On the scalability of LISP mappings caches

The Locator/ID Separation Protocol (LISP) limits the growth of the Default-Free Zone routing tables by creating a highly aggregatable and quasi-static Internet core. However, LISP pushes the forwarding state to edge routers whose timely operation relies on caching of location to identity bindings. In this paper we develop an analytical model to study the asymptotic scalability of the LISP cache. Under the assumptions that (i) long-term popularity can be modeled as a Generalized Zipf distribution, independent of Internet and LISP site growth and (ii) temporal locality is predominantly determined by long-term popularity, we find that LISP cache miss rate scales O(1) with respect to the amount of prefixes (Internet growth) and users (LISP site growth). We validate the model and discuss the accuracy of our assumptions using several one-day-long packet traces.     

标识路由关键技术

现有路由系统面临来自可扩展性、移动性、多宿主以及流量工程等方面的挑战,已经不能满足客观需求.基于位置与标识分离的思想,提出了标识路由的概念并对其研究范围进行了精确的界定.根据标识路由的设计目标,还详细介绍和比较了国内外相关的研究工作.最后提出标识路由研究的若干关键问题,并对未来的研究方向做出展望.     

Qualitative analysis of mapping systems in the Internet architectures based on identifier/locator separation

The current Internet has several known challenges, such as routing scalability, mobility, multihoming, traffic engineering, etc. due to the overloaded semantics of IP address, i.e. it is used as a node identifier (ID) and a node locator (LOC). Thus, the research community has redesigned the Internet architecture based on ID/LOC separation to overcome the limitations of the current Internet. In all Internet architectures based on ID/LOC separation, ID to LOC mapping system is necessarily required to bind ID and its LOC, since ID is no longer dependent to its LOC logically or physically. Thus, how to design the mapping system is a key challenge in ID/LOC separation architecture. In this paper, we analyse qualitatively the mapping systems proposed in ID/LOC separation architectures to provide insights into designing a new mapping system. The main contribution in this paper is that we categorise ID to LOC mapping systems according to the mapping server structure and provide the pros and cons of the mapping systems belonging to each category. Based on our qualitative analysis, we also examine intuitively if the mapping systems in each category satisfy their requirements.     

An Open Secure Mobile Agent Framework for Systems Management

The Mobile Agent (MA) technology is gainingimportance in the distributed management of networks andservices for heterogeneous environments. MA-basedmanagement systems could represent an interestingalternative to traditional tools built upon theclient/server model, either SNMP- or CMIP-based. Twomain requirements currently limit the acceptance of MAsolutions for management: the need of interoperabilityand the request for security. Without security,management systems cannot suit global untrustedenvironments, such as the Internet; withoutinteroperability, they cannot interact with existingtools and legacy systems. The paper describes an MA-basedmanagement system with security and interoperability asthe two main design objectives. It is an open managementframework that grants interoperability by providing compliance with CORBA, the most diffusedstandard in the area of object-oriented components. Inaddition, it is based on a thorough security model andprovides a wide range of tools and mechanisms to build and enforce flexible securitypolicies.     

利用二叉排序树改进结构化P2P模型

P2P覆盖网络是一种对等网之间的逻辑连接构成的应用层网络,由于其易于构建、管理灵活、可扩展性强,在实现互联网上的多种应用中发挥着重要的作用。在研究Chord算法的基础上提出了一个BBSTC网络拓扑模型,介绍了网络节点的加入和退出的路由算法以及资源定位的步骤,通过仿真实验和分析表明此方案可以显著改善搜索结果的成功率和大大减少搜索所需的路由跳数,在目前结构化P2P环境中,该策略有一定的推广利用和研究价值。     

On scalability of proximity-aware peer-to-peer streaming

P2P (peer-to-peer) technology has proved itself an efficient and cost-effective solution to support large-scale multimedia streaming. Different from traditional P2P applications, the quality of P2P streaming is strictly determined by performance metrics such as streaming delay. To meet these requirements, previous studies resorted to intuitions and heuristics to construct peer selection solutions incorporating topology and proximity concerns. However, the impact of proximity-aware methodology and delay tolerance of peers on the scalability of P2P system remains an unanswered question. In this paper, we study this problem via an analytical approach. To address the challenge of incorporating Internet topology into P2P streaming analysis, we construct a H-sphere network model which maps the network topology from the space of discrete graph to the continuous geometric domain, meanwhile capturing the power-law property of Internet. Based on this model, we analyze a series of peer selection methods by evaluating their performance via key scalability metrics. Our analytical observations are further verified via simulation on Internet topologies.     

