Kutscher / Ott / Bartsch 2007-05-23 1 Supporting Network Access and Service Location in Dynamic Environments Dirk Kutscher Jörg Ott Steffen Bartsch TNC.

Slides:

Advertisements

Similar presentations

Dynamic Replica Placement for Scalable Content Delivery Yan Chen, Randy H. Katz, John D. Kubiatowicz {yanchen, randy, EECS Department.

Advertisements

TU/e Service Discovery Mechanisms: two case studies / IC2002 Service Discovery Mechanisms: Two case studies Control point Device UPnP Terminal Domain Host.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

© 2012 IBM Corporation 1 IBM Cognos 10 family Analytics in the hands of everyone Address all your analytic needs Report, Analyze, Model, Plan and Collaborate.

SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation.

1 Towards Pervasive Connectivity in Mobile Computing Frank Siegemund European Microsoft Innovation Center November 2006.

T-FLEX DOCs PLM, Document and Workflow Management.

MobiShare: Sharing Context-Dependent Data & Services from Mobile Sources Efstratios Valavanis, Christopher Ververidis, Michalis Vazirgianis, George C.

Rev A8/8/021 ABC Networks

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

TNC 2003 Wireless Campus project Coletta Elisa Marchioro -

Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

IPassConnect for Symbian 1.0 August Agenda Overview of iPassConnect for Symbian 1.0 Features and Benefits Screenshots Supported Devices Connecting.

CS 268: Project Suggestions Ion Stoica January 23, 2006.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

CORDRA Philip V.W. Dodds March The “Problem Space” The SCORM framework specifies how to develop and deploy content objects that can be shared and.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

1 Enabling Secure Internet Access with ISA Server.

System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

Omniran OmniRAN Wi-Fi Hotspot Roaming Use Case Date: Authors: NameAffiliationPhone Max RiegelNSN

Introduction to UDDI From: OASIS, Introduction to UDDI: Important Features and Functional Concepts.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

Chapter 10: Authentication Guide to Computer Network Security.

The SAM-Grid Fabric Services Gabriele Garzoglio (for the SAM-Grid team) Computing Division Fermilab.

Locating objects identified by DDI3 Uniform Resource Names Part of Session: Concurrent B2: Reports and Updates on DDI activities 2nd Annual European DDI.

COnvergence of fixed and Mobile BrOadband access/aggregation networks Work programme topic: ICT Future Networks Type of project: Large scale integrating.

Module 8: Managing Client Configuration and Connectivity.

Exploring VoD in P2P Swarming Systems By Siddhartha Annapureddy, Saikat Guha, Christos Gkantsidis, Dinan Gunawardena, Pablo Rodriguez Presented by Svetlana.

February 25, Infrastructure-ENUM Secure, Private, Next Generation Addressing Infrastructure Douglas J. Ranalli Founder, Chief Strategy Officer NetNumber,

1 MultimEDia transport for mobIlE Video AppLications 9 th Concertation Meeting Brussels, 13 th February 2012 MEDIEVAL Consortium.

Global Customer Partnership Council Forum | 2008 | November 18 1IBM - GCPC MeetingIBM - GCPC Meeting IBM Lotus® Sametime® Meeting Server Deployment and.

5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam Microsoft® Windows® 2000 Directory Services Infrastructure Goals 

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.

Grid Appliance – On the Design of Self-Organizing, Decentralized Grids David Wolinsky, Arjun Prakash, and Renato Figueiredo ACIS Lab at the University.

Master Thesis Defense Jan Fiedler 04/17/98

CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+

Wireless Networks of Devices (WIND) Hari Balakrishnan and John Guttag MIT Lab for Computer Science NTT-MIT Meeting, January 2000.

Kutscher / Ott / Bormann Enhancing User Mobility with Network Service Maps Dirk Kutscher Jörg Ott Carsten Bormann TNC

Linked-data and the Internet of Things Payam Barnaghi Centre for Communication Systems Research University of Surrey March 2012.

