä. Verkkolevyn sisältö suojattiin asiakaspään salauskerroksella (dm-crypt). Järjestely mahdollisti sen, että verkkolevylle tallennetut varmuuskopiot pysyivät luottamuksellisina, vaikka levypalvelinta tarjoava taho oli joko epäluotettava tai suorastaan vihamielinen. Järjestelmän hyötykäyttöä varten kehitettiin helppokäyttöinen prototyyppisovellus. Järjestelmän riskit ja haavoittuvuudet käytiin läpi ja analysoitiin. Järjestelmälle tehtiin myös karkea kryptoanalyysi sen teknistenominaisuuksien pohjalta. Suorituskykymittaukset tehtiin sekä salatulle että salaamattomalle iSCSI-liikenteelle. Näistä todettiin, että salauksen vaikutus suorituskykyyn oli häviävän pieni jopa 100 megabittiä sekunnissa siirtävillä verkkonopeuksilla. Lisäksi pohdittiin teknologian muita sovelluskohteita ja tulevia tutkimusalueita.

Platform Architectures for Policy-Based Network Access Control

Tämä diplomityö käsittelee sääntöpohjaisen verkkoon pääsyn hallinnan (NAC) ratkaisuja arkkitehtonisesta näkökulmasta. Työssä käydään läpi Trusted Computing Groupin, Microsoft Corporationin, Juniper Networksin sekä Cisco Systemsin NAC-ratkaisuja. NAC koostuu joukosta uusia sekä jo olemassa olevia teknologioita, jotka auttavat ennalta määriteltyyn sääntökantaan perustuen hallitsemaan suojattuun verkkoon pyrkivien laitteiden tietoliikenneyhteyksiä. Käyttäjän tunnistamisen lisäksi NAC pystyy rajoittamaan verkkoon pääsyä laitekohtaisten ominaisuuksien perusteella, esimerkiksi virustunnisteisiin ja käyttöjärjestelmäpäivityksiin liittyen ja paikkaamaan tietyin rajoituksin näissä esiintyviä puutteita verkkoon pääsyn sallimiseksi. NAC on verraten uusi käsite, jolta puuttuu tarkka määritelmä. Tästä johtuen nykymarkkinoilla myydään ominaisuuksiltaan puutteellisia tuotteita NAC-nimikkeellä. Standardointi eri valmistajien NAC-komponenttien yhteentoimivuuden takaamiseksi on meneillään, minkä perusteella ratkaisut voidaan jakaa joko avoimia standardeja tai valmistajakohtaisia standardeja noudattaviksi. Esitellyt NAC-ratkaisut noudattavat standardeja joko rajoitetusti tai eivät lainkaan. Mikään läpikäydyistä ratkaisuista ei ole täydellinen NAC, mutta Juniper Networksin ratkaisu nousee niistä potentiaalisimmaksi jatkokehityksen ja -tutkimuksen kohteeksi TietoEnator Processing & Networks Oy:lle. Eräs keskeinen ongelma NAC-konseptissa on työaseman tietoverkolle toimittama mahdollisesti valheellinen tietoturvatarkistuksen tulos, minkä perusteella pääsyä osittain hallitaan. Muun muassa tähän ongelmaan ratkaisuna voisi olla jo nykytietokoneista löytyvä TPM-siru, mikä takaa tiedon oikeellisuuden ja koskemattomuuden.

Aggregating and Deploying Network Access Control Policies

Peer-reviewed

Security, Privacy and Anonymity in Legal Distribution of Copyrighted Multimedia Content over Peer-to-Peer Networks: A Brief Overview

Peer-reviewed