Research challenges towards the Future Internet

The convergence of computer-communication networks towards an all-IP integrated network has transformed Internet in a commercial commodity that has stimulated an un-precedent offer of novel communication services that are pushing the Internet architecture and protocols well beyond their original design. This calls for extraordinary research efforts at all levels of the protocol stack to address the challenges of existing and future networked applications and services in terms of scalability, mobility, flexibility, security, etc. In this article we focus on some hot research areas and discuss the research issues that need to be tackled for addressing the multiple challenges of the Future Internet. Far from being a comprehensive analysis of all the challenges faced by the Future Internet, this article tries to call the attention of Computer Communications readers to new and promising research areas, identified by members of the journal editorial board to stimulate further research activities in these areas. The survey of these research areas is then complemented with a brief review of the on-going activities in the other important research areas towards the Future Internet.     

一种基于Hash的位置标识映射机制

随着互联网的发展,传统的基于TCP/IP体系结构的互联网在扩展性、移动性、安全性等方面的缺陷逐渐暴露出来,并限制了多宿主、流量工程等新技术的发展,这其中的一个重要原因就是IP地址语义过载。针对这一问题,学术界普遍认为需要对下一代互联网的命名和寻址体系结构进行重新设计,Locator/ID Split就是其中一个重要的研究方向。Locator/ID Split的核心是提供基于扁平标识的可扩展映射服务机制。HLIMM采用了基于哈希的路由方式,通过一组分布式映射服务器,为边缘网络提供了确定性的映射解析机制,满足了扁平标识Identifier映射服务的可扩展性,并能够在一定程度上适应映射服务节点的动态加入和离开。     

隐私安全策略中的变更影响分析

为了解决Web分布式系统中的隐私安全策略在制定和变更中的错误很难被发现的问题,提出了策略变更中各种情况的相应变更影响分析算法。对以可扩展访问控制标记语言(XACML)为代表的隐私安全策略语言中的变更理论进行了研究,定义了变更分析中的相关概念,通过把策略中的字符串元素转化成对应整数值建立一个优化的树形数据结构,利用树的特征分析变更后果。这使得一个管理员可以在正式应用策略变更前检验即将实施的变更是否符合自己的真正意图,从而大大增强系统安全性。最后实现了一个原型系统,并可以应用到其他标准策略语言。     

移动物联网的可定制RFID网络安全协议

已有的RFID安全协议大多针对隐私性与匿名性而忽略了可扩展性与可定制性,对此提出一种可扩展且可定制的RFID双向认证协议.首先,目标认证模块分别对标签与客户端阅读器进行认证,其中分别使用基于线性搜索的标签分组以及一个映射表提高认证的效率;然后,通过简单的ID匹配机制检测恶意用户;最终,通过标签与服务器的交互认证实现双向认证过程,进一步提高安全性.分析结果表明,本算法在具有可定制能力与可扩展能力的前提下,且具有较好的计算效率与安全性.     

Pollution attacks and defenses for Internet caching systems

Proxy caching servers are widely deployed in today’s Internet. While cooperation among proxy caches can significantly improve a network’s resilience to denial-of-service (DoS) attacks, lack of cooperation can transform such servers into viable DoS targets. In this paper, we investigate a class of pollution attacks that aim to degrade a proxy’s caching capabilities, either by ruining the cache file locality, or by inducing false file locality. Using simulations, we propose and evaluate the effects of pollution attacks both in Web and peer-to-peer (p2p) scenarios, and reveal dramatic variability in resilience to pollution among several cache replacement policies.We develop efficient methods to detect both false-locality and locality-disruption attacks, as well as a combination of the two. To achieve high scalability for a large number of clients/requests without sacrificing the detection accuracy, we leverage streaming computation techniques, i.e., bloom filters and probabilistic counting. Evaluation results from large-scale simulations show that these mechanisms are effective and efficient in detecting and mitigating such attacks. Furthermore, a Squid-based implementation demonstrates that our protection mechanism forces the attacker to launch extremely large distributed attacks in order to succeed.     

Mosco: a privacy-aware middleware for mobile social computing

The proliferation of mobile devices coupled with Internet access is generating a tremendous amount of highly personal and sensitive data. Applications such as location-based services and quantified self harness such data to bring meaningful context to users’ behavior. As social applications are becoming prevalent, there is a trend for users to share their mobile data. The nature of online social networking poses new challenges for controlling access to private data, as compared to traditional enterprise systems. First, the user may have a large number of friends, each associated with a unique access policy. Second, the access control policies must be dynamic and fine-grained, i.e. they are content-based, as opposed to all-or-nothing. In this paper, we investigate the challenges in sharing of mobile data in social applications. We design and evaluate a middleware running on Google App Engine, named Mosco, that manages and facilitates sharing of mobile data in a privacy-preserving manner. We use Mosco to develop a location sharing and a health monitoring application. Mosco helps shorten the development process. Finally, we perform benchmarking experiments with Mosco, the results of which indicate small overhead and high scalability.     