Distributed Session Announcement Agents for Real-time Streaming Applications Keio University, Graduate School of Media and Governance Kazuhiro Mishima.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Using DHCPv6 for DNS Configuration in Hosts draft-ietf-droms-dnsconfig-dhcpv6-00.txt Ralph Droms.

Configuring Network Services and Protocols Lecture 2.

1 Emergency Alerts as RSS Feeds with Interdomain Authorization Filippo Gioachin 1, Ravinder Shankesi 1, Michael J. May 1,2, Carl A. Gunter 1, Wook Shin.

Advanced Computer Networks Topic 2: Characterization of Distributed Systems.

Adaptive Web Caching CS411 Dynamic Web-Based Systems Flying Pig Fei Teng/Long Zhao/Pallavi Shinde Computer Science Department.

NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.

Windows Server 2003 La migrazione da Windows NT 4.0 a Windows Server 2003 Relatore: MCSE - MCT.

Object storage and object interoperability

Providing web services to mobile users: The architecture design of an m-service portal Minder Chen - Dongsong Zhang - Lina Zhou Presented by: Juan M. Cubillos.

Introduction to Active Directory

1 Enhanced Mobility Support for Roaming Users: Extending the IEEE Information Service WWIC 2010 Luleå, June 1-3, 2010 Karl Andersson*, Andrea G.

IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.

Resolve today’s IT management dilemma Enable generalist operators to localize user perceptible connectivity problems Raise alerts prioritized by the amount.

SQL Server 2012 Session: 1 Session: 4 SQL Azure Data Management Using Microsoft SQL Server.

John S. Otto Mario A. Sánchez John P. Rula Fabián E. Bustamante Northwestern, EECS.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

Efficient Opportunistic Sensing using Mobile Collaborative Platform MOSDEN.

Page 1 Cloud Computing JYOTI GARG CSE 3 RD YEAR UIET KUK.

Multicast in Information-Centric Networking March 2012.

Network Topologies for Scalable Multi-User Virtual Environments Lingrui Liang.

A Semi-Automated Digital Preservation System based on Semantic Web Services Jane Hunter Sharmin Choudhury DSTC PTY LTD, Brisbane, Australia Slides by Ananta.

Integration of and Third-Generation Wireless Data Networks

CONNECTING TO THE INTERNET

PLM, Document and Workflow Management

敦群數位科技有限公司(vanGene Digital Inc.) 游家德(Jade Yu.)

Presentation transcript:

Kutscher / Ott / Bartsch Supporting Network Access and Service Location in Dynamic Environments Dirk Kutscher Jörg Ott Steffen Bartsch TNC

Kutscher / Ott / Bartsch Trends  Service location and selection a major issue for WLAN service providers  Different use cases Information about general coverage, roaming possibilities and tariffs Facilitating automated access Providing information for diagnosis and maintenance  Existing ways for service location and selection insufficient for mobile users Fragmented information services (per provider) Inadequate solutions for automated access (Google Maps mesh-ups etc.)  no offline usage! Information often outdated

Kutscher / Ott / Bartsch Example: FON Community WLAN Approach  Web-based information service with Google Maps-based visualization  Informational only Information cannot be used for automated client device configuration  No relation to user’s current context Position, required services

Kutscher / Ott / Bartsch Selected Recent Developments  FON Connection Manager Locate and automatically connect to FON Hotspots (Symbian S60)  DeviceScape Centralized connectivity management approach Mobile clients access DeviceScape information database through DNS requests Providing WISP-specific information (how to log on) Mainly targeting automated log-on  iPass Hotspot Finder Offline hotspot finder for Windows XP, Vista Pre-downloadable maps Offline search based on different criteria

Kutscher / Ott / Bartsch Shortcomings  Many provider-specific solutions Not useful for general network service location  No structured update mechanisms Users have to manually update the application/database  Focusing on WLAN network access Other (related) services not covered VoIP access, multimedia resources etc.