未来互联网体系结构研究综述

互联网逐渐成为社会基础设施,现有TCP/IP体系结构面临诸多挑战,未来互联网体系结构成为研究热点.文中分析了现行互联网在可扩展性、动态性、安全可控性等方面面临的根本性问题,综合比较了面向可扩展性、面向动态性及可信未来互联网体系结构研究,讨论了相关体系结构存在的问题.实验验证是未来互联网研究的重要手段,论文进一步分析了支持互联网体系结构持续创新所需的可编程虚拟化路由器及其试验床的研究进展.论文最后讨论了未来互联网体系结构有待重点研究的相关问题.     

大型网站的架构研究及解决方案

随着互联网业务的发展,网站规模越来越大,各种技术被提出以用于提升网站的性能、可用性、伸缩性、扩展性、安全性。在分析影响性能、可用性、伸缩性、扩展性和安全性等架构因素的基础上,提出了一套网站架构解决方案,并为图书馆集成发现系统的管理运维探索总结成功经验。     

SOL: A Verifiable Synchronous Language for Reactive Systems

SOL (Secure Operations Language) is a synchronous programming language for implementing reactive systems. The utility of SOL hinges upon the fact that it is a secure language, i.e., most programs in SOL are amenable to fully automated static analysis techniques, such as automatic theorem proving using decision procedures or model checking. Among the unique features of SOL is the ability to express a wide class of enforceable safety and security policies (including the temporal aspects of software component interfaces) in the language itself, thereby opening up the possibility of eliminating runaway computations and malicious code, such as worms and viruses.     

一种面向服务的物联网中间件模型

描述了一种面向服务的物联网中间件模型,重点分析了物联网中间件结构的安全性和嵌入式设备的异构性,在该模型中定义了一组抽象的服务原语,以屏蔽设备的异构性和方便应用平台的协同工作。该模型所描述的中间件具有物联网中必不可少的特征如安全性、可扩展性、灵活性和协同工作的能力等。     

一种面向服务的物联网中间件模型

描述了一种面向服务的物联网中间件模型,重点分析了物联网中间件结构的安全性和嵌入式设备的异构性,在该模型中定义了一组抽象的服务原语,以屏蔽设备的异构性和方便应用平台的协同工作。该模型所描述的中间件具有物联网中必不可少的特征如安全性、可扩展性、灵活性和协同工作的能力等。     

Provider-based deterministic packet marking against distributed DoS attacks

One of the most serious security threats on the Internet are Distributed Denial of Service (DDoS) attacks, due to the significant service disruption they can create and the difficulty in preventing them. In this paper, we propose new deterministic packet marking models in order to characterize DDoS attack streams. Such a common characterization can be used to make filtering near the victim more effective. In this direction we propose a rate control scheme that protects destination domains by limiting the amount of traffic during an attack, while leaving a large percentage of legitimate traffic unaffected. The above features enable providers to offer enhanced security protection against such attacks as a value-added service to their customers, and hence offer positive incentives for them to deploy the proposed models. We evaluate the proposed marking models using a snapshot of the actual Internet topology, in terms of how well they differentiate attack traffic from legitimate traffic in cases of full and partial deployment.     

策略灵活安全系统的设计与实现

安全需求多样化对操作系统提出策略灵活性要求，传统操作系统把对安全策略的支持分散到系统相关功能模块中，如文件系统及进程通信等，难以满足这种需求，该文通过对操作系统中策略相关功能部件的分析，提出了一种策略灵活的安全体系结构，并在Linux基础上实现该结构。同以往研究相比，该结构通过对安全属性的统一维护简化了策略冲突协调的复杂性，既方便用户灵活配置已有安全策略，又支持用户针对本领域的安全需求引入新的安全属性及添加新型安全策略。     

Efficient inter-domain traffic engineering with transit-edge hierarchical routing

The relentless growth of Internet, which has resulted in the increase of routing table sizes, requires consideration and new direction to address Internet scalability and resiliency. A possible direction is to move away from the flat legacy Internet routing to hierarchical routing, and introduce two-level hierarchical routing between edge networks and across transit networks. In this way, there is also an opportunity to separate the routing locator from the terminal identifier, to better manage IP mobility and mitigate important routing security issues. In this paper, we study the extended traffic engineering capabilities arising in a transit-edge hierarchical routing, focusing on those multi-homed edge networks (e.g., Cloud/content providers) that aim at increasing their Internet resiliency experience. We model the interaction between distant independent edge networks exchanging large traffic volumes using game theory, with the goal of seeking efficient edge-to-edge load-balancing solutions. The proposed traffic engineering framework relies on a non-cooperative potential game, built upon locator and path ranking costs, that indicates efficient equilibrium solution for the edge-to-edge load-balancing coordination problem. Simulations on real instances show that in comparison to the available standard protocols such as BGP and LISP, we can achieve a much higher degree of resiliency and stability.¹