Kutscher / Ott / Bartsch Service Maps: Main Concepts  Network Information Service for Heterogeneous networks Challenged environments Large scale deployment  Different take on network service location Receiver- and infrastructure-based filtering Accommodate different network architectures  Main concept Mobile nodes receive/request service information from different sources and construct network service map according to MN requirements Support offline usage Leverage locality of distribution networks (e.g., WLAN) and service scope

Kutscher / Ott / Bartsch Service Map Distribution Architecture

Kutscher / Ott / Bartsch Data Model

Kutscher / Ott / Bartsch Filtering and Aggregation  Aggregation E.g., provider-independent aggregators can combine Service Maps from multiple providers  Filtering Different types of filter operations Tag filter : specify service tags that have to be present in a service description Location filter : Filter services relevant to a specific region XPath filter : filter based on arbitrary XML content in service descriptions and refinements

Kutscher / Ott / Bartsch Service Map URNs  Motivation: Transport-independent distribution can generate multiple copies  Globally unique identification for service maps required  Uniform Resource Name (URN) as an identification mechanism for service maps, fragments and refinements  Comparison rules (subset predicate)  Resolution Mechanism based on Dynamic Delegation Discovery System (DDDS) Obtain specific URI through domain-specific translation rules urn:svcmap:example.org: :campus-wlan#coord= , ;range=100 urn:svcmap:example.org: :campus-wlan?6453#refinement-2343

Kutscher / Ott / Bartsch Bootstrapping  Automating access to Service Map information in foreign networks Identify active Service Map service, i.e., in a foreign hotspot Obtain basic configuration information, e.g., Service Map URIs  Bootstrapping defined for different environments Broadcast/Multicast: FLUTE session on standardized multicast address; simpler variant (no FLUTE) as a fallback Unicast-only: IP-auto-configuration, resolving standardized bootstrapping URN through local DNS

Kutscher / Ott / Bartsch Security  Authenticity and integrity fundamental Service Map properties Have to preclude denial-of-service attacks by forged service information  Challenge: transceiver-model is based on changes to the information base by intermediaries Filtering and aggregation must still be possible Still, receivers cannot establish trust-relationship with every possible transceivers (scalability, operational issues)  Service Map approach: maintaining security properties of Service Maps fragments across the distribution chain Authenticated data structures based on Merkle hash trees Implemented with XML Digital Signatures

Kutscher / Ott / Bartsch Implementation  Infrastructure Service Map distribution servers  Client software Web-based client  Browser-based Service Map interface for online usage Mobile client  Offline client for smaller devices, mobile phones

Kutscher / Ott / Bartsch

Kutscher / Ott / Bartsch

Kutscher / Ott / Bartsch Experiences  Larger-scale campus WLAN application Setup, operations, measurements  Enhancing connectivity in mobile scenarios Employing service maps for scheduling network access Simulations

Kutscher / Ott / Bartsch Campus Scenario

Kutscher / Ott / Bartsch  Bootstrapping in campus environment  Using FLUTE via IP-Multicast  Providing data on 400 APs  Reasonable bandwidths: 1kB – 64kB  Good performance: about 2 – 16s Campus Evaluation

Kutscher / Ott / Bartsch Mobile Scenario Evaluation  Mobile user connectivity  WLAN emulation  Either with acquiring data on APs in proximity or with sensing and probing  Relatively simple connectivity algorithm Still 10% increase in Internet connectivity

Kutscher / Ott / Bartsch Upload server UUUU HTTPS Access control + anonymization Incoming database Aggregator Data set matching + freshness handling Dynamic database Integrator Provider database Mapping reports to known hotspots Service Maps Service Map Sender Distribution UUUU Service Map Transport Contribution

Kutscher / Ott / Bartsch Hotspot Displays Revisited

Kutscher / Ott / Bartsch Conclusions  Automating access to WLAN hotspots is a major challenge for making evolving WLAN-based applications usable  First developments are becoming eminent  But: no provider-independent approach available today  Network Service Maps as a general approach: Application- and provider-independent, supporting different transport services and organizational configurations  Recent results: Large-scale operation  Leveraging community contributions through contribution interface for user-observed hotspots

Kutscher / Ott / Bartsch Dirk Kutscher